|
http://www.din.de/ni/sc27/
Standardization of generic methods and techniques for IT security. This includes:
- identification of generic requirements (including requirements
methodology) for IT system security services;
- development of security techniques and mechanisms (including
registration procedures and relationships of security components);
- development of security guidelines (e.g., interpretative
documents, risk analysis); and
- development of management support documentation and standards
(e.g. terminology and security evaluation criteria).
Excluded are:
- the embedding of mechanisms in applications.
Note that the SC 27 Scope and Area of Work includes the standardization of cryptographic algorithms for integrity, authentication and non-repudiation services. Furthermore it includes the standardization of cryptographic algorithms for confidentiality services for use in accordance with internationally accepted policies.
|