Detaljer på forslag

Forslagstitel på sprog (en): Information technology – Open systems interconnection – Part 2: The Directory: Models – Amendment 2
Nummer:DSF/ISO/IEC 9594-2:2020/DAmd 2
Type:Forslag
Kilde:ISO
Udvalg:S-441
Udvalgsnavn:Cyber- og informationssikkerhed
Forslag udgivet:3. jun 2024
Kommentarfrist:2. aug 2024
Antal kommentarer:0
Beskrivelse af forslaget:This document provides a conceptual and terminological framework for the other ITU-T X.500-series Recommendations | parts of ISO/IEC 9594 which define various aspects of the Directory. The functional and administrative authority models define ways in which the Directory can be distributed, both functionally and administratively. Generic Directory System Agent (DSA) and DSA information models and an Operational Framework are also provided to support Directory distribution. The generic Directory Information Models describe the logical structure of the Directory Information Base (DIB) from the perspective of Directory and Administrative Users. In these models, the fact that the Directory is distributed, rather than centralized, is not visible. This Recommendation | International Standard provides a specialization of the generic Directory Information Models to support Directory Schema administration. The other ITU-T Recommendations in the X.500 series | parts of ISO/IEC 9594 make use of the concepts defined in this Recommendation | International Standard to define specializations of the generic information and DSA models to provide specific information, DSA and operational models supporting particular directory capabilities (e.g., Replication): a) the service provided by the Directory is described (in Rec. ITU-T X.511 | ISO/IEC 9594-3) in terms of the concepts of the information framework: this allows the service provided to be somewhat independent of the physical distribution of the DIB; b) the distributed operation of the Directory is specified (in Rec. ITU-T X.518 | ISO/IEC 9594-4) so as to provide that service, and therefore maintain that logical information structure, given that the DIB is in fact highly distributed; c) replication capabilities offered by the component parts of the Directory to improve overall Directory performance are specified (in Rec. ITU-T X.525 | ISO/IEC 9594-9). The security model establishes a framework for the specification of access control mechanisms. It provides a mechanism for identifying the access control scheme in effect in a particular portion of the Directory Information Tree (DIT), and it defines three flexible, specific access control schemes which are suitable for a wide variety of applications and styles of use. The security model also provides a framework for protecting the confidentiality and integrity of directory operations using mechanisms such as encryption and digital signatures. This makes use of the framework for authentication defined in Rec. ITU-T X.509 | ISO/IEC 9594-8 as well as generic upper layers security tools defined in Rec. ITU-T X.830 | ISO/IEC 11586-1. DSA models establish a framework for the specification of the operation of the components of the Directory. Specifically: a) the Directory functional model describes how the Directory is manifested as a set of one or more components, each being a DSA; b) the Directory distribution model describes the principals according to which the DIB entries and entry‑copies may be distributed among DSAs; c) the DSA information model describes the structure of the Directory user and operational information held in a DSA; d) the DSA operational framework describes the means by which the definition of specific forms of cooperation between DSAs to achieve particular objectives (e.g., shadowing) is structured.

Du kan kommentere på alle dele af dette dokument. Forslag vises i ét af to formater:

PDF-version
HTML-version

Hvis du ser indholdsfortegnelsen i venstre side, er det HTML-formatet. For at kommentere skal du åbne de enkelte afsnit ved at klikke på afsnittet i indholdsfortegnelsen.

Hvis du i stedet bliver bedt om at downloade et dokument, er det PDF-formatet. Du skal åbne dokumentet i et separat vindue og derefter kommentere ved at angive afsnitsnummer eller -tekst i "Sektion". Der er mere vejledning, når du har klikket på "Læs forslag".

For at afsende kommentar til Dansk Standard, skal du klikke på "Send kommentar" for det aktuelle afsnit.. Hvis du ønsker at arbejde videre med dine kommentarer, skal du i stedet klikke på "Gem kommentar til senere redigering".

Du kan tilføje og ændre i gemte kommentarer, men hvis du sender kommentaren, kan du ikke vende tilbage for at redigere.

Hvis du har gemte kommentarer, som ikke er afsendt, vil du, før høringsperioden udløber, blive mindet om, at du har ikke-afsendte kommentarer.