A
A
NSWERS
NSWERS
TO
TO
Q
Q
UESTIONS
UESTIONS
1.1 The OSI Security Architecture is a framework that provides a systematic way of defining
the requirements for security and characterizing the approaches to satisfying those
requirements. The document defines security attacks, mechanisms, and services, and the
relationships among these categories.
. /(%9%,:),:
)):*8:;%
<,<)8).)
()*8)
),=))
.0 /(8),>
()::)*8),:
8%
1.4 Authentication: The assurance that the communicating entity is the one that it claims to be.
Access control: The prevention of unauthorized use of a resource (i.e., this service controls
who can have access to a resource, under what conditions access can occur, and what those
accessing the resource are allowed to do).
Data confidentiality: The protection of data from unauthorized disclosure.
Data integrity: The assurance that data received are exactly as sent by an authorized entity
(i.e., contain no modification, insertion, deletion, or replay).
Nonrepudiation: Provides protection against denial by one of the entities involved in a
communication of having participated in all or part of the communication.
Availability service: The property of a system or a system resource being accessible and
usable upon demand by an authorized system entity, according to performance
specifications for the system (i.e., a system is available if it provides services according to
the system design whenever users request them).
1.5 See Table 1.3.
评论7