iTeh StandardsiTeh Standards
EURUSD
Your shopping cart is empty.
ISO

ISO/IEC TR 10032:2003

(Main)

Information technology — Reference Model of Data Management

Information technology — Reference Model of Data Management

ISO/IEC TR 10032:2003 defines the ISO Reference Model of Data Management. It establishes a framework for coordinating the development of existing and future standards for the management of persistent data in information systems. ISO/IEC TR 10032:2003 defines common terminology and concepts pertinent to all data held within information systems. Such concepts are used to define more specifically the services provided by particular data management components, such as database management systems or data dictionary systems. The definition of such related services identifies interfaces which may be the subject of future standardization. ISO/IEC TR 10032:2003 does not specify services and protocols for data management. ISO/IEC TR 10032:2003 is neither an implementation specification for systems, nor a basis for appraising the conformance of implementations. The scope of ISO/IEC TR 10032:2003 includes processes which are concerned with handling persistent data and their interaction with processes particular to the requirements of a specific information system. This includes common data management services such as those required to define, store, retrieve, update, maintain, backup, restore and communicate applications and dictionary data. The scope of ISO/IEC TR 10032:2003 includes consideration of standards for the management of data located on one or more computer systems, including services for distributed database management. ISO/IEC TR 10032:2003 does not include within its scope common services normally provided by an operating system including those processes which are concerned with specific types of physical storage devices, specific techniques for storing data, and specific details of communications and human computer interfaces.

Technologies de l'information — Modèle de référence pour la gestion de données

General Information

Status
Published
Publication Date
29-Oct-2003
ICS
35.100.70 - Application layer
Technical Committee
ISO/IEC JTC 1/SC 32 - Data management and interchange
Drafting Committee
ISO/IEC JTC 1/SC 32 - Data management and interchange
Current Stage
9060 - Close of review
Start Date
18-Dec-2012
Completion Date
19-Dec-2012
Ref Project

Relations

Revises
ISO/IEC 10032:1995 - Information technology — Reference Model of Data Management
Effective Date
15-Apr-2008

Buy Standard

ISO/IEC TR 10032:2003 - Information technology -- Reference Model of Data ManagementISO/IEC TR 10032:2003 - Information technology -- Reference Model of Data Management
PreviousNext
Technical report
ISO/IEC TR 10032:2003 - Information technology -- Reference Model of Data Management
English language
48 pages
sale 15% off
Preview
sale 15% off
Preview

Standards Content (Sample)

TECHNICAL ISO/IEC
REPORT TR
10032
First edition
2003-11-01


Information technology — Reference
Model of Data Management
Technologies de l'information — Modèle de référence pour la gestion
de données




Reference number
ISO/IEC TR 10032:2003(E)
©
ISO/IEC 2003

---------------------- Page: 1 ----------------------
ISO/IEC TR 10032:2003(E)
PDF disclaimer
This PDF file may contain embedded typefaces. In accordance with Adobe's licensing policy, this file may be printed or viewed but
shall not be edited unless the typefaces which are embedded are licensed to and installed on the computer performing the editing. In
downloading this file, parties accept therein the responsibility of not infringing Adobe's licensing policy. The ISO Central Secretariat
accepts no liability in this area.
Adobe is a trademark of Adobe Systems Incorporated.
Details of the software products used to create this PDF file can be found in the General Info relative to the file; the PDF-creation
parameters were optimized for printing. Every care has been taken to ensure that the file is suitable for use by ISO member bodies. In
the unlikely event that a problem relating to it is found, please inform the Central Secretariat at the address given below.


