- Defines a model for management of the characteristics of associations between applications in a distributed system. The associations can be for interactive (e.g. VT) and non-interactive (e.g. FTAM) applications.
- Is a framework to provide achievement of availability, integrity and confidentiality of an association. It does not define how to use specific security mechanisms to protect an association.
- Defines an Association Context Information Model which is the “language” to manage the characteristics of associations.
- Defines Service and Protocol for association context management that meets the requirements for a Secure Association Service as defined in Standard ECMA-219.
- Maps association management to a (non-exclusive) set of application layer protocols: ACSE, ROSE, OSI-RPC.
- Is security policy independent. (e.g. an association might be either application- or system-initiated).
- Supports associations across multiple domains.
This Standard does not:
- Define mechanisms for: authentication, access control, confidentiality, integrity or cryptographic key management.
- Specify how security services like authentication, access control, confidentiality, integrity or cryptographic key management are applied to or initialised in an abstract-association, but it provides the framework to enable these services.
- Specify an Inter-Domain Facility
- Define an API which can service distributed applications to establish associations.
- Enforce Association Context Management, but defines a framework of how to achieve it in a standardised way.
The field of application of this Ecma Standard is the design and implementation of distributed open systems that support access of users to applications and access between distributed applications.