iTeh StandardsiTeh Standards
EURUSD
Your shopping cart is empty.
ISO

ISO/IEC 10032:1995

(Main)

Information technology — Reference Model of Data Management

Information technology — Reference Model of Data Management

Defines the ISO Reference Model of Data Management and common terminology and concepts pertinent to all data held within information systems. Does not specify services and protocols for data management. It is neither an implementation specification for systems, nor a basis for appraising the conformance of implementations.

Technologies de l'information — Modèle de référence pour la gestion de données

General Information

Status
Withdrawn
Publication Date
17-May-1995
Withdrawal Date
17-May-1995
ICS
35.100.70 - Application layer
Technical Committee
ISO/IEC JTC 1/SC 32 - Data management and interchange
Drafting Committee
ISO/IEC JTC 1/SC 32 - Data management and interchange
Current Stage
9599 - Withdrawal of International Standard
Completion Date
30-Oct-2003
Ref Project

Relations

Revised
ISO/IEC TR 10032:2003 - Information technology — Reference Model of Data Management
Effective Date
15-Apr-2008
Consolidated By
ISO 5457:1999 - Technical product documentation — Sizes and layout of drawing sheets
Effective Date
06-Jun-2022

Buy Standard

ISO/IEC 10032:1995 - Information technology -- Reference Model of Data ManagementISO/IEC 10032:1995 - Information technology -- Reference Model of Data Management
PreviousNext
Standard
ISO/IEC 10032:1995 - Information technology -- Reference Model of Data Management
English language
54 pages
sale 15% off
Preview
sale 15% off
Preview

Standards Content (Sample)

INTERNATIONAL ISO/IEC
STANDARD
10032
First edition
1995-05-I 5
Information technology - Reference
Model of Data Management
Technologies de I’informa Con - Mod&/e de rbf&ence pour la gestion de
don&es
Reference number
ISO/lEC 10032:1995(E)

---------------------- Page: 1 ----------------------
ISO/IEC 10032:1995(E)
Contents Page
ix
Foreword .
Introduction . x
................................................ 1
1 Scope
2 Definitions . 1
5
3 Svmbols and abbreviations .
c
Symbols . 5
3.1
7
3.2 Abbreviations .
4 Data Management Requirements . 7
7
4.1 Purpose .
7
4.2 Information systems .
............. 8
4.2.1 Context of Data Management in an Information System
4.3 Database and schema . 9
.................................... 9
4.4 Data Modelling Facility
4.5 Data independence . 10
4.6 Data management services . 10
................................. 10
4.7 Processors and interfaces
4.8 Access control . 10
11
4.8.1 Definition and modification of access control privileges .
4.8.2 Enforcement of access control . 11
(CJ ISO/IEC 1995
AI1 rights reserved. Unless otherwise specified, no part of this publication may be reproduced or utilized
in any form or by any means, electronic or mechanical, including photocopying and microfilm, without
permission in writing from the publisher.
ISO/IEC Copyright Office Case postale 56 CH-1211 Geneve 20 Switzerland
Printed in Switzerland
ii

---------------------- Page: 2 ----------------------
ISO/IEC 10032:1995(E)
@ ISO/IEC
......................... 11
4.8.3 Security external to data management
............. 11
4.9 Operational requirements to support data management
......................... 12
4.9.1 Information systems life cycle support
12
............
4.9.2 Configuration management, version control and variants
13
4.9.3 Concurrentprocessing. .
........................... 13
4.9.4 Database transaction management
.................................. 13
4.9.5 Performance engineering
....................................... 13
4.9.6 Referencing data.
........................... 14
Extensible Data Modelling Facility
4.9.7
....... 14
4.9.8 Support for different Data Modelling Facilities at user interface
14
Audittrails .
4.9.9
14
4.9.10 Recovery .
................................. 14
Logical data restructuring
4.9.11
.............................. 14
4.9.12 Physical storage reorganization
4.10 Additional operational requirements to support data management in a
.............................. 14
distributed information system
...................................... 15
4.10.1 Distribution control
........................... 16
4.10.2 Database transaction management
........................................ 16
4.10.3 Communications
......................................... 17
4.10.4 Export/import
.................................
17
4.10.5 Distribution independence
....................................... 17
System autonomy
4.10.6
........................... 17
4.10.7 Recovery of a distributed database
...................................... 17
Dictionary systems
4.11
................ 18
Concepts for data level pairs and related processes
5
18
5.1 Purpose .
...
111