©  ISO/IEC 2003
All rights reserved. Unless otherwise specified, no part of this publication may be reproduced or utilized in any form or by any means,
electronic or mechanical, including photocopying and microfilm, without permission in writing from either ISO at the address below or
ISO's member body in the country of the requester.
ISO copyright office
Case postale 56 • CH-1211 Geneva 20
Tel. + 41 22 749 01 11
Fax + 41 22 749 09 47
E-mail copyright@iso.org
Web www.iso.org
Published in Switzerland

ii © ISO/IEC 2003 — All rights reserved

---------------------- Page: 2 ----------------------
ISO/IEC TR 10032:2003(E)
Contents Page
Foreword. vi
Introduction . vii
1 Scope. 1
2 Terms and definitions. 1
3 Symbols and abbreviations . 7
3.1 Symbols . 7
3.1.1 Persistent data . 7
3.1.2 Communications linkage. 7
3.1.3 Processing linkage . 7
3.1.4 Process class . 7
3.1.5 Processor class. 8
3.1.6 Processor class with service interface. 8
3.1.7 Class names . 8
3.2 Abbreviations . 8
4 Data Management Requirements . 9
4.1 Purpose. 9
4.2 Information systems . 9
4.2.1 Context of Data Management in an Information System . 9
4.3 Database and schema . 10
4.4 Data Modelling Facility . 11
4.5 Data independence . 11
4.6 Data management services. 11
4.7 Processors and interfaces . 12
4.8 Access control . 12
4.8.1 Definition and modification of access control privileges . 12
4.8.2 Enforcement of access control . 12
4.8.3 Security external to data management . 13
4.9 Operational requirements to support data management. 13
4.9.1 Information systems life cycle support . 13
4.9.2 Configuration management, version control and variants. 14
4.9.3 Concurrent processing. 14
4.9.4 Database transaction management . 14
4.9.5 Performance engineering. 15
4.9.6 Referencing data . 15
4.9.7 Extensible Data Modelling Facility . 15
4.9.8 Support for different Data Modelling Facilities at user interface. 15
4.9.9 Audit trails. 15
4.9.10 Recovery . 15
4.9.11 Logical data restructuring. 15
4.9.12 Physical storage reorganization. 16
4.10 Additional operational requirements to support data management in a distributed
information system . 16
4.10.1 Distribution control. 17
4.10.2 Database transaction management . 18
4.10.3 Communications . 18
4.10.4 Export/import. 18
4.10.5 Distribution independence. 18
4.10.6 System autonomy . 18
4.10.7 Recovery of a distributed database . 18
4.11 Dictionary systems . 18
© ISO/IEC 2003 — All rights reserved iii

---------------------- Page: 3 ----------------------
ISO/IEC TR 10032:2003(E)
5 Concepts for data level pairs and related processes.19
5.1 Purpose .19
5.2 Level pairs.19
5.2.1 Interlocking level pairs .19
5.2.2 Recursive use of level pairs .20
5.2.3 Operations on level pairs .21
5.3 Dependence of level pairs on a Data Modelling Facility .21
5.3.1 Level pairs and data structuring rules .21
5.3.2 Level pairs and data manipulation rules.21
5.4 Level pairs and associated processes.22
5.5 Access control for level pairs .24
5.6 Schema modification .24
6 Architectural model.24
6.1 Purpose .24
6.2 Modelling concepts.24
6.2.1 Characteristics of Reference Model processors.25
6.2.2 Levels of abstraction .25
6.2.3 Notation for processors.25
6.3 The generic model of data management .26
6.3.1 Generic Database Controller.27
6.3.2 User Processor.27
6.3.3 User.28
6.4 Specialization of the model in different environments.28
6.5 Database environment.28
6.6 Distributed data management.29
6.6.1 Distribution Controller .31
6.6.2 Role of Distribution Controller and level pairs.31
6.7 Export/Import model .31
6.8 Access Control for Data Management .32
7 Objectives and principles for data management standardization .33
7.1 Purpose .33
7.2 Technical objectives associated with data management standardization.34
7.2.1 Support for all distributed scenarios .34
7.2.2 Location independence .34
7.2.3 Standardized database transaction management .35
7.2.4 Export and import of databases .35
7.2.5 Reduced complexity of handling data.36
7.2.6 Overall performance in distributed scenarios.36
7.2.7 Data independence.36
7.2.8 Application portability .36
7.2.9 Extensible Data Modelling Facility .36
7.2.10 Flexible presentation of data to users .36
7.3 Means of achieving objectives.36
7.3.1 Same data modelling facility for each level pair .37
7.3.2 Same interchange mechanism for all level pairs .37
7.3.3 Same processors usable for all level pairs .37
7.3.4 Standardized services at Database Controller interface.38
7.3.5 Standardized approach to access control.38
7.3.6 Standardized representation of data needed to facilitate interoperability.38
7.3.7 Support data fragmentation .38
7.3.8 Separation of logical and physical structures .38
7.3.9 Access to schema during execution.38
7.3.10 User data modelling facility different from interchange data modelling facility .39
7.4 Aspects of data management standards .39
7.4.1 Categories of data management standard .39
7.4.2 Role of a data modelling facility in standardization .40
7.4.3 Standardization styles .40
Annex A (informative) Related International Standards .41
iv © ISO/IEC 2003 — All rights reserved

