ANSI INCITS ISO IEC 18028-4-2005 Information technology - Security techniques - IT network security - Part 4 Securing remote access《信息技术.安全技术.IT网络安全.第4部分 远程访问安全》.pdf
《ANSI INCITS ISO IEC 18028-4-2005 Information technology - Security techniques - IT network security - Part 4 Securing remote access《信息技术.安全技术.IT网络安全.第4部分 远程访问安全》.pdf》由会员分享,可在线阅读,更多相关《ANSI INCITS ISO IEC 18028-4-2005 Information technology - Security techniques - IT network security - Part 4 Securing remote access《信息技术.安全技术.IT网络安全.第4部分 远程访问安全》.pdf(50页珍藏版)》请在麦多课文档分享上搜索。
1、INCITS/ISO/IEC 18028-4-2005 (ISO/IEC 18028-4:2005, IDT) Information technology Securitytechniques IT network security Part 4: Securing remote accessINCITS/ISO/IEC 18028-4-2005 (ISO/IEC 18028-4:2005, IDT)Copyright American National Standards Institute Provided by IHS under license with ANSI Not for R
2、esaleNo reproduction or networking permitted without license from IHS-,-,-INCITS/ISO/IEC 18028-4-2005 ii ITIC 2005 All rights reserved PDF disclaimer This PDF file may contain embedded typefaces. In accordance with Adobes licensing policy, this file may be printed or viewed but shall not be edited u
3、nless the typefaces which are embedded are licensed to and installed on the computer performing the editing. In downloading this file, parties accept therein the responsibility of not infringing Adobes licensing policy. The ISO Central Secretariat accepts no liability in this area. Adobe is a tradem
4、ark of Adobe Systems Incorporated. Details of the software products used to create this PDF file can be found in the General Info relative to the file; the PDF-creation parameters were optimized for printing. Every care has been taken to ensure that the file is suitable for use by ISO member bodies.
5、 In the unlikely event that a problem relating to it is found, please inform the Central Secretariat at the address given below. Adopted by INCITS (InterNational Committee for Information Technology Standards) as an American National Standard.ate of ANSI Approval: 11/3/2005 Published by American Nat
6、ional Standards Institute, 25 West 43rd Street, New York, New York 10036 Copyright 2005 by Information Technology Industry Council (ITI). All rights reserved. These materials are subject to copyright claims of International Standardization Organization (ISO), International Electrotechnical Commissio
7、n (IEC), American National Standards Institute (ANSI), and Information Technology Industry Council (ITI). Not for resale. No part of this publication may be reproduced in any form, including an electronic retrieval system, without the prior written permission of ITI. All requests pertaining to this
8、standard should be submitted to ITI, 1250 Eye Street NW, Washington, DC 20005. Printed in the United States of America Copyright American National Standards Institute Provided by IHS under license with ANSI Not for ResaleNo reproduction or networking permitted without license from IHS-,-,-INCITS/ISO
9、/IEC 18028-4-2005 ITIC 2005 All rights reserved iii Contents Page Foreword .v Introduction vi 1 Scope 1 2 Terms, definitions and abbreviated terms.1 3 Aim 5 4 Overview .6 5 Security requirements 7 6 Types of remote access connection 8 7 Techniques of remote access connection 9 7.1 General9 7.2 Acces
10、s to communications servers 9 7.3 Access to LAN resources 13 7.4 Access for maintenance. 14 8 Guidelines for selection and configuration . 14 8.1 General 14 8.2 Protecting the RAS client . 15 8.3 Protecting the RAS server . 16 8.4 Protecting the connection 17 8.5 Wireless security 18 8.6 Organizatio
11、nal measures . 19 8.7 Legal considerations 20 9 Conclusion 20 Annex A (informative) Sample remote access security policy 21 A.1 Purpose. 21 A.2 Scope 21 A.3 Policy 21 A.4 Enforcement . 22 A.5 Terms and definitions 23 Annex B (informative) RADIUS implementation and deployment best practices . 24 B.1
12、General 24 B.2 Implementation best practices 24 B.3 Deployment best practices 25 Annex C (informative) The two modes of FTP 27 C.1 PORT-mode FTP . 27 C.2 PASV-mode FTP . 27 Annex D (informative) Checklists for secure mail service . 29 D.1 Mail server operating system checklist . 29 D.2 Mail server a
