April 13, 1995 John Lowry Senior Member of the Technical Staff Bolt Beranek and Newman, Inc. 70 Fawcett St Cambridge, MA. 02138 email: jlowry@bbn.com (617) 873-2435 Direct (617) 873-4086 Fax Project: Location Independent Information Object Security (IOS) Bolt Beranek and Newman, Inc. (BBN), under contract to the Advanced Research Projects Agency (ARPA), has developed the Information Object Security (IOS) Tools. These tools use object identifiers which are registered as Computer Security Objects. ARPA has unlimited rights in the software containing the objects. BBN specified, created, and named the objects under contract to ARPA, and remains the primary point of contact on all questions regarding naming conflicts. The NIST Computer Security Objects Register (CSOR) assumes no responsibility pertaining to any inquiry regarding ownership or naming conflicts. The IOS software is publicly available and can be obtained on the Internet for anonymous ftp at ests.bbn.com. Object naming information ------------------------- IOS Components: 2.16.840.101.3.3.0 iosp (3) components (0) id-ios-components Object definition and description --------------------------------- The Location Independent Information Object Security (IOS) project defines components as the separate building blocks that are used singly or in combination with others to achieve a variety of security services. The types of components are: Data component (id-ios-dataComponent) Access Control component (id-ios-accessControlComponent) Confidentiality component (id-ios-confidentialityComponent) Signature component (id-ios-signatureComponent) Key Management component (id-ios-keyManagementComponent) Annotation component (id-ios-annotationComponent) Object usage and rules ----------------------- Components are generally grouped in a structure called a Component List: ComponentList ::= SEQUENCE { version IOS-Version DEFAULT 0, list SEQUENCE OF Components } IOS-Version ::= INTEGER { 0 (0)} Every IOS component contains a DataID structure (defined in each of the individual component types) that provides a unique identification for a component. Most components can point to one or more other components and can be pointed to by one or more other components. For example, a data component may be pointed to by more than one signature component. The pointers are in the structure: ReferenceID ::= SEQUENCE OF DataID and are in the definition for the each of the component types that can reference other components.