ATIS Telecom Glossary
Saturday, December 20, 2014

A B C D E F G H I
J K L M N O P Q R
S T U V W X Y Z  
Go
 
Glossary Home
Foreword
Introduction
Normative References
Using the ATIS Telecom Glossary
Annex A: Informative References
 
 
 
<< Back
security policy

1. The overall principles, regulations, requirements, and/or procedures which govern security as expressed by a responsible security authority: Examples: National security policy, Departmental security policy. Note: Responsibility for security may be delegated by Departmental Security Officers to System Managers in accordance with a System Security Policy [CESG]. 2. A set of rules that specify the procedures and mechanisms required to maintain the security of a system, and the security objects and the security subjects under the purview of the policy [ECMATR46]. 3. A set of rules which define and constrain the types of security- relevant activities of entities [ECMA138]. 4. The set of criteria for the provision of security services (see also identity-based and rule-based security policy.) [7498-2]. Note: A complete security policy will necessarily address many concerns which are outside the scope of OSI. 5. See Corporate Security Policy, System Security Policy, Technical Security Policy [ITSEC]. 6. The set of laws, rules, and practices that regulate how an organization manages, protects, and distributes sensitive information [POSIX.6]. 7. The set of laws, rules, and practices that regulate how an organization manages, protects, and distributes sensitive information [TCSEC].

 

 

 

 

 

 

 

 

 

 



 
These definitions were prepared by ATIS Committee PRQC
 
For more information on the work related to these definitions,
please visit the ATIS website and the ATIS Document Center