BS ISO/IEC 18028-4:2005 - Information technology. Security techniques. IT network security. Securing remote access – BSI British Standards

BS ISO/IEC 18028-4:2005

Information technology. Security techniques. IT network security. Securing remote access

Status : Current   Published : June 2005



In Information Technology there is an ever increasing need to use networks within organizations and between organizations. Requirements have to be met to use networks securely. The area of remote access to a network requires specific measures when IT security should be in place. BS ISO/IEC 18028 provides guidance for accessing networks remotely - either for using email, file transfer or simply working remotely. This part looks specifically at different types and techniques of remote access connection, and securing access and the connection.


  • Scope
  • Terms, definitions and abbreviated terms
  • Aim
  • Overview
  • Security requirements
  • Types of remote acess connection
  • Techniques of remote acess connection
  • Guidelines for selection and configuration
  • Conclusion
  • Annex A - Sample remote access security policy
  • Annex B - RADIUS implementation and deployment best practices
  • Annex C - The two modes of FTP
  • Annex D - Checklists for secure mail service
  • Annex E - Checklists for secure web services
  • Annex F - Checklists for secure web services
  • Bibliography

Standard NumberBS ISO/IEC 18028-4:2005
TitleInformation technology. Security techniques. IT network security. Securing remote access
Publication Date10 June 2005
Normative References(Required to achieve compliance to this standard)No other standards are normatively referenced
Informative References(Provided for Information)ISO/IEC TR 13335-4:2000, ISO/IEC TR 13335-5:2001, ISO/IEC 17799:2000, ISO/IEC 18033-3, NIST Special Publication 800-44:2002, NIST Special Publication 800-45:2002, NIST Special Publication 800-46:2002, NIST Special Publication 800-48:2002, IETF RFC 768:1980, IETF RFC 821:1982, IETF RFC 959:1985, IETF RFC 1055:1988, IETF RFC 1334:1992, IETF RFC 1413:1993, IETF RFC 1939:1996, IETF RFC 1991:1996, IETF RFC 1994:1996, IETF RFC 2045:1996, IETF RFC 2060:1996, IETF RFC 2131:1997, IETF RFC 2139:1997, IETF RFC 2246:1999, IETF RFC 2284:1998, IETF RFC 2401:1998, IETF RFC 2406:1998, IETF RFC 2440:1998, IETF RFC 2631:1999, IETF RFC 2632:1999, IETF RFC 2633:1999, IETF RFC 2865:2000, IETF RFC 3162:2001, IETF RFC 3369:2002, IETF RFC 3370:2002
International RelationshipsISO/IEC 18028-4:2005
Draft Superseded By03/652684 DC
DescriptorsData security, Data processing, Computer technology, Computer networks, Communication networks, Teleprocessing, Data representation
Title in FrenchTechnologies de l'information. Techniques de securite. Securite de reseaux TI. Teleacces de la securite
ISBN0 580 45922 5
File Size464.4 KB

 Your basket
Your basket is empty

Multi-user access to over 3,500 medical device standards, regulations, expert commentaries and other documents


Access, view and download standards with multiple user access, across multiple sites with BSOL

Tracked Changes

Understand the changes made to a standard with our new Tracked Changes version

Develop a PAS

Develop a fast-track standardization document in 9-12 months