Secure Open Systems an Investigation of Current Standardisation Efforts for Security in Open Systems
FYSISCH EN ELEKTRONISCH LAB TNO THE HAGUE (NETHERLANDS)
Pagination or Media Count:
This paper outlines the achievements of standardisation in the area of secure open systems. Security in open systems is a special problem since each element in an open system hardware, networks, operating systems, databases and other applications must be able to offer security in coordination with other elements. First, a new view on requirements for security is presented. Security requirements are studied from different angles openness, organisational structures, the value of information and services, social structures and security of the system itself. Next, the results of our investigation of current standardisation initiatives in the area of technical security in open systems are presented. Main conclusions are 1 None of the initiatives addresses all requirements for secure open systems. 2 None of the initiatives gives a solid basis for coordination of security between the clements of the open system. 3 All initiatives disregard the security functionality that is needed to map normal organisational structures and responsibilities. 4 Technical security ignores the needs for security that stem from society.
- Computer Systems Management and Standards