13、nd content security checklist 30 D.3 Network infrastructure checklist . 31 D.4 Mail client security checklist 32 D.5 Secure administration of mail server checklist . 32 Annex E (informative) Checklists for secure web services . 34 E.1 Web server operating system checklist 34 E.2 Secure web server in
14、stallation and configuration checklist 35 E.3 Web content checklist 36 Copyright American National Standards Institute Provided by IHS under license with ANSI Not for ResaleNo reproduction or networking permitted without license from IHS-,-,-INCITS/ISO/IEC 18028-4-2005 iv ITIC 2005 All rights reserv
15、ed E.4 Web authentication and encryption checklist. 37 E.5 Network infrastructure checklist . 37 E.6 Secure web server administration checklist . 38 Annex F (informative) Wireless LAN security checklist . 40 Bibliography . 42 Copyright American National Standards Institute Provided by IHS under lice
16、nse with ANSI Not for ResaleNo reproduction or networking permitted without license from IHS-,-,-INCITS/ISO/IEC 18028-4-2005 ITIC 2005 All rights reserved v Foreword ISO (the International Organization for Standardization) and IEC (the International Electrotechnical Commission) form the specialized
17、system for worldwide standardization. National bodies that are members of ISO or IEC participate in the development of International Standards through technical committees established by the respective organization to deal with particular fields of technical activity. ISO and IEC technical committee
18、s collaborate in fields of mutual interest. Other international organizations, governmental and non-governmental, in liaison with ISO and IEC, also take part in the work. In the field of information technology, ISO and IEC have established a joint technical committee, ISO/IEC JTC 1. International St
19、andards are drafted in accordance with the rules given in the ISO/IEC Directives, Part 2. The main task of the joint technical committee is to prepare International Standards. Draft International Standards adopted by the joint technical committee are circulated to national bodies for voting. Publica
20、tion as an International Standard requires approval by at least 75 % of the national bodies casting a vote. Attention is drawn to the possibility that some of the elements of this document may be the subject of patent rights. ISO and IEC shall not be held responsible for identifying any or all such
21、patent rights. ISO/IEC 18028-4 was prepared by Joint Technical Committee ISO/IEC JTC 1, Information technology, Subcommittee SC 27, IT Security techniques. ISO/IEC 18028 consists of the following parts, under the general title Information technology Security techniques IT network security: Part 2: N
22、etwork security architecture Part 3: Securing communications between networks using security gateways Part 4: Securing remote access Network security management and securing communications between networks using Virtual Private Networks will form the subjects of the future Parts 1 and 5, respectivel
23、y. Copyright American National Standards Institute Provided by IHS under license with ANSI Not for ResaleNo reproduction or networking permitted without license from IHS-,-,-INCITS/ISO/IEC 18028-4-2005 vi ITIC 2005 All rights reserved Introduction In Information Technology there is an ever increasin
24、g need to use networks within organizations and between organizations. Requirements have to be met to use networks securely. The area of remote access to a network requires specific measures when IT security should be in place. This part of ISO/IEC 18028 provides guidance for accessing networks remo
- 1.请仔细阅读文档,确保文档完整性,对于不预览、不比对内容而直接下载带来的问题本站不予受理。
- 2.下载的文档,不会出现我们的网址水印。
- 3、该文档所得收入(下载+内容+预览)归上传者、原创作者;如果您是本文档原作者,请点此认领!既往收益都归您。
下载文档到电脑,查找使用更方便
10000 积分 0人已下载
下载 | 加入VIP,交流精品资源 |
- 配套讲稿:
如PPT文件的首页显示word图标,表示该PPT已包含配套word讲稿。双击word图标可打开word文档。
- 特殊限制:
部分文档作品中含有的国旗、国徽等图片,仅作为作品整体效果示例展示,禁止商用。设计者仅对作品中独创性部分享有著作权。
- 关 键 词:
- ANSIINCITSISOIEC1802842005INFORMATIONTECHNOLOGYSECURITYTECHNIQUESITNETWORKSECURITYPART4SECURINGREMOTEACCESS

链接地址:http://www.mydoc123.com/p-436257.html