1、National Standard of Canada CAN/CSA-ISO/!IEC 101 81-5-00 (ISO/IEC 101 81 -91 996) CSA f NT E RNAT I ONAL . International Standard ISO/IEC 10181-5:1996 (first edition 1996-09-15) has been adopted without modification as CSA Standard CAN/CSA-ISO/IEC 10181-5-00, which has been approved as a National St
2、andard of Canada by the Standards Council of Canada. ISBN 1-55324-082-0 March 2000 Information technology - Open Systems Interconnection - Security frameworks for open systems: Confidentiality framework Technologies de /information - lnterconnexion de s ystemes ouverts (USI - Cadres g this remains t
3、he continuing responsibility of the accredited standards-development organization. Those who have a need to apply standards are encouraged to use National Standards of Canada whenever practicable. These standards are subject to periodic review; therefore, users are cautioned to obtain the latest edi
4、tion from the organization preparing the standard. The responsibility for approving National Standards of Canada rests with the Standards Council of Canada 45 OConnor Street, Suite 1200 Ottawa, Ontario, K1 P 6N7 Canada A National Standard of Canada is a standard which CSA INTERNATIONAL c . Les norme
5、s nationales du Canada sont publi6es en versions frangaise et anglaise. Although the intended primary application of this Standard is stated in its Scope, it is important to note that it remains the responsibility of the users to judge its suitability for their particular purpose. lnformation techno
6、logy - Open Systems Interconnection - Security frameworks for open systems: Confidentiality frumework CAN/CSA-ISO/IfC I 0 7 8 7 -5-00 CAN/CSA-ISO/IEC 101 81-5-00 Information technology - Open Systems Interconnection - Security fkamavorks for open systems: Confidentiality Famework CSA Preface Standar
7、ds development within the Information Technology sector is harmonized with international standards development. Through the CSA Technical Committee on Information Technology (TCIT), Canadians serve as the Canadian Advisory Committee (CAC) on ISO/IEC Joint Technical Committee 1 on Information Technol
8、ogy (ISO/IEC jTC1) for the Standards Council of Canada (SCC), the IS0 member body for Canada and sponsor of the Canadian National Committee of the IEC. Also, as a member of the International Telecommunication Union (ITU), Canada participates in the lnternational Telegraph and Telephone Consultative
9、Committee (ITU-T). This International Standard was reviewed by the CSA TClT under the jurisdiction of the Strategic Steering Committee on Information Technology and deemed acceptable for use in Canada. (A committee membership list is available on request from the CSA Project Manager.) From time to t
10、ime, ISO/IEC may publish addenda, corrigenda, etc. The CSA TClT will review these documents for approval and publication. For a listing, refer to the CSA Information Products catalogue or CSA lnfo Update or contact a CSA Sales representative. This Standard has been formally approved, without modific
11、ation, by these Committees and has been approved as a National Standard of Canada by the Standards Council of Canada. March 2000 0 CSA lnternational- 2000 All rights reserved. No part of this publication may be reproduced in any form whatsoever without the prior permission of the publisher, /SO/IEC
12、material is reprinted with permission. Inquiries regarding this National Standard of Canada should be addressed to CSA lnternationol, 7 78 Rexdale Boulevard, Toronto, Ontario, M9W 7 R3. March 2000 CSA/I I NT E R N AT I 0 N A L STANDARD ISO/IEC 10181-5 First edition 1996-09-1 5 Information technology
13、 - Open Systems Interconnection - Security frameworks for open systems: Confidentiality framework Technologies de /information - lnterconnexion de systemes ouverts (OS!) - Cadres genemux pour la sewrite des systemes ouverts: Cadre gengral de confidentialit4 Reference number ISO/IEC 10181-5:1996(E) C
14、ontents scope Normative references . 2.1 Identical Recommendations I International Standards 2.2 Definitions 3.1 Basic Reference Model definitions . 3.2 Security architecture definitions . 3.3 Security frameworks overview definitions . 3.4 Additional definitions . Abbreviations . Paired Recommendati
15、ons I International Standards equivalent in technical content General discussion of confidentiality . 5.1 Basic concepts . 5.1.1 Protection of information 5.1.2 Hide and reveal operations 5.2 5.3 Types of confidentiality mechanisms 5.4 Threats to confidentiality 5.4.1 5.4.2 Types of confidentiality
16、attacks Classes of confidentiality services Threats when confidentiality is provided through access prevention . Threats when confidentiality is provided through information hiding . Confidentiality policies 6.1 Policy expression 6.1.1 Information characterization . 6.1.2 Entity characterization Con
17、fidentiality infomation and facilities 5.5 7.1 Confidentiality infomation . 7.1.1 Hiding confidentiality information . 7.1.2 Revealing confidentiality infomation 7.2.1 Operation related facilities 7.2.1.1 Hide . 7.2.1.2 Reveal . 7.2.2 Management related facilities . 7.2 Confidentiality facilities Q
