Active
, Modified
Standard
Most Recent
NBN ISO/IEC 9594-8:2021
Information technology — Open systems interconnection — Part 8: The Directory: Public-key and attribute certificate frameworks
Preview
Summary
This Recommendation | International Standard addresses some of the security requirements in the areas of authentication
and other security services through the provision of a set of frameworks upon which full services can be based.
Specifically, this Recommendation | International Standard defines frameworks for:
– public-key certificates; and
– attribute certificates.
The public-key certificate framework defined in this Recommendation | International Standard specifies the information
objects and data types for a public-key infrastructure (PKI), including public-key certificates, certificate revocation lists
(CRLs), trust broker and authorization and validation lists (AVLs). The attribute certificate framework specifies the
information objects and data types for a privilege management infrastructure (PMI), including attribute certificates, and
attribute certificate revocation lists (ACRLs). This Recommendation | International Standard also provides the framework
for issuing, managing, using and revoking certificates. An extensibility mechanism is included in the defined formats for
both certificate types and for all revocation list schemes. This Recommendation | International Standard also includes a
set of extensions, which is expected to be generally useful across a number of applications of PKI and PMI. The schema
components (including object classes, attribute types and matching rules) for storing PKI and PMI information in a
directory, are included in this Recommendation | International Standard.
This Recommendation | International Standard specifies the framework for strong authentication, involving credentials
formed using cryptographic techniques. It is not intended to establish this as a general framework for authentication, but
it can be of general use for applications which consider these techniques adequate.
Authentication (and other security services) can only be provided within the context of a defined security policy. It is a
matter for users of an application to define their own security policy.
and other security services through the provision of a set of frameworks upon which full services can be based.
Specifically, this Recommendation | International Standard defines frameworks for:
– public-key certificates; and
– attribute certificates.
The public-key certificate framework defined in this Recommendation | International Standard specifies the information
objects and data types for a public-key infrastructure (PKI), including public-key certificates, certificate revocation lists
(CRLs), trust broker and authorization and validation lists (AVLs). The attribute certificate framework specifies the
information objects and data types for a privilege management infrastructure (PMI), including attribute certificates, and
attribute certificate revocation lists (ACRLs). This Recommendation | International Standard also provides the framework
for issuing, managing, using and revoking certificates. An extensibility mechanism is included in the defined formats for
both certificate types and for all revocation list schemes. This Recommendation | International Standard also includes a
set of extensions, which is expected to be generally useful across a number of applications of PKI and PMI. The schema
components (including object classes, attribute types and matching rules) for storing PKI and PMI information in a
directory, are included in this Recommendation | International Standard.
This Recommendation | International Standard specifies the framework for strong authentication, involving credentials
formed using cryptographic techniques. It is not intended to establish this as a general framework for authentication, but
it can be of general use for applications which consider these techniques adequate.
Authentication (and other security services) can only be provided within the context of a defined security policy. It is a
matter for users of an application to define their own security policy.
Technical characteristics
| Publisher | Bureau de Normalisation Belge (NBN) |
| Publication Date | 06/16/2021 |
| Page Count | 225 |
| EAN | --- |
| ISBN | --- |
| Weight (in grams) | --- |
Modified by
Previous versions
16/06/2021
Active
, Modified
Most Recent
No products.