---------------------- Page: 3 ----------------------
@ ISO/IEC
ISO/IEC 10032:1995(E)
18
5.2 Levelpairs .
................................... 18
Interlocking level pairs
5.2.1
................................ 19
5.2.2 Recursiveuseoflevelpairs
20
..................................
Operations on level pairs
5.2.3
............. 21
5.3 Dependence of level pairs on a Data Modelling Facility
......................... 21
5.3.1 Level pairs and data structuring rules
....................... 21
5.3.2 Level pairs and data manipulation rules
.......................... 21
5.4 Level pairs and associated processes
24
...............................
5.5 Access control for level pairs
..................................... 24
5.6 Schemamodification
24
.....................................
6 Architectural model
24
6.1 Purpose .
25
......................................
62 . Modelling concepts
25
...................
6.2.1 Characteristics of Reference Model processors
25
.....................................
6.2.2 Levels of abstraction
................................... 26
Notation for processors
6.2.3
26
........................
6.3 The generic model of data management
............................... 27
6.3.1 Generic Database Controller
28
.........................................
6.3.2 User Processor
28
..............................................
6.3.3 User.
28
..............
64 . Specialization of the model in different environments
.................................... 29
6.5 Database environment
.............................. 3 1
66 . Distributed data management
32
Distribution Controller .
6.6.1
32
...................
6.6.2 Role of Distribution Controller and level pairs
iv

---------------------- Page: 4 ----------------------
ISO/IEC 10032:1995(E)
@ ISO/lEC
.................................... 32
6.7 Export/Import model
......................... 33
6.8 Access Control for Data Management
7
Objectives and principles for data management standardization . 0 . . e . . 34
34
7.1 Purpose .
7.2 Technical objectives associated with data management standardization * . . 35
..........................
7.2.1 Support for all distributed scenarios 35
................................... 36
7.2.2 Location independence
.................. 36
7.2.3 Standardized database transaction management
............................. 36
7.2.4 Export and import of databases
.......................... 37
Reduced complexity of handling data
7.2.5
.................... 37
7.2.6 Overall performance in distributed scenarios
...................................... 37
7.2.7 Data independence
.................................... 37
7.2.8 Application portability
...........................
7.2.9 Extensible Data Modelling Facility 37
......................... 38
7.2.10 Flexible presentation of data to users
...............................
Means of achieving objectives 38
7.3
................... 38
7.3.1 Same data modelling facility for each level pair
Same interchange mechanism for all level pairs . 39
7.3.2
....................... 39
7.3.3 Same processors usable for all level pairs
............. 39
7.3.4 Standardized services at Database Controller interface
....................... 39
7.3.5 Standardized approach to access control
7.3.6 Standardized representation of data needed to facilitate interoperability
................................................... 39
................................ 40
7.3.7 Support data fragmentation
.....................
Separation of logical and physical structures 40
7.3.8
........................... 40
7.3.9 Access to schema during execution

---------------------- Page: 5 ----------------------
ISO/IEC @ Iso/Ec
10032:1995(E)
7.3.10 User data modelling facility different from interchange data modelling facility
...................................................
41
........................ 41
7.4 Aspects of data management standards
...................... 41
Categories of data management standard
7.4.1
................ 41
7.4.2 Role of a data modelling facility in standardization
.................................... 42
Standardization styles
7.4.3
Annex A
(informative)
............................. 43
Related International Standards
Annex B
(informative)
Relationship of existing and developing database standards to the architecture
....................
44
of the Reference Model of Data Management
44
B.l Purpose .
..................................... 44
B.2 Database Languages
46
8.2.2 NDL .
47
..................
B.3 Information Resource Dictionary System, IRDS
47
IRDSFramework .
B.3.1
49
..................................
B.3.2 IRDS Services Interface
.............................. 49
B.4 Remote Database Access, RDA
50
B.5 Export/Import. .
..............................
5 1
B.6 Candidates for standardization
Annex C
(informative)
Index of terms . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 52
vi

