Security Structure  «Prev  Next»
Lesson 3Security standards
ObjectiveSecurity Standards currently being used

Security Standards currently being used

What are the security standards currently being used?
In the quest for an effective security system, some basic services and standards are used. Security services as defined by ISO 7498-2 security architecture, are summarized in the MouseOver below.
These services will be examined in more detail in upcoming lessons. Mouse over each of the violet rectangles to receive additional information.

The process of proving identity, authentication services ensure the authenticity of an entity during communication and/or transfer of data.
Security Standards/ Security Services

Security mechanisms

The actual systems and software that provide the different security services are referred to by ISO as security mechanisms. These mechanisms are classified as either specific or pervasive. Specific mechanisms implement specific services. Encryption is a specific mechanism used for data confidentiality. Pervasive mechanisms are not related to a specific service. Examples of pervasive mechanisms include security labels and audit trails.

Government security standards

NSA and NIST jointly released a new series of standards called Trust Technology Assessment Program (TTAP).
TTAP defines seven security levels beginning with Evaluation Assurance Level (EAL) 1 and continuing through EAL 7 (the most secure level). TTAP is still in its early development and shows promise of defining in industry-wide security standardization.
Click the link below to review the standards of security.
Security Standards Definitions