ISO/IEC Standard 15816

ISO/IEC Standard 15816 – Information technology -- Security techniques -- Security information objects for access control

Published under Risk Management
Title: ISO/IEC 15816:2002 - Information technology -- Security techniques -- Security information objects for access control
Source reference: http://www.iso.org/
(Note: this is a reference to the ISO page where the standard can be acquired. However, the standard is not free of charge, and its provisions are not publicly available. For this reason, specific provisions cannot be quoted).
Topic: Security management – Access control
Direct / indirect relevance Indirect. The text is a basic resource which can be used in access control issues, but contains no RM/RA obligations/methodologies as such.
Scope: Not publicly available ISO standard, which can be voluntarily applied.
Legal force: Nonbinding ISO standard.
Affected sectors: Generic. The standard can be applied by security professionals in any sector confronted by access control difficulties.
Relevant provision(s): The standard is not free of charge, and its provisions are not publicly available. For this reason, specific provisions cannot be quoted.

Generically, it is described as containing:

a) the definition of guidelines for specifying the abstract syntax of generic and specific Security Information Objects (SIOs) for Access Control;

b) the specification of generic SIOs for Access Control;

c) the specification of specific SIOs for Access Control. The scope of this Recommendation | International Standard covers only the "statics" of SIOs through syntactic definitions in terms of ASN.1 descriptions and additional semantic explanations. It does not cover the "dynamics" of SIOs, for example rules relating to their creation and deletion. The dynamics of SIOs are a local implementation issue.
Relevance to RM/RA: The standard allows security professionals to rely on a specific set of syntactic definitions and explanations with regard to SIOs, thus avoiding duplication or divergence in other standardisation efforts.
Browse the Topics

This site uses cookies to offer you a better browsing experience.
Aside from essential cookies we also use tracking cookies for analytics.
Find out more on how we use cookies.

Accept all cookies Accept only essential cookies