---------------------- Page: 6 ----------------------
ISO/IEC 10032:1995(E)
@ ISO/IEC
Figures
..... 8
Figure 1 - Position of Data Management System within an Information System
.....................................
18
Figure 2 - Level pair construct
....................................
19
Figure 3 - Interlocking level pair
..........................
20
Figure 4 - Generalized interlocking level pairs
.............................. 22
Figure 5 - Creation of an empty database
.............................
23
Figure 6 - Binding and data manipulation
................................
26
Figure 7 - Example processor diagram
.......................
27
Figure 8 - The generic model of data management
.................... 29
Figure 9 - Example of access to a database environment
............... 30
Figure 10 - Example of access to many database environments
..............................
3 1
Figure 11 - Distributed data management
...............................
33
Figure 12 - The model of export/import
....................
34
Figure 13 - Access control in a distributed environment
........... 45
Figure B.l - Generic model of data management specialized for SQL
........ 46
Figure B.2 - Model of distributed data management specialized for SQL
......................
47
Figure B.3 - Position of an NDL Database Controller
..........
49
Figure B.4 - Generic model of data management specialized for IRDS
....
Figure B.5 - Model of distributed data management specialized for RDA SQL 50
........................ 50
Figure B.6 - Export/Import for an SQL database
............... 51
Figure B.7 - Position of RDA for distributed data management
Tables
...................... 44
Table B.l - Relation of terms: SQLRMDM clause 6
...................... 45
Table B.2 - Relation of terms: SQLRMDM clause 5
...........................
48
Table B.3 - Relation of terms: IRDSKMDM
..................... 48
Table B.4 - Relation of terms: IRDSRMDM clause 5
vii

---------------------- Page: 7 ----------------------
ISO/IEC 10032:1995(E) @ ISOREC
Foreword
IS0 (the International Organization for Standardization) and IEC (International Electrotechnical
Commission) form the specialized system for worldwide standardization. National bodies that
are members of IS0 or IEC participate in the development of International Standards through
technical committees established by the respective organization to deal with particular fields of
technical activity. IS0 and IEC technical committees collaborate in fields of mutual interest.
Other international organizations, governmental and non-governmental, in liaison with IS0 and
IEC, also take part in the work.
In the field of information technology, IS0 and IEC have established a joint technical
committee, ISO/IEC JTC 1. Draft International Standards adopted by the joint technical
committee are circulated to the national bodies for voting. Publication as an International
Standard requires approval by at least 75% of the member bodies casting a vote.
International Standard ISOKEC 10032 was prepared by Joint Technical Committee JTC 1,
Information Technology, Subcommittee 21, qen systems interconnection, data management
and open distributed processing.
Annexes A, B and C of this International Standard are for information only.
. . .
Vlll

---------------------- Page: 8 ----------------------
ISO/IEC 10032: 1995(E)
@ ISO/IEC
Introduction
ISO, in specifying a Reference Model of Data Management, recognizes that there are many
implementors of data management systems. It is inevitable that different implementors use
different terms to specify or refer to similar data management functions. Furthermore, the use
of the same term to describe different functions is also common. There is a clear need to
standardize the data management functions. This International Standard fulfils that role by
presenting a Reference Model of Data Management and defining the areas of this model which
lend themselves to standardization.
This International Standard defmes the Reference Model of Data Management. It provides a
common basis for the coordination of standards development for the purpose of data
management, while allowing existing and emerging standards to be placed into perspective.
The term “data management” includes the description, creation, modification, use and control
of data in information systems. Such data management functions may be performed as a
common service for information systems applications. Alternatively, each application may
define and control the data relevant to it. In the case in which data management functions are
performed as a common service, it is desirable to provide standardized facilities for data access
and control in order to permit the sharing of data by a number of users. Such standardization
requires the determination of a number of interfaces for which individual standards may be
developed.
Standard are to provide a framework allowing, within the
The objectives of this International
scope specified in clause 1, for the following:
a) identification of interfaces;
b) positioning all such interfaces relative to each other;
c) identification of facilities provided at each interface;
identification of the process which supports each interface where
4
appropriate, of the data required for such support
positioning the use of the interfaces in terms of an information systems life cycle;
associated with each appropriate
f) identification of the binding alternatives
identified interface.
There are three major objectives which are applied in this International Standard to data
management standardization. These are as follows:
a) Shareability of resources
b) Minimize cost of supporting an information system over its life cycle
c) Optimum use of standardization effort.

