1 Scope
2
Normative references
2.1 Identical Recommendations | International Standards
2.2 Paired Recommendations | International Standards equivalent in
technical content
3
Definitions
3.1 Basic Reference Model definitions
3.2 Security architecture definitions
3.3 Additional definitions
4
Abbreviations
5
Notation
6
Organization
6.1 Part 1 – Overview
6.2 Part 2 – Authentication
6.3 Part 3 – Access
control
6.4 Part 4 – Non-repudiation
6.5 Part 5 – Confidentiality
6.6 Part 6 – Integrity
6.7 Part 7 – Security audit and alarms
6.8 Key management
7
Common concepts
7.1 Security information
7.2 Security domain
7.2.1 Security policy and security policy rules
7.2.2 Security domain authority
7.2.3 Inter‑relationships among security
domains
7.2.4 Establishment of secure interaction rules
7.2.5 Inter-domain security information
transfer
7.3 Security policy considerations for specific security services
7.4 Trusted entities
7.5 Trust
7.6 Trusted third parties
8
Generic security information
8.1 Security labels
8.2 Cryptographic checkvalues
8.3 Security certificates
8.3.1 Introduction to security certificates
8.3.2 Verification and chaining of security
certificates
8.3.3 Revocation of security certificates
8.3.4 Re-use of security certificates
8.3.5 Security certificate structure
8.4 Security tokens
9
Generic security facilities
9.1 Management related facilities
9.1.1 Install SI
9.1.2 Deinstall SI
9.1.3 Change SI
9.1.4 Validate SI
9.1.5 Invalidate SI
9.1.6 Disable/Re-enable security service
9.1.7 Enrol
9.1.8 Un-enrol
9.1.9 Distribute SI
9.1.10 List SI
9.2 Operational related facilities
9.2.1 Identify trusted security authorities
9.2.2 Identify secure interaction rules
9.2.3 Acquire SI
9.2.4 Generate SI
9.2.5 Verify SI
10 Interactions between security
mechanisms
11 Denial of service and
availability
12 Other requirements
Annex A – Some examples of
protection mechanisms for security certificates
A.1 Protection using an OSI communications security service
A.2 Protection using a parameter within the security certificate
A.2.1 The authentication method
A.2.2 The secret key method
A.2.3 The public key method
A.2.4 The one-way function method
A.3 Protection of the internal and external parameters while in
transit
A.3.1 Transfer of internal parameters to the
issuing security authority
A.3.2 Transfer of external parameters among
entities
A.4 Use of security certificates by single entities or by groups
of entities
A.5 Linking a security certificate with accesses
Annex B – Bibliography