Cybersecurity/Network and Information security

Available (158)

Showing 49 - 60 per page



Power systems management and associated information exchange - Data and communications security - Part 9: Cyber security key management for power system equipment

IEC 62351-9:2017 specifies cryptographic key management, namely how to generate, distribute, revoke, and handle public-key certificates and cryptographic keys to protect digital data and its communication. Included in the scope is the handling of asymmetric keys (e.g. private keys and public-key certificates), as well as symmetric keys for groups (GDOI). This document assumes that other standards have already chosen the type of keys and cryptography that will be utilized, since the cryptography algorithms and key materials chosen will be typically mandated by an organization’s own local security policies and by the need to be compliant with other international standards. This document therefore specifies only the management techniques for these selected key and cryptography infrastructures. The objective is to define requirements and technologies to achieve interoperability of key management. The purpose of this document is to guarantee interoperability among different vendors by specifying or limiting key management options to be used. This document assumes that the reader understands cryptography and PKI principles.

IEC 62351-9:2017

Proof-of-concept for data service using information centric networking in IMT-2020

This Supplement specifies a proof-of-concept for a service that provides named data such as Internet of Things (IoT) named data by information centric networking in IMT-2020. In the Supplement, an enhanced name resolution system is implemented based on distance-constrained containers to resolve from names to addresses more efficiently.

Security reference architecture for lifecycle management of e-commerce business data

Recommendation ITU-T X.1040 analyses the main features and typical threats faced by e‑commerce service ecosystems, and provides a security reference architecture for lifecycle management of e-commerce business data.

ITU-T X.1040

Information technology — Cybersecurity — Overview and concepts

This document provides the overview of cybersecurity. The terms and definitions provided in this document — describe cybersecurity and relevant concepts do not cover all terms and definitions applicable to cybersecurity; do not limit other standards in defining new cybersecurity- related terms for use

ISO/IEC TS 27100:2020 

Web Cryptography API

This specification describes a JavaScript API for performing basic cryptographic operations in web applications, such as hashing, signature generation and verification, and encryption and decryption. Additionally, it describes an API for applications to generate and/or manage the keying material necessary to perform these operations. Uses for this API range from user or service authentication, document or code signing, and the confidentiality and integrity of communications.

Hybrid Cloud Security Services

As businesses are developing rapidly, and IT infrastructures are constantly diversified, a single public / private cloud or a traditional on-premises datacenter is no longer able to meet service requirements in terms of costs, performance, scalability, security, and compatibility. Users are increasingly choosing hybrid clouds to meet their needs. Hybrid clouds take advantage of various clouds and traditional IT infrastructures and work systematically to benefit the users based on their service requirements.However, hybrid clouds pose new security risks, bringing a few challenges on security protection. This initiative aims to develop a security white paper specifying hybrid cloud security risks and countermeasures, helping users identify and reduce risk. This initiative proposes to provide suggestions on hybrid cloud governance, hybrid cloud threat profiles, and hybrid cloud security evaluation, guiding both users and cloud service providers to choose and provide secure hybrid cloud solutions, and promoting security planning and implementation.

OASIS Cross-Enterprise Security and Privacy Authorization (XSPA) TC

The OASIS XSPA TC works to standardize the way healthcare providers, hospitals, pharmacies, and insurance companies exchange privacy policies, consent directives, and authorizations within and between healthcare organizations. The OASIS Cross-Enterprise Security and Privacy Authorization (XSPA) Technical Committee will specify healthcare profiles of existing OASIS standards to support reliable, auditable methods of confirming personal identity, official authorization status, and role attributes. This work aligns with security specifications being developed within the U.S. Healthcare Information Technology Standards Panel (HITSP).