---------------------- Page: 9 ----------------------
@ ISO/IEC
ISODEC 10032:1995(E)
The shareability of resources objective applies to both information resources as represented by
data in databases and to processor resources of the kind described in clause 6. There is
particular emphasis on the shareability of information resources located at different places and
All shareability of resources is subject to
developed using different hardware and software.
access control.
minimizing the cost of supporting an information system applies to all phases
The objective of
of the information system life cycle, including design, development, operation and maintenance
costs.
reducing the
The objective associated with the optimum use of standardization effort refers to
number of standards required to simplifying the content of such standards.
and
This International Standard identifies areas for developing or improving standards, and provides
a common framework for maintaining consistency of all related standards.
This International Standard provides a framework which allows teams of experts to work
productively and independently on the development of standards for different components of
information systems.
This International Standard has sufficient generality to accommodate the development of new
standards in response to advances in technology.
The description of the Reference Model of Data Management given in this International
Standard is presented as follows:
- Clause 4 introduces data management and the requirements on info rmation
systems;
Reference Model
- Clause 5 explains the data concepts that are required for the
and how they relate to
each other and the process concepts;
Clause 6 provides an architectural model within which different data and
processing components relevant to data management can be placed;
- Clause 7 describes the objectives principles for data management
standardization;
Annex A is a list of related International Standards;
- Annex B shows how the existing and future SC 21/WG3 standards relate to the
architectural model described in clause 6;
Annex C is an index of terms.
This International Standard specifies the classes of services that are expected to be provided by
data management, and it provides a framework which describes the way in which they are
related to each other. However, data management does not exist in isolation but within an
environment providing other services such as data storage and communication, as is described
in clause 4.
X

---------------------- Page: 10 ----------------------
ISOIIEC 10032:1995(E)
@ ISO/IEC
Prior to completion of work on this International Standard, data management standards were
developed within ISO/IEC as indicated in annex A of this document. The positioning of such
International Standards using the Reference Model of Data Management is described in annex
B.

---------------------- Page: 11 ----------------------
This page intentionally left blank

---------------------- Page: 12 ----------------------
INTERNATIONAL STANDARD 0 ISODEC ISO/IEC 10032:1995(E)
Information technology - Reference Model of Data Management
1 Scope
This International Standard defmes the IS0 Reference Model of Data Management. It establishes a framework for
coordinating the development of existing and future standards for the management of persistent data in information systems.
See annex A for references to existing data management standards.
The International Standard defines common terminology and concepts pertinent to all data held within information systems.
Such concepts are used to defme more specifically the services provided by particular data management components, such
as database management systems or data dictionary systems. The definition of such related services identifies interfaces which
may be the subject of future standardization.
It is neither an implementation
This International Standard does not specify services and protocols for data management.
specification for systems, nor a basis for appraising the conformance of implementations.
The scope of this International Standard includes processes which are concerned with handling persistent data and their interaction
with processes particular to the requirements of a specific information system. This includes common data management services
and communicate applications and dictionary
such as those required to define, store, retrieve, update, maintain, backup, restore,
data.
The scope of this International Standard includes consideration of standards for the management of data located on one or more
computer systems, including services for distributed database management.
The International Standard does not include within its scope common services normally provided by an operating system
including those processes which are concerned with specific types of physical storage devices, specific techniques for storing
data, and specific details of communications and human computer interfaces.
A data management standard defmes services provided at an interface. It does not impose limitations on how processes are
implemented.
2 Definitions
The definitions provided in this clause aim to specify the most technical use of the terms in this International Standard. The
Some of the terms are defined in other
introduction to each term may be presented in a simpler informal description.
standards, but the following definitions are provided for use in the specific context of data management.
2.1 access control: The prevention of unauthorized use of a resource, including the prevention of use of a resource in
an unauthorized manner. For data management purposes, access control relates to the enabling of authorized