---------------------- Page: 4 ----------------------
ISO/IEC TR 10032:2003(E)
Annex B (informative) Relationship of existing and developing database standards to the
architecture of the Reference Model of Data Management . 42

© ISO/IEC 2003 — All rights reserved v

---------------------- Page: 5 ----------------------
ISO/IEC TR 10032:2003(E)
Foreword
ISO (the International Organization for Standardization) and IEC (the International Electrotechnical
Commission) form the specialized system for worldwide standardization. National bodies that are members of
ISO or IEC participate in the development of International Standards through technical committees
established by the respective organization to deal with particular fields of technical activity. ISO and IEC
technical committees collaborate in fields of mutual interest. Other international organizations, governmental
and non-governmental, in liaison with ISO and IEC, also take part in the work. In the field of information
technology, ISO and IEC have established a joint technical committee, ISO/IEC JTC 1.
International Standards are drafted in accordance with the rules given in the ISO/IEC Directives, Part 2.
The main task of the joint technical committee is to prepare International Standards. Draft International
Standards adopted by the joint technical committee are circulated to national bodies for voting. Publication as
an International Standard requires approval by at least 75 % of the national bodies casting a vote.
In exceptional circumstances, the joint technical committee may propose the publication of a Technical Report
of one of the following types:
— type 1, when the required support cannot be obtained for the publication of an International Standard,
despite repeated efforts;
— type 2, when the subject is still under technical development or where for any other reason there is the
future but not immediate possibility of an agreement on an International Standard;
— type 3, when the joint technical committee has collected data of a different kind from that which is
normally published as an International Standard (“state of the art”, for example).
Technical Reports of types 1 and 2 are subject to review within three years of publication, to decide whether
they can be transformed into International Standards. Technical Reports of type 3 do not necessarily have to
be reviewed until the data they provide are considered to be no longer valid or useful.
Attention is drawn to the possibility that some of the elements of this document may be the subject of patent
rights. ISO and IEC shall not be held responsible for identifying any or all such patent rights.
ISO/IEC TR 10032, which is a Technical Report of type 3, was prepared by Joint Technical Committee
ISO/IEC JTC 1, Information technology, Subcommittee SC 32, Data management and interchange.
vi © ISO/IEC 2003 — All rights reserved

---------------------- Page: 6 ----------------------
ISO/IEC TR 10032:2003(E)
Introduction
ISO, in specifying a Reference Model of Data Management, recognizes that there are many implementors of
data management systems. It is inevitable that different implementors use different terms to specify or refer to
similar data management functions. Furthermore, the use of the same term to describe different functions is
also common. There is a clear need to standardize the data management functions. This Technical Report
fulfils that role by presenting a Reference Model of Data Management and defining the areas of this model
which lend themselves to standardization.
This Technical Report defines the Reference Model of Data Management. It provides a common basis for the
coordination of standards development for the purpose of data management, while allowing existing and
emerging standards to be placed into perspective.
The term “data management” includes the description, creation, modification, use and control of data in
information systems. Such data management functions may be performed as a common service for
information systems applications. Alternatively, each application may define and control the data relevant to it.
In the case in which data management functions are performed as a common service, it is desirable to provide
standardized facilities for data access and control in order to permit the sharing of data by a number of users.
Such standardization requires the determination of a number of interfaces for which individual standards may
be developed.
The objectives of this Technical Report are to provide a framework allowing, within the scope specified in
Clause 1, for the following:
a) identification of interfaces;
b) positioning all such interfaces relative to each other;
c) identification of facilities provided at each interface;
d) identification of the process which supports each interface and, where appropriate, of the data required
for such support;
e) positioning the use of the interfaces in terms of an information systems life cycle; and
f) identification of the binding alternatives associated with each appropriate identified interface.
There are three major objectives which are applied in this Technical Report to data management
standardization. These are as follows:
a) Shareability of resources;
b) Minimize cost of supporting an information system over its life cycle;
c) Optimum use of standardization effort.
The shareability of resources objective applies to both information resources as represented by data in
databases and to processor resources of the kind described in Clause 6. There is particular emphasis on the
shareability of information resources located at different places and developed using different hardware and
software. All shareability of resources is subject to access control.
The objective of minimizing the cost of supporting an information system applies to all phases of the
information system life cycle, including design, development, operation and maintenance costs.
© ISO/IEC 2003 — All rights reserved vii

