INFORMATION TECHNOLOGY - SECURITY TECHNIQUES AND STANDARDIZATION

作     者：KRAUSE, L 

作者机构：NATL RES CTR COMP SCIGMDD-52737 ST AUGUSTINGERMANY 

出 版 物：《COMPUTER STANDARDS & INTERFACES》 (计算机标准和接口)

年 卷 期：1995年第17卷第1期

页      面：63-67页

核心收录：

学科分类：08[工学] 0835[工学-软件工程] 0812[工学-计算机科学与技术（可授工学、理学学位）] 

主　　题：CRYPTOGRAPHY AUTHENTICATION ACCESS CONTROL CONFIDENTIALITY DATA INTEGRITY NON-REPUDIATION CRYPTOGRAPHIC ALGORITHM MODES OF OPERATION TRAPDOOR KEY MANAGEMENT KEY DISTRIBUTION SECRET KEY PUBLIC KEY ASYMMETRIC ALGORITHM SYMMETRICAL ALGORITHM INFORMATION OBJECTS MANAGEMENT GUIDELINES HASH FUNCTION DIGITAL SIGNATURE EVALUATION CRITERIA 

摘      要：A brief history of international standardization of IT security techniques is given beginning with the first working group within ICO/TC97 in 1980. Nowadays security is dealt with by an increasing number of standardization committees. Many of these however are considering security techniques within the framework of other topics such as architecture or special applications. The GMD participates in some of these committees especially in the subcommittee ISO/IEC JTC 1/SC 27 which is standardizing generic IT security techniques and mechanisms. The emphasis of this article is on the work of SC27. The scope and a short description of the programme of work of SC27 is given including the most important security mechanisms based on cryptography relating, for instance, to authentication, access control, confidentiality, data integrity, and non-repudiation. The results of a discussion, whether cryptographic algorithms should be standardized or not, are described. The classification of IT security standards is given to set up a link to the environment of IT security techniques and mechanisms.