---------------------- Page: 13 ----------------------
@ ISO/IEC
ISOKEC 10032:1995(E)
Access control determines the processes which a user
access to data and the prevention of unauthorized access.
may perform.
2.2 A collection of data associated with the definition or modification of access control
access control data:
privileges.
access control mechanism: A mechanism which may be used to enforce a security policy.
2.3
2.4 application: The data manipulation and processing operations that are related to specific requirements of an
information system.
2.5 application process: A process which is specific to the requirements of a particular information system.
A collection of application processes which utilizes the services provided by the
2.6 application system:
human-computer interface, communications hcility, and data management system to perform the processing
necessary to meet the requirements of the information system.
audit trail: A record of the activity taking place in an information system over a period of time.
2.7
2.8 authorization: A deftition of privileges for a specific user identifier.
binding: A process which involves relating a process to specific data definitions.
2.9
2.10 client: A role filled by a processor when it requests the services provided by another processor (i.e. a server).
2.11 client-server relationship: The relationship between a client and a server which is established at the moment that
a client asks for a service to be performed by a server.
2.12 communications linkage: A means for exchanging data between computer systems, or between a user and a
computer systems.
2.13 computer system: A collection of hardware which is managed as a single unit by software such as an operating
system which may also provide common services such as access control, inter-process communications, and a
graphical user interface.
2.14 configuration: A set of processes comprising an information system and the way in which the processes are
inter-related.
2.15 An activity of managing the configuration of an information system throughout it’s
configuration management:
lifecycle.
2.16 constraining rule: A rule which is part of a Data Modelling Facility and which controls the specification of the
constraints which may be expressed upon a collection of data.
2.17 constraint: A restriction on the values permitted for a given collection of data.
2.18 data content standard: A logical specification of a collection of data which is of sufficiently general applicability
to be of use in many application systems.
2.19 data definition: A description which determines the rules to which one or more collections of data instances must
conform.
2

---------------------- Page: 14 ----------------------
ISO/IEC 10032: 1995(E)
@ ISO/IEC
&&a export: A data management service which retrieves a set of data from a database and creates a copy of that
2.20
data organised according to a data interchange format.
A data management service which inserts into a database a set of data organ&d according to a data
2.21 d&a import:
interchange format.
2.22 data independence: The independence of processes from data such that the data definition may be changed
without unnecessarily affecting the processes.
2.23 data integrity: Conformance of data values to a specified set of rules.
2.24 data interchange format: A set of data structuring rules that determine a for-n-rat for data to enable the export of
data from one data management system and its import by another data management system.
2.25 data interchange standard: A standard which defmes a set of data according to a set of data structuring rules
so that the set of data can be interchanged between one computer system and another.
2.26 data management: The activities of defining, creating, storing, maintaining and providing access to data and
associated processes in one or more information systems.
2.27 data management environment: An abstract conceptualization of the data and associated processing elements
involved in a computer system.
2.28 data management service: A service provided by a data management system.
2.29 data management session: A period of time during which a set of data management services are being used by
a client of a data management process.
2.30 data management system: A system which is concerned with the organization and control of data.
2.31 data manipulation process: A process the semantics of which are prescribed by the data manipulation rules of
a Data Modelling Facility.
data manipulation rule: A rule which either must be followed when specifying a process or else is automatically
2.32
followed by a data management system when a process is executed.
2.33 data modelling facility: Rules for defining a schema and the data manipulation rules for operating on data stored
in accordance with the schema.
2.34 data structuring rule: A rule specifying how a collection of data may be structured.
2.35 data type: A named, formal specification which governs the common static and dynamic properties of all
instances of that data type.
2.36 database: A collection of data stored according to a schema and manipulated according to the rules set out in one
Data Modelling Facility.
2.37 database controller: An abstract representation for the collection of services which conform to and implement
a Data Modelling Facility.
2.38 database environment: A database and its associated schema and database controller.

---------------------- Page: 15 ----------------------
@ ISO/IEC
ISOlIEC 10032: 1995(E)
2.39 database language: A language with a formal syntax to be used for defining, creating, accessing and maintaining
databases.
2.40 database management: Creating, using and maintaining databases.
2.41 database management system (DBMS): A collection of integrated services which support database management
and together support and control the creation, use and maintenance of a database.
An information system containing information about an enterprise, its operations, activities,
2.42 dictionary system:
processes and data that are related to one or more application systems.
2.43 distributed database: A collection of data which is distributed across two or more database environments.
the data and associated processes of which are
2.44 distributed information system: An information system,
distributed across two or more database environments.
2.45 distribution data: The data which defines location, replication and fragmentation information about data objects
in a distributed database system.
2.46 fragmentation: A partitioning across more than one database environment of the data values for the instances
of one data type in a distributed database.
2.47 functional standard: A standard which consists of an assembly of other standards showing how they fit together.
A fragmentation where the partitions are formed from all data values for a subset of
2.48 horizontal fragmentation:
instances.
A system which organizes the storage and manipulation of information about a universe of
2.49 information system:
discourse.
2.50 interchange data modelling facility: A data modelling facility that supports the interchange of data between data
management systems.
2.51 interface standard: A standard which defines the services available at an interface to a process.
2.52 level pair: A modelling concept which groups a schema with its associated database. There are two adjacent data
levels. The upper level will always contain the definition of data stored on the lower level.
2.53 management domain: A domain encompassing a set of two or more information systems, any of which may be
distributed, which have been designed and constructed to interchange data and processes.
2.54 persistent data: Data which is retained in the information system for more than one data management session.
2.55 privilege: The authorization given to an identified user to allow the use of a particular data management service
to access specific data or processes.
2.56 process: A process is an active component of an information system.
2.57 processing linkage: A representation of a possible interaction between processors.