---------------------- Page: 7 ----------------------
ISO/IEC TR 10032:2003(E)
The objective associated with the optimum use of standardization effort refers to reducing the number of
standards required and to simplifying the content of such standards.
This Technical Report identifies areas for developing or improving standards, and provides a common
framework for maintaining consistency of all related standards.
This Technical Report provides a framework which allows teams of experts to work productively and
independently on the development of standards for different components of information systems.
This Technical Report has sufficient generality to accommodate the development of new standards in
response to advances in technology.
The description of the Reference Model of Data Management given in this Technical Report is presented as
follows:
 Clause 4 introduces data management and the requirements based on information systems;
 Clause 5 explains the data concepts that are required for the Reference Model and how they relate to
each other and the process concepts;
 Clause 6 provides an architectural model within which different data and processing components relevant
to data management can be placed;
 Clause 7 describes the objectives and principles for data management standardization;
 Annex A is a list of related International Standards;
 Annex B shows how the existing and future SC 21/WG3 standards relate to the architectural model
described in Clause 6;
This Technical Report specifies the classes of services that are expected to be provided by data management,
and it provides a framework which describes the way in which they are related to each other. However, data
management does not exist in isolation but within an environment providing other services such as data
storage and communication, as is described in Clause 4.
Prior to completion of work on this Technical Report, data management standards were developed within
ISO/IEC as indicated in Annex A of this document. The positioning of such International Standards using this
Reference Model of Data Management is described in Annex B.

viii © ISO/IEC 2003 — All rights reserved

---------------------- Page: 8 ----------------------
TECHNICAL REPORT ISO/IEC TR 10032:2003(E)

Information technology — Reference Model of Data
Management
1 Scope
This Technical Report defines the ISO Reference Model of Data Management. It establishes a framework for
coordinating the development of existing and future standards for the management of persistent data in
information systems. See Annex A for references to existing data management standards.
This Technical Report defines common terminology and concepts pertinent to all data held within information
systems. Such concepts are used to define more specifically the services provided by particular data
management components, such as database management systems or data dictionary systems. The definition
of such related services identifies interfaces which may be the subject of future standardization.
This Technical Report does not specify services and protocols for data management. This Technical Report is
neither an implementation specification for systems, nor a basis for appraising the conformance of
implementations.
The scope of this Technical Report includes processes which are concerned with handling persistent data and
their interaction with processes particular to the requirements of a specific information system. This includes
common data management services such as those required to define, store, retrieve, update, maintain,
backup, restore, and communicate applications and dictionary data.
The scope of this Technical Report includes consideration of standards for the management of data located
on one or more computer systems, including services for distributed database management.
This Technical Report does not include within its scope common services normally provided by an operating
system including those processes which are concerned with specific types of physical storage devices,
specific techniques for storing data, and specific details of communications and human computer interfaces.
A data management standard defines services provided at an interface. It does not impose limitations on how
processes are implemented.
2 Terms and definitions
For the purposes of this document, the following terms and definitions apply.
The definitions provided in this clause aim to specify the most technical use of the terms in this Technical
Report. The introduction to each term may be presented in a simpler informal description. Some of the terms
are defined in other standards, but the following definitions are provided for use in the specific context of data
management.
2.1
access control
the prevention of unauthorized use of a resource, including the prevention of use of a resource in an
unauthorized manner. For data management purposes, access control relates to the enabling of authorized
access to data and the prevention of unauthorized access. Access control determines the processes which a
user may perform
© ISO/IEC 2003 — All rights reserved 1

