There is an ever increasing need to use networks within organizations and between organizations. Requirements have to be met to use networks securely. The area of remote access to a network requires specific measures when IT security should be in place. BS ISO/IEC 18028 provides guidance for accessing networks remotely - either for using email, file transfer or simply working remotely.
Part 1 provides guidance on networks and communications, to include the security aspects of connecting information system networks themselves, and of connecting remote users to networks.
The guidance supports the identification and analysis of the communications related factors that should be taken into account to establish network security requirements, provides an introduction on how to identify appropriate control areas with respect to security associated with connections to communications networks, and provides an overview of the possible control areas including those technical design and implementation topics dealt with in detail in BS ISO/IEC 18028 Parts 2 to 5.
BS ISO/IEC 18028-2:2006 defines a network security architecture for providing end-to-end network security. The architecture can be applied to various kinds of networks where end-to-end security is a concern, and independently of the network's underlying technology. The objective of this part of ISO/IEC 18028 is to serve as a foundation for developing the detailed recommendations for the end-to-end network security.
Contents:
- Scope
- Normative references
- Terms and definitions
- Abbreviations
- Reference architecture for network security
- Security dimensions
- Security layers
- Security planes
- Security threats
- Description of the objectives achieved by application of security dimensions to security layers
- Bibiography