---------------------- Page: 16 ----------------------
ISO/IEC 10032:1995(E)
@ ISONEC
2.58 processor: A modelling concept that represents some combination of hardware and software that can provide
services either to one or more other processors or to a human user.
schema: A description of the content, structure, and constraints used to construct and maintain a database.
2.59
2.60 server: A role filled by a processor when it provides services to another processor.
or by a process to other processes.
2.61 service: A capability provided by a processor to other processors,
A defined set of services made available by a process or p
...

Questions, Comments and Discussion

Ask us and Technical Secretary will try to provide an answer. You can facilitate discussion about the standard in here.

This May Also Interest You

ISO
ISO/IEC TR 10032:2003(Main)
Information technology — Reference Model of Data Management

ISO/IEC TR 10032:2003 defines the ISO Reference Model of Data Management. It establishes a framework for coordinating the development of existing and future standards for the management of persistent data in information systems. ISO/IEC TR 10032:2003 defines common terminology and concepts pertinent to all data held within information systems. Such concepts are used to define more specifically the services provided by particular data management components, such as database management systems or data dictionary systems. The definition of such related services identifies interfaces which may be the subject of future standardization. ISO/IEC TR 10032:2003 does not specify services and protocols for data management. ISO/IEC TR 10032:2003 is neither an implementation specification for systems, nor a basis for appraising the conformance of implementations. The scope of ISO/IEC TR 10032:2003 includes processes which are concerned with handling persistent data and their interaction with processes particular to the requirements of a specific information system. This includes common data management services such as those required to define, store, retrieve, update, maintain, backup, restore and communicate applications and dictionary data. The scope of ISO/IEC TR 10032:2003 includes consideration of standards for the management of data located on one or more computer systems, including services for distributed database management. ISO/IEC TR 10032:2003 does not include within its scope common services normally provided by an operating system including those processes which are concerned with specific types of physical storage devices, specific techniques for storing data, and specific details of communications and human computer interfaces.

  • Technical report
    48 pages
    English language
    sale 15% off
ISO
ISO/IEC 9579:2000(Main)
Information technology — Remote database access for SQL with security enhancement

This International Standard, Remote Database Access for SQL (RDA), defines a model for the remote interaction of an SQL-client and one or more SQL-servers through communication media, and defines the encoding of messages, the semantics of messages and associated facilities for mediating the interaction between one SQL-client and one SQL-server. This International Standard also defines a mapping of the RDA Protocol to the specific communication inhastructures TCPIIP and Transport Layer Security (TLS). This International Standard relies upon the facilities provided by ISOIIEC 9075 (SQL) and ISOIIEC 9075-3 (SQLICLI). This International Standard also: - identifies potential security vulnerabilities in remote database access using RDA, - defines RDA facilities which protect against the potential vulnerabilities. Normative annexes provide: - a Conformance Proforma, - an optional language independent Application Programming Interface defined in the notational conventions of ISOIIEC 9075-3 (SQLICLI) for invoking RDA Operations, - an optional mapping of ISOIIEC 9075-3 (SQLICLI) functions to RDA Operations, - definitions of optional SQL-servers, the RDA Location Server and the RDA Support Server, to facilitate interoperation and data distribution in a heterogeneous environment, - a set of security profiles that identify which RDA facilities and other security facilities are required for different levels of protection against potential vulnerabilities. Informative annexes provide: - an analysis of security service requirements, - an ASN. 1 specification for the RDA Protocol, - an ASN. 1 specification for the encoding of multiple rows. This International Standard does not constrain: - conforming RDA-client environments to be implemented using any particular processor decomposition, - conforming RDA-server environments to be implemented using any particular processor decomposition. This International Standard refers to but does not define: - protocols and security mechanisms for communication confidentiality, integrity and authentication of communicating peers, - digital signature and authentication mechanisms supported by protocol elements of RDA. This International Standard does not define: ? algorithms for query decomposition or for the combining of results in a distributed database environment, ? mechanisms for recovery in the event that transaction co-ordination fails, ? mechanisms for storage integrity and confidentiality using cryptography, ? mechanisms to counter Denial of Service attacks.