---------------------- Page: 9 ----------------------
ISO/IEC TR 10032:2003(E)
2.2
access control data
a collection of data associated with the definition or modification of access control privileges
2.3
access control mechanism
a mechanism which may be used to enforce a security policy
2.4
application
the data manipulation and processing operations that are related to specific requirements of an information
system
2.5
application process
a process which is specific to the requirements of a particular information system
2.6
application system
a collection of application processes which utilizes the services provided by the human-computer interface,
communications facility, and data management system to perform the processing necessary to meet the
requirements of the information system
2.7
audit trail
a record of the a
...

Questions, Comments and Discussion

Ask us and Technical Secretary will try to provide an answer. You can facilitate discussion about the standard in here.

This May Also Interest You

ISO
ISO/IEC 9579:2000(Main)
Information technology — Remote database access for SQL with security enhancement

This International Standard, Remote Database Access for SQL (RDA), defines a model for the remote interaction of an SQL-client and one or more SQL-servers through communication media, and defines the encoding of messages, the semantics of messages and associated facilities for mediating the interaction between one SQL-client and one SQL-server. This International Standard also defines a mapping of the RDA Protocol to the specific communication inhastructures TCPIIP and Transport Layer Security (TLS). This International Standard relies upon the facilities provided by ISOIIEC 9075 (SQL) and ISOIIEC 9075-3 (SQLICLI). This International Standard also: - identifies potential security vulnerabilities in remote database access using RDA, - defines RDA facilities which protect against the potential vulnerabilities. Normative annexes provide: - a Conformance Proforma, - an optional language independent Application Programming Interface defined in the notational conventions of ISOIIEC 9075-3 (SQLICLI) for invoking RDA Operations, - an optional mapping of ISOIIEC 9075-3 (SQLICLI) functions to RDA Operations, - definitions of optional SQL-servers, the RDA Location Server and the RDA Support Server, to facilitate interoperation and data distribution in a heterogeneous environment, - a set of security profiles that identify which RDA facilities and other security facilities are required for different levels of protection against potential vulnerabilities. Informative annexes provide: - an analysis of security service requirements, - an ASN. 1 specification for the RDA Protocol, - an ASN. 1 specification for the encoding of multiple rows. This International Standard does not constrain: - conforming RDA-client environments to be implemented using any particular processor decomposition, - conforming RDA-server environments to be implemented using any particular processor decomposition. This International Standard refers to but does not define: - protocols and security mechanisms for communication confidentiality, integrity and authentication of communicating peers, - digital signature and authentication mechanisms supported by protocol elements of RDA. This International Standard does not define: ? algorithms for query decomposition or for the combining of results in a distributed database environment, ? mechanisms for recovery in the event that transaction co-ordination fails, ? mechanisms for storage integrity and confidentiality using cryptography, ? mechanisms to counter Denial of Service attacks.

  • Standard
    115 pages
    English language
    sale 15% off
  • Standard
    115 pages
    English language
    sale 15% off
ISO
ISO/IEC 9594-11:2020(Main)
Information technology — Open systems interconnection directory — Part 11: Protocol specifications for secure operations

The scope of this Recommendation | International Standard is threefold. This Recommendation | International Standard provides guidance on how to prepare new and old protocols for cryptographic algorithm migration, and defines auxiliary cryptographic algorithms to be used for migration purposes. This Recommendation | International Standard specifies a general wrapper protocol that provides authentication, integrity and confidentiality (encryption) protection for other protocols. This wrapper protocol includes a migration path for cryptographic algorithms allowing for smooth migration to stronger cryptographic algorithms as such requirements evolve. This will allow migration to quantum-safe cryptographic algorithms. Protected protocols can then be developed without taking security and cryptographic algorithms into consideration. This Recommendation | International Standard also includes some protocols to be protected by the wrapper protocol primarily for support of public-key infrastructure (PKI). Other specifications, e.g., Recommendations or International Standards, may also develop protocols designed to be protected by the wrapper protocol.

