INTERNATIONAL ISO

STANDARD 7498-2
First edition
1989-02-15

Information processing Systems - Open

Systems Interconnection - Basic Reference
Model -
Part 2 :
Security Architecture

S ystkmes de traitement de rinformation - lnterconnexion de s yst&mes ouverts -

Modele de rdfkrence de base -
Partie 2 : Architecture de s&urit&

Reference number
ISO 7498-2 : 1989 (El
ISO 7488-2 : 1989 (EI

Foreword
ISO (the international Organization for Standardization) is a worldwide federation of
national Standards bodies (ISO member bodies). The work of preparing International
Standards is normally carried out through ISO technical committees. Esch member
body interested in a subject for which a technical committee has been established has
the right to be represented on that committee. International organizations, govern-
mental and non-governmental, in liaison with ISO, also take part in the work. ISO
collaborates closely with the International Electrotechnical Commission (IEC) on all
matters of electrotechnical standardization.

Draft International Standards adopted by the technical committees are circulated to

the member bodies for approval before their acceptance as International Standards by
the ISO Council. They are approved in accordance with ISO procedures requiring at
least 75 % approval by the member bodies voting.

International Standard ISO 7498-2 was prepared by Technical Committee ISO/TC 97,
Information processing s ys tems.

Users should note that all International Standards undergo revision from time to time
and that any reference made herein to any other International Standard implies its
latest edition, unless otherwise stated.

0 International Organkation for Standardkation, 1989

Printed in Switzerland
 ISO 7488-2 : 1989 (E)

Contents

Page

0 Introduction .......................................................................... 1

1 Scope and Field of Application ........................................................... 1

2 References ........................................................................... 1

3 Definitions ........................................................................... 2

4 Notation ............................................................................. 4

5 General description of security Services and mechanisms ..................................... 4

5.1 Overview ........................................................................ 4
5.2 Securityservices .................................................................. 4
5.3 Specific security mechanisms ....................................................... 5
5.4 Pervasive security mechanisms ...................................................... 7
5.5 Illustration of relationship of security Services and mechanisms ............................ 8

6 The relationship of Services, mechanisms and layers ........................................ 8

6.1 Security layering principles ......................................................... 8
6.2 Model of Invocation, Management and Use of Protected (N)-Services ....................... 9

7 Placement of security Services and mechanisms ............................................ 12

7.1 Physical layer .................................................................... 12
7.2 Datalinklayer .................................................................... 12
7.3 Network layer .................................................................... 12
7.4 Transport layer ................................................................... 14
7.5 Sessionlayer ..................................................................... 14
7.6 Presentation layer ................................................................. 14
7.7 Application layer .................................................................. 15
7.8 Illustration of relationship of security Services and layers ................................. 16

8 Security management .................................................................. 17

8.1 General ......................................................................... 17
8.2 Categories of OSI security management .............................................. 17
8.3 Specific System security management activities ......................................... 18
8.4 Security mechanism management functions ........................................... 18

Annexes
A Background information on security in OSI .......................................................... 21
B Justification for security Service placement in clause 7 ................................................ 29
C Choice of Position of encipherment for applications. .................................................. 32

...
Ill
INTERNATIONAL STANDARD ISO 7498-2 : 1989 (EI

Information processing Systems - Open Systems

Interconnection - Basic Reference Model -
Part 2 :
Security Architecture

0 Introduction b) defines the positions within the Reference Model

where the Services and mechanisms may be provided.
ISO 7498 describes the Basic Reference Model for Open
Systems Interconnection (OSI). That part of ISO 7498
establishes a framework for coordinating the development This part of ISO 7498 extends the field of application of
of existing and future Standards for the interconnection of ISO 7498, to cover secure communications between open
Systems. Systems.

The objective of OSI is to permit the interconnection of

heterogeneous Computer Systems so that useful commu- Basic security Services and mechanisms and their
nication between application processes may be achieved. appropriate placement have been identified for all layers
At various times, security controls must be established in of the Basic Reference Model. In addition, the architec-
Order to protect the information exchanged between the tural relationships of the security Services and mechan-
application processes. Such controls should make the tost isms to the Basic Reference Model have been identified.
of obtaining or modifying data greater than the potential Additional security measures may be needed in end-
value of so doing, or make the time required to obtain the Systems, installations and organizations. These measures
data so great that the value of the data is lost. apply in various application contexts. The definition of
security Services needed to support such additional
This part of ISO 7498 defines the general security-related security measures is outside the scope of this Standard.
architectural elements which tan be applied appropriately
in the circumstances for which protection of communica-
tion between open Systems is required. lt establishes, OSI security functions are concerned only with those
within the framework of the Reference Model, guidelines visible aspects of a communications path which permit end
and constraints to improve existing Standards or to develop Systems to achieve th,e secure transfer of information
new Standards in the context of OSI in Order to allow secure between them. OSI Security is not concerned with secu-
communications and thus provide a consistent approach rity measures needed in end Systems, installations, and
to security in OSI. organizations, except where these have implications on the
choice and Position of security Services visible in OSI.
A background in security will be helpful in understanding These Iatter aspects of security may be standardized but
this document. The reader who is not well versed in not within the scope of OSI Standards.
security is advised to read annex A first.