  • Standard
    115 pages
    English language
    sale 15% off
  • Standard
    115 pages
    English language
    sale 15% off
ISO
ISO/IEC 9594-11:2020(Main)
Information technology — Open systems interconnection directory — Part 11: Protocol specifications for secure operations

The scope of this Recommendation | International Standard is threefold. This Recommendation | International Standard provides guidance on how to prepare new and old protocols for cryptographic algorithm migration, and defines auxiliary cryptographic algorithms to be used for migration purposes. This Recommendation | International Standard specifies a general wrapper protocol that provides authentication, integrity and confidentiality (encryption) protection for other protocols. This wrapper protocol includes a migration path for cryptographic algorithms allowing for smooth migration to stronger cryptographic algorithms as such requirements evolve. This will allow migration to quantum-safe cryptographic algorithms. Protected protocols can then be developed without taking security and cryptographic algorithms into consideration. This Recommendation | International Standard also includes some protocols to be protected by the wrapper protocol primarily for support of public-key infrastructure (PKI). Other specifications, e.g., Recommendations or International Standards, may also develop protocols designed to be protected by the wrapper protocol.

  • Standard
    84 pages
    English language
    sale 15% off
ISO
ISO/IEC 9594-7:2020(Main)
Information technology — Open systems interconnection — Part 7: The Directory: Selected object classes

This document defines a number of object classes and name forms which may be found useful across a range of applications of the Directory. The definition of an object class involves listing a number of attribute types which are relevant to objects of that class. The definition of a name form involves naming the object class to which it applies and listing the attributes to be used in forming names for objects of that class. These definitions are used by the administrative authority which is responsible for the management of the directory information. Any administrative authority can define its own object classes or subclasses and name forms for any purpose. NOTE 1 ? Those definitions may or may not use the notation specified in Rec. ITU-T X.501 | ISO/IEC 9594-2. NOTE 2 ? It is recommended that an object class defined in this Recommendation | International Standard, or a subclass derived from one, or a name form defined in this Recommendation | International Standard, be used in preference to the generation of a new one, whenever the semantics is appropriate for the application. Administrative authorities may support some or all the selected object classes and name forms, and may also add additional ones. All administrative authorities shall support the object classes which the directory uses for its own purpose (the top, alias and Directory system agent (DSA) object classes).

  • Standard
    30 pages
    English language
    sale 15% off
  • Standard
    30 pages
    English language
    sale 15% off
ISO
ISO/IEC 9594-5:2020(Main)
Information technology — Open systems interconnection — Part 5: The Directory: Protocol specifications

This document specifies the Directory Access Protocol, the Directory System Protocol, the Directory Information Shadowing Protocol, and the Directory Operational Binding Management Protocol which fulfil the abstract services specified in Rec. ITU-T X.511 | ISO/IEC 9594-3, Rec. ITU-T X.518 | ISO/IEC 9594-4, Rec. ITU‑T X.525 | ISO/IEC 9594-9, and Rec. ITU-T X.501 | ISO/IEC 9594-2.

  • Standard
    83 pages
    English language
    sale 15% off
  • Standard
    83 pages
    English language
    sale 15% off
ISO
ISO/IEC 9594-9:2020(Main)
Information technology — Open systems interconnection — Part 9: The Directory: Replication

This document specifies a shadow service which Directory system agents (DSAs) may use to replicate Directory information. The service allows Directory information to be replicated among DSAs to improve service to Directory users. The shadowed information is updated, using the defined protocol, thereby improving the service provided to users of the Directory.

  • Standard
    38 pages
    English language
    sale 15% off
  • Standard
    38 pages
    English language
    sale 15% off
ISO
ISO/IEC 9594-6:2020(Main)
Information technology — Open systems interconnection — Part 6: The Directory: Selected attribute types

This document defines a number of attribute types and matching rules which may be found useful across a range of applications of the Directory. Attribute types and matching rules fall into three categories, as described below. Some attribute types and matching rules are used by a wide variety of applications or are understood and/or used by the Directory itself. NOTE 1 ? It is recommended that an attribute type or matching rule defined in this Recommendation | International Standard be used, in preference to the generation of a new one, whenever it is appropriate for the application. NOTE 2 ? The attribute and context types definitions by this Recommendation | International Standard have some associated semantics. Such specifications should not be used in situations where these semantics do not apply. Some attribute types and matching rules are internationally standardized, but are application‑specific. These are defined in the standards associated with the application concerned. Any administrative authority can define its own attribute types and matching rules for any purpose. These are not internationally standardized, and are available to others beyond the administrative authority which created them only through bilateral agreement.