  • Standard
    84 pages
    English language
    sale 15% off
ISO
ISO/IEC 9594-7:2020(Main)
Information technology — Open systems interconnection — Part 7: The Directory: Selected object classes

This document defines a number of object classes and name forms which may be found useful across a range of applications of the Directory. The definition of an object class involves listing a number of attribute types which are relevant to objects of that class. The definition of a name form involves naming the object class to which it applies and listing the attributes to be used in forming names for objects of that class. These definitions are used by the administrative authority which is responsible for the management of the directory information. Any administrative authority can define its own object classes or subclasses and name forms for any purpose. NOTE 1 ? Those definitions may or may not use the notation specified in Rec. ITU-T X.501 | ISO/IEC 9594-2. NOTE 2 ? It is recommended that an object class defined in this Recommendation | International Standard, or a subclass derived from one, or a name form defined in this Recommendation | International Standard, be used in preference to the generation of a new one, whenever the semantics is appropriate for the application. Administrative authorities may support some or all the selected object classes and name forms, and may also add additional ones. All administrative authorities shall support the object classes which the directory uses for its own purpose (the top, alias and Directory system agent (DSA) object classes).

  • Standard
    30 pages
    English language
    sale 15% off
  • Standard
    30 pages
    English language
    sale 15% off
ISO
ISO/IEC 9594-3:2020(Main)
Information technology — Open systems interconnection — Part 3: The Directory: Abstract service definition

This document defines in an abstract way the externally visible service provided by the Directory. This document does not specify individual implementations or products.

  • Standard
    120 pages
    English language
    sale 15% off
  • Draft
    120 pages
    English language
    sale 15% off
ISO
ISO/IEC 9594-9:2020(Main)
Information technology — Open systems interconnection — Part 9: The Directory: Replication

This document specifies a shadow service which Directory system agents (DSAs) may use to replicate Directory information. The service allows Directory information to be replicated among DSAs to improve service to Directory users. The shadowed information is updated, using the defined protocol, thereby improving the service provided to users of the Directory.

  • Standard
    38 pages
    English language
    sale 15% off
  • Standard
    38 pages
    English language
    sale 15% off
ISO
ISO/IEC 9594-1:2020(Main)
Information technology — Open systems interconnection — Part 1: The Directory: Overview of concepts, models and services

This document provides the directory capabilities required by many application layer standards and telecommunication services. Among the capabilities which it provides are those of "user-friendly naming", whereby objects can be referred to by names which are suitable for citing by human users (though not all objects need have user-friendly names); and "name-to-address mapping" which allows the binding between objects and their locations to be dynamic. The latter capability allows networks, for example, to be "self-configuring" in the sense that addition, removal and the changes of object location do not affect network operation. The Directory is not intended to be a general-purpose database system, although it may be built on such systems. It is assumed, for instance, that, as is typical with communication directories, there is a considerably higher frequency of "queries" than of updates. The rate of updates is expected to be governed by the dynamics of people and organizations, rather than, for example, the dynamics of networks. There is also no need for instantaneous global commitment of updates; transient conditions, where both old and new versions of the same information are available, are quite acceptable. It is a characteristic of the Directory that, except as a consequence of differing access rights or un-propagated updates, the results of directory queries will not be dependent on the identity or location of the inquirer. This characteristic renders the Directory unsuitable for some telecommunication applications, for example some types of routing. For cases where the results are dependent on the identity of the inquirer, access to directory information and updates of the Directory may be denied.