18、ISO/IEC 1996 All rights reserved . Unless otherwise specified. no part of this publication may be reproduced or utilized in any form or by any means. electronic or mechanical. including photocopying and microfilm. without permission in writing from the pubtisher . ISO/EC Copyright Office Case postal
19、e 56 . CH-121 I Genkve 20 Switzerland Page 1 2 2 2 2 2 3 3 3 4 4 4 4 5 5 6 6 6 7 7 7 8 8 8 8 8 8 9 9 9 9 9 9 0 ISO/IEC LSOAEC 10181-5:1996(E) 8 9 Confidentiality mechanisms. Confidentiality provision through access prevention Confidentiality protection through physical media protection Confidentiali
20、ty protection through routing control . 8.1 8.1.1 8.1.2 8.2 8.3 Confidentiality provision through . encipherment Confidentiality provision through dummy events . Confidentiality provision through time varying fields 8.2.1 Confidentiality provision through data padding . 8.2.2 8.2.3 Confidentiality p
21、rovision through PDU header protection . 8.2.4 Confidentiality provision through contextual location . Interactions with other security services and mechanisms . 9.1 Access Control Annex A . Confidentiality in the OS1 Reference Model Annex B . Example of a sequence of movements through different con
22、fidentiality protected environments . Annex C . Representation of Information Annex D . Covert Channels Annex E . Confidentiality Facilities Outline 10 10 10 10 10 10 11 11 11 11 12 12 13 15 16 17 18 . 111 Q ISO/IEC Foreword IS0 (the International Organization for Standardization) and IEC (the Inter
23、national Electrotechnical Commission) form the specialized system for worldwide standardization. National bodies that are members of IS0 or IEC participate in the development of International Standards through technical committees established by the respective organization to deal with particular fi
24、elds of technical activity. IS0 and IEC technical committees coIlaborate in fields of mutual interest. Other international organizations, governmental and non-governmental, in liaison with IS0 and IEC, also take part in the work. In the field of information technology, IS0 and IEC have established a
25、 joint technical committee, ISO/IEC JTC 1. Draft International Standards adopted by the joint technical committee are circulated to national bodies for voting. Publication as an International Standard requires approval by at least 75 96 of the national bodies casting a vote. International Standard I
26、SOEC 101 8 1-5 was prepared by Joint Technical Committee ISO/IEC JTC 1, Information technology, Subcommittee SC 2 1, Open Systems Interconnection, data management and open distributed processing, in collaboration with ITU-T. The identical text is published as ITU-T Recommendation X.814. ISOAEC 10181
27、 consists of the following parts, under the general title Information technobgy - Open Systems Interconnection - Security frameworks for open systems: - Part 1: Overview - Part 2: Authentication framework - Part 3: Access control framework - Part 4: Non-repudiation framework - Part 5: Confidentialit
28、y framework - Part 6: Integrity framework - Part 7: Security audit framework Annexes A to E of this part of ISO/IEC 10181 are for information only. iv ISO/TEC ISO/IEC 10181-5: 1996(E) Introduction Many Open Systems applications have security requirements which depend upon the prevention of disclosur
29、e of information. Such requirements may include the protection of information used in the provision of other security services such as authentication, access controls or integrity, that, if known by an attacker, could reduce or nullify the effectiveness of those services. Confidentiality is the prop
30、erty that information is not made available or disclosed to unauthorized individuals, entities, or processes. This Recommendation I International Standard defines a general framework for the provision of confidentiality services. V ISO/IEC 10181-5 1996 (E) INTFANATIONAL STANDARD ITTJ-T RECOMMENDATIO
31、N INFORMATION TECHNOLOGY - OPEN SYSTEMS INTERCONNECTION - SECURITY FRAMEWORKS FOR OPEN SYSTEMS: CONFIDENTIALITY FRAMEWORK 1 Scope This Recornmendation I International Standard on Security Frameworks for Open Systems addresses the application of security services in an Open Systems environment, where
32、 the term “Open System” is taken to include areas such as Database, Distributed Applications, Open Distributed Processing and OX. The Security Frameworks are concerned with defining the means of providing protection for systems and objects within systems, and with the interactions between systems. T
33、he Security Frameworks are not concerned with the methodology for constructing systems or mechanisms. The Security Frameworks address both data elements and sequences of operations (but not protocol elements) which may be used to obtain specific security services. These security services may apply t
