What are the security standards currently being used?
In the quest for an effective security system, some basic services and standards are used. Security services as defined by ISO 7498-2 security architecture, are summarized in the MouseOver below.
These services will be examined in more detail in upcoming lessons.
In the diagram below each of the violet rectangles is represented by a line of text below the diagram.
The actual systems and software that provide the different security services are referred to by ISO as security mechanisms. These mechanisms are classified as either specific or pervasive.
Specific mechanisms implement specific services. Encryption is a specific mechanism used for data confidentiality. Pervasive mechanisms are not related to a specific service. Examples of pervasive mechanisms include security labels and audit trails.
Government security standards
NSA and NIST jointly released a new series of standards called Trust Technology Assessment Program (TTAP).
TTAP defines seven security levels beginning with Evaluation Assurance Level (EAL) 1 and continuing through EAL 7 (the most secure
level). TTAP is still in its early development and shows promise of defining in industry-wide security standardization.
Click the link below to review the standards of security. Security Standards Definitions