  • Standard
    22 pages
    English language
    sale 15% off
  • Standard
    22 pages
    English language
    sale 15% off
ISO
ISO/IEC 9594-6:2020(Main)
Information technology — Open systems interconnection — Part 6: The Directory: Selected attribute types

This document defines a number of attribute types and matching rules which may be found useful across a range of applications of the Directory. Attribute types and matching rules fall into three categories, as described below. Some attribute types and matching rules are used by a wide variety of applications or are understood and/or used by the Directory itself. NOTE 1 ? It is recommended that an attribute type or matching rule defined in this Recommendation | International Standard be used, in preference to the generation of a new one, whenever it is appropriate for the application. NOTE 2 ? The attribute and context types definitions by this Recommendation | International Standard have some associated semantics. Such specifications should not be used in situations where these semantics do not apply. Some attribute types and matching rules are internationally standardized, but are application‑specific. These are defined in the standards associated with the application concerned. Any administrative authority can define its own attribute types and matching rules for any purpose. These are not internationally standardized, and are available to others beyond the administrative authority which created them only through bilateral agreement.

  • Standard
    122 pages
    English language
    sale 15% off
  • Standard
    122 pages
    English language
    sale 15% off
ISO
ISO/IEC 9594-8:2020(Main)
Information technology — Open systems interconnection — Part 8: The Directory: Public-key and attribute certificate frameworks

This document addresses some of the security requirements in the areas of authentication and other security services through the provision of a set of frameworks upon which full services can be based. Specifically, this Recommendation | International Standard defines frameworks for: ? public-key certificates; and ? attribute certificates. The public-key certificate framework defined in this Recommendation | International Standard specifies the information objects and data types for a public-key infrastructure (PKI), including public-key certificates, certificate revocation lists (CRLs), trust broker and authorization and validation lists (AVLs). The attribute certificate framework specifies the information objects and data types for a privilege management infrastructure (PMI), including attribute certificates, and attribute certificate revocation lists (ACRLs). This Recommendation | International Standard also provides the framework for issuing, managing, using and revoking certificates. An extensibility mechanism is included in the defined formats for both certificate types and for all revocation list schemes. This Recommendation | International Standard also includes a set of extensions, which is expected to be generally useful across a number of applications of PKI and PMI. The schema components (including object classes, attribute types and matching rules) for storing PKI and PMI information in a directory, are included in this Recommendation | International Standard. This Recommendation | International Standard specifies the framework for strong authentication, involving credentials formed using cryptographic techniques. It is not intended to establish this as a general framework for authentication, but it can be of general use for applications which consider these techniques adequate. Authentication (and other security services) can only be provided within the context of a defined security policy. It is a matter for users of an application to define their own security policy.

  • Standard
    224 pages
    English language
    sale 15% off
  • Standard
    224 pages
    English language
    sale 15% off
ISO
ISO/IEC 9594-5:2020(Main)
Information technology — Open systems interconnection — Part 5: The Directory: Protocol specifications

This document specifies the Directory Access Protocol, the Directory System Protocol, the Directory Information Shadowing Protocol, and the Directory Operational Binding Management Protocol which fulfil the abstract services specified in Rec. ITU-T X.511 | ISO/IEC 9594-3, Rec. ITU-T X.518 | ISO/IEC 9594-4, Rec. ITU‑T X.525 | ISO/IEC 9594-9, and Rec. ITU-T X.501 | ISO/IEC 9594-2.

  • Standard
    83 pages
    English language
    sale 15% off
  • Standard
    83 pages
    English language
    sale 15% off
ISO
ISO/IEC 9594-4:2020(Main)
Information technology — Open systems interconnection — Part 4: The Directory: Procedures for distributed operation

This document specifies the behaviour of DSAs taking part in a distributed directory consisting of multiple Directory systems agents (DSAs) and/or LDAP servers with at least one DSA. The allowed behaviour has been designed to ensure a consistent service given a wide distribution of the DIB across a distributed directory. Only the behaviour of DSAs taking part in a distributed directory is specified. The behaviour of LDAP servers are specified in relevant LDAP specifications. There are no special requirements on an LDAP server beyond those given by the LDAP specifications. The Directory is not intended to be a general purpose database system, although it may be built on such systems. It is assumed that there is a considerably higher frequency of queries than of updates.

  • Standard
    125 pages
    English language
    sale 15% off
  • Draft
    125 pages
    English language
    sale 15% off