  • Standard
    122 pages
    English language
    sale 15% off
  • Standard
    122 pages
    English language
    sale 15% off
ISO
ISO/IEC 9594-4:2020(Main)
Information technology — Open systems interconnection — Part 4: The Directory: Procedures for distributed operation

This document specifies the behaviour of DSAs taking part in a distributed directory consisting of multiple Directory systems agents (DSAs) and/or LDAP servers with at least one DSA. The allowed behaviour has been designed to ensure a consistent service given a wide distribution of the DIB across a distributed directory. Only the behaviour of DSAs taking part in a distributed directory is specified. The behaviour of LDAP servers are specified in relevant LDAP specifications. There are no special requirements on an LDAP server beyond those given by the LDAP specifications. The Directory is not intended to be a general purpose database system, although it may be built on such systems. It is assumed that there is a considerably higher frequency of queries than of updates.

  • Standard
    125 pages
    English language
    sale 15% off
  • Draft
    125 pages
    English language
    sale 15% off
ISO
ISO/IEC 9594-1:2020(Main)
Information technology — Open systems interconnection — Part 1: The Directory: Overview of concepts, models and services

This document provides the directory capabilities required by many application layer standards and telecommunication services. Among the capabilities which it provides are those of "user-friendly naming", whereby objects can be referred to by names which are suitable for citing by human users (though not all objects need have user-friendly names); and "name-to-address mapping" which allows the binding between objects and their locations to be dynamic. The latter capability allows networks, for example, to be "self-configuring" in the sense that addition, removal and the changes of object location do not affect network operation. The Directory is not intended to be a general-purpose database system, although it may be built on such systems. It is assumed, for instance, that, as is typical with communication directories, there is a considerably higher frequency of "queries" than of updates. The rate of updates is expected to be governed by the dynamics of people and organizations, rather than, for example, the dynamics of networks. There is also no need for instantaneous global commitment of updates; transient conditions, where both old and new versions of the same information are available, are quite acceptable. It is a characteristic of the Directory that, except as a consequence of differing access rights or un-propagated updates, the results of directory queries will not be dependent on the identity or location of the inquirer. This characteristic renders the Directory unsuitable for some telecommunication applications, for example some types of routing. For cases where the results are dependent on the identity of the inquirer, access to directory information and updates of the Directory may be denied.

  • Standard
    22 pages
    English language
    sale 15% off
  • Standard
    22 pages
    English language
    sale 15% off
ISO
ISO/IEC 9594-8:2020(Main)
Information technology — Open systems interconnection — Part 8: The Directory: Public-key and attribute certificate frameworks

This document addresses some of the security requirements in the areas of authentication and other security services through the provision of a set of frameworks upon which full services can be based. Specifically, this Recommendation | International Standard defines frameworks for: ? public-key certificates; and ? attribute certificates. The public-key certificate framework defined in this Recommendation | International Standard specifies the information objects and data types for a public-key infrastructure (PKI), including public-key certificates, certificate revocation lists (CRLs), trust broker and authorization and validation lists (AVLs). The attribute certificate framework specifies the information objects and data types for a privilege management infrastructure (PMI), including attribute certificates, and attribute certificate revocation lists (ACRLs). This Recommendation | International Standard also provides the framework for issuing, managing, using and revoking certificates. An extensibility mechanism is included in the defined formats for both certificate types and for all revocation list schemes. This Recommendation | International Standard also includes a set of extensions, which is expected to be generally useful across a number of applications of PKI and PMI. The schema components (including object classes, attribute types and matching rules) for storing PKI and PMI information in a directory, are included in this Recommendation | International Standard. This Recommendation | International Standard specifies the framework for strong authentication, involving credentials formed using cryptographic techniques. It is not intended to establish this as a general framework for authentication, but it can be of general use for applications which consider these techniques adequate. Authentication (and other security services) can only be provided within the context of a defined security policy. It is a matter for users of an application to define their own security policy.

  • Standard
    224 pages
    English language
    sale 15% off
  • Standard
    224 pages
    English language
    sale 15% off