ISO/IEC 18028-4:2005 信息技术 安全技术 IT网络安全-第4部分： 安全远程登录

标准编号：ISO/IEC 18028-4:2005

中文名称：信息技术 安全技术 IT网络安全-第4部分： 安全远程登录

英文名称：Information technology — Security techniques — IT network security — Part 4: Securing remote access

发布日期：2005-04

标准范围

ISO/IEC 18028的总体目标是扩展ISO/IEC TR 13335中提供的IT安全管理指南，详细说明在更广泛的网络环境中实施网络安全保护和控制所需的具体操作和机制，在一般IT安全管理问题和网络安全技术实施之间提供桥梁。ISO/IEC 18028-4:20 05为安全使用远程访问（一种使用公共网络将计算机远程连接到另一台计算机或网络的方法）及其对IT安全的影响提供了指导。在本文中，它介绍了不同类型的远程访问，包括使用的协议，讨论了与远程访问相关的身份验证问题，并在安全设置远程访问时提供了支持。它旨在帮助计划使用这种连接或已经使用这种连接并需要如何安全设置和安全操作的建议的网络管理员和技术人员。

The general objectives of ISO/IEC 18028 are to extend the IT security management guidelines provided in ISO/IEC TR 13335 by detailing the specific operations and mechanisms needed to implement network security safeguards and controls in a wider range of network environments, providing a bridge between general IT security management issues and network security technical implementations.

ISO/IEC 18028-4:2005 provides guidance for securely using remote access - a method to remotely connect a computer either to another computer or to a network using public networks - and its implication for IT security. In this it introduces the different types of remote access including the protocols in use, discusses the authentication issues related to remote access and provides support when setting up remote access securely. It is intended to help network administrators and technicians who plan to make use of this kind of connection or who already have it in use and need advice on how to set it up securely and operate it securely.

标准预览图