34、o the communicating entities of systems as well as to data exchanged between systems, and to data managed by systems. This Recommendation I International Standard addresses the confidentiality of information in retrieval, transfer and management. It: 1) defines the basic concepts of confidentiality;
35、 2) identifies possible classes of confidentiality mechanisms; 3) classifies and identifies facilities for each class of confidentiality mechanisms; 4) identifies management required to support the classes of confidentiality mechanism; and 5) addresses the interaction of confidentidity mechanism and
36、 the supporting services with other security services and mechanisms. A number of different types of standards can use this framework, including: 1) standards that incorporate the concept of confidentiality; 2) standards that specify abstract services that include confidentiality; 3) standards that
37、specify uses of a confidentiality service; 4) standards that specify means of providing confidentiality within an open system architecture; and 5) standards that specify confidentiaIity mechanisms. Such standards can use this framework as follows: - standards of type I), 2), 3), 4) and 5) can use th
38、e terminology of this framework; - standards of type 2), 3), 4) and 5) can use the facilities defined in clause 7 of this framework; - standards of type 5) can be based upon the classes of mechanism defined in clause 8 of this framework. As with other security services, confidentiality can only be p
39、rovided within the context of a defined security policy for a particular application. The definitions of specific security policies are outside the scope of this Recommendation I International Standard. It is not a matter for this Recommendation I International Standard to specify details of the pro
40、tocol exchanges which need to be performed in order to achieve confidentiality. This Recommendation I International Standard does not specify particular mechanisms to support these confidentiality services nor the full details of security management services and protocols. Generic mechanisms to supp
41、ort confidentiality are described in clause 8. ITU-T RCS. X.814 (1995 E) 1 ISO/lEC 10181-5 : 1996 (E) Some of the procedures described in this security framework achieve confidentiality by the application of cryptographic techniques. This framework is not dependent on the use of particular cryptogra
42、phic or other algorithms, although certain classes of confidentiality mechanisms may depend on particular algorithm properties. NOTE - Although IS0 does not standardize cryptographic algorithms, it does standardize the procedures used to register them in ISOlIEC 9979: 199 I, Procedures for the regis
43、tration of criptographic algorithms. This framework addresses the provision of confidentiality when the information is represented by data that are read- accessible to potential attackers. Its scope includes trafik flow confidentiality. 2 Normative references The following Recommendations and Intern
44、ational Standards contain provisions which, through reference in this text, constitute provisions of this Recommendation I International Standard. At the time of publication, the editions indicated were valid. All Recommendations and Standards are subject to revision, and parties to agreements based
45、 on this Recommendation I International Standard are encouraged to investigate the possibility of applying the most recent edition of the Recommendations and Standards listed below. Members of IEC and IS0 maintain registers of currently valid International Standards. The Telecommunication Standardiz
46、ation Bureau of the ITU maintains a list of currently valid ITU-T Recommendations. 2.1 Identical Recommendations I International Standards - ITU-T Recommendation X.200 (1994) I ISO/IEC 7498-1:1994, Information technology - Upen Systems Interconnection - Basic Reference Model: The Basic Model. ITU-T
47、Recommendation X.233 (1993) I ISO/IEC 8473-1:1994, Information technology - Protocol for providing the connecrionless-mode Network service: Protocol specification. ITU-T Recommendation X.273 (1994) I ISO/IEC 11577:1995, Information rechnology - Open Systems Interconnection - Network layer security p
48、rotocol. ITU-T Recornmendation X.274 (1994) I ISOEC 10736: 1995, Information technology - Telecommunica- tion and information exchange between systems - Transport layer security protocol. ITU-T Recommendation X.810 (1995) 1 ISO/IEC 10181-1: 1996, Information technology - Open Systems Interconnection
49、 - Security frameworks for open systems: Overview. ITU-T Recommendation X.812 (1995) I ISODEC 10181-3: 1996, Infonnation technology - Open Systems Interconnection - Security frameworks for open systems: Access control framework. - - - - - 2.2 Paired Recommendations I International Standards equivalent in technical content - CCITT Recommendation X.800 (1991), Security architecture for Open System Interconnection for CCIiT applications. IS0 7498-2: 1989, Information processing systems - Open System Interconnection - Basic Reference Model - Part 2: Security Architecture. 3 Definitions For
