Security Standards: BS 7799, ISO17799 and ISO27001
August 10, 2009
Security standards measures the security policies and personal employee securities and also planning about the business continuity. Here I have explained about the most popular Security standard published by British Standards and ISO,
ISO17799 and ISO 27001
This standard was published as BS 9977 by the British Standard Institute in 1995. It was written by UK governments Department of Trade and Industry. After several revisions it was adopted by ISO 27000 in October 2005.
This standard covers Information Security Management System and Guidelines for Information security Risk Management.
BS7799 has some set of rules in it they are as follows,
1. Security policy
2. Security Organization
3. Assert classification & control
4. Personal Security
5. Physical and Environmental Security
6. Access control Security
7. System Development and Maintenance
8. Communications and Operations management
9. Business Continuity planning
ISO 17799 is most widely recognized security standard.
ISO 17799 is the set of security control. It measures the safeguard for potential implementation. Rules of the ISO17799,
2. Terms and definitions
3. Security Policy
4. Security Organization
5. Asset Classification and Control
6. Personnel Security
7. Physical and Environmental Security
8. Communications and Operations Management
9 Access Control
10. System Development and Maintenance
This is a specification for Information Security Management System (ISMS), it measures, manages and controls the security management, the major processes are,
1. Define the scope of the ISMS
2. Undertake a risk assessment
3. Manage the risk
4. Select control objectives and controls to be implemented
5. Prepare a statement of applicability.
Established alternative security portal
The ISO 17799 Directory
Information Security Policies
A Security Policy Portal
Business Continuity World
Directory for Business Continuity Planning
Disaster Recovery World
Disaster Recovery Planning Portal
Major Windows￢ﾀﾙs security resource
Department of Information technology conducts the Information Security Practical Approach as a 2 weeks course.
By sathish kumar, On 2/18/08 3:10 AM
ITU-T has provided many standards for information and communications technologies. A simple telephone calls, SMS, or receive streaming video to our mobile phone or computer an ITU-T Recommendation will have played a fundamental role in it.
Some of the ITU-T Recommendations
Organization of the work of ITU-T
Means of expression: definitions, symbols, classification
General telecommunication statistics
General tariff principles
Overall network operation, telephone service, service operation and human factors
Non-telephone telecommunication services
Transmission systems and media, digital systems and networks
Audiovisual and multimedia systems
Integrated services digital network
IEEE has provided many standards for Telecommunications,
IEEE 187:1990 (R1995)￢ﾀﾔIEEE standard on radio receivers: Open field method of measurement of spurious radiation from FM and television broadcast receivers.
IEEE 211:1997￢ﾀﾔIEEE standard definitions of terms for radio wave propagation.
IEEE 269:1992￢ﾀﾔIEEE standard methods for measuring transmission performance of analog and digital telephone sets.
IEEE 377:1980 (R1997)￢ﾀﾔIEEE recommended practice for measurement of spurious emission from land-mobile communication transmitters.
IEEE 743:1995￢ﾀﾔIEEE standard equipment requirements and measurement techniques for analog transmission parameters for telecommunications.
IEEE 802.3:2002￢ﾀ ﾔIEEE standard for information technology￢ﾀﾔTelecommunications and information exchange between systems￢ﾀﾔLocal and metropolitan area networks￢ﾀﾔSpecific requirements￢ﾀﾔPart 3: Carrier senses multiple accesses with collision detection (CSMA/CD) Access method and physical layer specifications.
IEEE 802.5v:2001￢ﾀ ﾔIEEE standard for information technology￢ﾀﾔTelecommunications and information exchange between systems￢ﾀﾔLocal and metropolitan area networks￢ﾀﾔSpecific requirements￢ﾀﾔPart 5: Token ring access method and physical layer specifications; Amendment 5: Gigabit token ring operation.
IEEE 802.11:1999￢ﾀ ﾔIEEE standard for information technology￢ﾀﾔTelecommunications and information exchange between systems￢ﾀﾔLocal and metropolitan networks￢ﾀﾔSpecific requirements￢ﾀﾔPart 11: Wireless LAN medium-access control (MAC) and physical layer (PHY) specifications.
IEEE 802.11a:1999￢ﾀ ﾔIEEE standard for telecommunications and information exchange between systems￢ﾀﾔLAN/MAN specific requirements￢ﾀﾔPart 11: Wireless medium-access control (MAC) and physical layer (PHY) specifications: High-speed physical layer in the 5 GHz band.
IEEE 802.11b:1999/Cor 1:2001￢ﾀ ﾔIEEE standard for information technology￢ﾀﾔTelecommunications and information exchange between systems￢ﾀﾔLocal and metropolitan networks￢ﾀﾔSpecific requirements￢ﾀﾔPart 11: Wireless LAN medium-access control (MAC) and physical layer (PHY) specifications: Higher-speed physical layer (PHY) extension in the 2.4 GHz band￢ﾀﾔCorrigendum 1.
IEEE 802.15.1:2001￢ﾀ ﾔstandard for telecommunications and information exchange between systems￢ﾀﾔLAN/MAN￢ﾀﾔSpecific requirements￢ﾀﾔPart 15: Wireless medium-access control (MAC) and physical layer (PHY) specifications for wireless personal-area networks (WPAN).
IEEE 802.16:2001￢ﾀﾔIEEE local and metropolitan area networks￢ﾀﾔPart 16: Standard air interface for fixed broadband wireless access systems.
IEEE 820:1984 (R1999)￢ﾀﾔIEEE standard telephone loops performance characteristics.
Some of the Forums and Consortia have provided support for Telecommunication standards:
1. ATM Forum
2. DSL Forum
3. IPv6 Forum
5. China Wireless telecommunication forum