This part of ISO 7498 extends the Basic Reference Model This part of ISO 7498 adds to the concepts and principles
to cover security aspects which are general architectural defined in ISO 7498; it does not modify them. lt is not an
elements of communications protocols, but which are not implementation specification, nor is it a basis for appraising
discussed in the Basic Reference Model. the conformance of actual implernentations.

1 Scope and field of application

2 References
This part of ISO 7498:
a) provides a general description of security Services ISO 7498 Information processing sys tems
and related mechanisms, which may be provided by the - Open Systems Interconnection
Reference Model; and . - Basic Reference Model.
ISO 7498-2 : 1989 (El

ISO 7498-4 Information processing Systems 3.3.1 access control: The prevention of unauthorized use
- Open Systems Interconnection of a resource, including the prevention of use of a resource
- Basic Reference Model in an unauthorized manner.
- Part 4: Management Framework?
3.3.2 access control list: A list of entities, together with
ISO 7498IAdd.l Information processing Systems their access rights, which are authorized to have access
- Open Systems Interconnection to a resource.
- Basic Reference Model
- Addendum 1: Connectionless-mode
3.3.3 accountability: The property that ensures that the
transmission.
actions of an entity may be traced uniquely to the entity.
ISO 8648 Information processing sys tems
- Open Systems Interconnection 3.3.4 active threat: The threat of a deliberate
- Internal organization of the Network unauthorized Change to the state of the System.
Layer:
NOTE - Examples of security-relevant active threats may be:
modification of messages, replay of messages, insertion of
3 Definitions and abbreviations spurious messages, masquerading as an authorized entity and
denial of Service.
3.1 This part of ISO 7498 builds on concepts developed
in ISO 7498 and makes use of the following terms defined
3.3.5 audit: see security audit.
in it:

a) (N)-connection; 3.3.6 audit trail: see security audit trail.

b) (N)-data-transmission;
c) (N)-entity; 3.3.7 authentication: see data origin authentication,
d ) (N)-facility; and peer entity authentication.
e ) (N)-layer;
f) open System; NOTE - In this part of 7498 the term “authentication” is not used
g) peer entities; in connection with data integrity; the term “data integrity” is used
h ) (N)-protocol; instead.
j) (N)-protocol-data-unit;
k) (N)-relay; 3.3.8 authentication information: Information used to
I ) routing; establish the validity of a claimed identity.
m)sequencing;
n ) (N)-Service; 3.3.9 authentication exchange: A mechanism intended
p) (N)-service-data-unit; to ensure the identity of an entity by means of information
q ) (N)-user-data; exchange.
r) subnetwork;
s) OSI resource; and
3.3.10 authorization: The granting of rights, which
t ) transfer Syntax.
includes the granting of access based on access rights.
3.2 This patt of 7498 uses the following terms drawn from
the respective International Standards. 3.3.11 availability: The property of being accessible and
useable upon demand by an authorized entity.
Connectionless Mode
Transmission (ISO 74981Add.l) 3.3.12 capability: A token used as an identifier for a
End System (ISO 7498) resource such that possession of the token confers access
Relaying and routing function (ISO 8648) rights for the resource.
UNITDATA (ISO 7498)
Management Information 3.3.13 channel: An information transfer path.
Base (MIB) (ISO 7498-4)

In addition, the following abbreviations are used: 3.3.14 ciphertext: Data produced through the use of
encipherment. The semantic content of the resulting data
OSI for Open Systems Interconnection; is not available.
SDU for Service Data Unit;
SMIB for Security Management Information Base; and NOTE - Ciphertext may itself be input to encipherment, such
MIB for Management Information Base. that super-enciphered output is produced.

3.3 For the purpose of this patt of ISO 7498, the following 3.3.15 cleartext: Intelligible data, the semantic content
definitions apply: of which is available.

3.3.16 confidentiality: The property that information is

1) At present at the Stage of draft: publication anticipated in due not made available or disclosed to unauthorized indivi-
course duals, entities, or processes.