		INTERNATIONAL  TELECOMMUNICATION  UNION

		     ITU-T RECOMMENDATION SUMMARY


Rec. No. : X.800

Title :	Security architecture for open systems interconnection for 
	CCITT applications

Study Group : VII - Data Communications Networks

Version : New

Date of adoption : 1991

Notes :	

Recommendation X.200 describes the Reference Model for open systems 
interconnection (OSI). It establishes a framework for coordinating the 
development of existing and future Recommendations for the 
interconnection of systems. At various times, security controls must 
be established in order to protect the information exchanged between 
the application processes.

Recommendation X.800 defines the general security-related 
architectural elements which can be applied appropriately in the 
circumstances for which protection of communication between open 
systems is required. It establishes, within the framework of the 
Reference Model, guidelines and constraints to improve existing 
Recommendations or to develop new Recommendations in the context of 
OSI in order to allow secure communications and thus provide a 
consistent approach to security in OSI. Recommendation X.800 extends 
the Reference Model (Recommendation X.200) to cover security aspects 
which are general architectural elements of communications protocols, 
but which are not discussed in the Reference Model 
Recomendation X.800:

	a) provides a general description of security services and 
	   related mechanisms, which may be provided by the Reference 
	   Model; and

	b) defines the positions within the Reference Model where the 
	   services and mechanisms may be provided.

Basic security services and mechanisms and their appropriate placement 
have been identified for all layers of the Reference Model. In 
addition, the architectural relationships of the security services and 
mechanisms to the Reference Model have been identified. Additional 
security measures may be needed in end systems, installations and 
organizations. These measures apply in various application contexts.

OSI security functions are concerned only with those visible aspects 
of a communications path which permit end systems to achieve the 
secure transfer of information between them. OSI security is not 
concerned with security measures needed in end systems, installations, 
and organizations, except where these have implications on the choice 
and position of security services visible in OSI. These latter aspects 
of security may be standardized but not within the scope of OSI 
Recommendations.

Recommendation X.800 is not an implementation specification, nor is 
it a basis for appraising the conformance of actual implementations.



To order the complete text of this Recommendation, please use the 
Order Form for ITU-T Recommendations. An electronic version of this 
form is available on ITUDOC (Winword 2.0: UPI=ITU-5265; ASCII: UPI=ITU-2488).