Home · About · A-Z Index · Search · Contacts · Press · Register · Login

Security Forum

Return to Security home page
Current work:

- Managers Guides


- Data Privacy


- Guide to PKI

- Identity Mgt

- Access Control

- Security Patterns

- Secure Messaging


Useful links:

Security topics

Info sources


How we work

Open Group Security Standards/Guides

Security Forum

The Security Forum has liaisons with other open Group Forums, and with other external consortia.

Links with Other Open Group Forums

  • Liaison with Architecture Forum
    on the use of patterns for decsribing architecture. The Security Pattern definitions being developed for the Guide to Security Patterns will be contributed to the Architecture Forum for inclusion (by reference or otherwise) in their next revision of TOGAF. Ongoing liaison is underway to ensure we maintain a consistent approach to the definition of patterns.
  • Liaison with Mobile Management Forum (MMF)
    on authentication, authorization and accounting in mobile environments. Recent re-organization into work areas has facilitated joint working on Access Control and Identity Management
  • Liaison with Directory Interoperability Forum (DIF)
    to ensure that development of LDAP technical standards do not contravene basic security requirements. Recent re-organization into work areas has facilitated joint working on Access Control, Identity Management, and PKI Guidelines & Manageability.
  • Messaging Forum
    on security aspects of their Secure Messaging Challenge. Recent re-organization into work areas has facilitated further joint working on Access Control, Identity Management, and PKI Guidelines & Manageability.
  • Real Time and Embedded Systems Forum (RTES)
    The Security Forum is working with the RTES Forum to define requirements of a secure real time operating system.

Links with Other Consortia

Our goal is to support and leverage existing security solutions from other industry groups, and only develop new solutions when necessary. Where possible, we therefore adopt and integrate relevant standards work contributed from our member companies, and from other industry consortia.

Among the working relationships we have developed with other consortia are:

  • OASIS (Organization for the Advancement of Structured Information Standards)
  • KRA (Key Recovery Alliance),
  • IETF (Internet Engineering Task Force),
  • W3C (World Wide Web Consortium),
  • ISF (International Security Forum),
  • ICX (International Commerce Exchange),
  • NACHA (North America Clearing House Association), BITS (Banking Industry Technology Secretariat),
  • ICC (Internet Chamber of Commerce),
  • OECD (Organization for Economic and Commercial Development),
  • ABA (American Bar Association),
  • FIX (Financial Information Exchange),
  • OBI (Open Buying on the Internet)
  • OTP (Open Transaction Protocol).
  • PKI Forum
  • ICX (International Commerce Exchange)

Liaisons that are currently active or in the process of being set up include the following:

Internet Engineering Task Force - IETF
The IETF (http://www.ietf.org) is a large open international community of network designers, operators, vendors, and researchers concerned with the evolution of the Internet architecture and the smooth operation of the Internet. It is open to any interested individual at no membership cost. Working groups are organized by topic into several areas (e.g., routing, transport, security, etc.). The Security working group of the IETF works on some IP layer activities, the TLS layer and intrusion detection.

World Wide Web Consortium - W3C
The W3C (http://www.w3.org) develops interoperable technologies (specifications, guidelines, software, and tools) to lead the Web to its full potential as a forum for information, commerce, communication, and collective understanding. We have particular interest in its standardization work on XML, as a common language for sharing information security information.

The Organization for the Advancement of Structured Information Standards (http://oasis-open.org/) is a non-profit, international
consortium that creates interoperable industry specifications for e-Business based on public standards such as XML and SGML, as well as others that are related to structured information processing, directory and transaction processing.

Center for Internet Security (CIS)
The mission of the CIS (http://www.cisecurity.org) is to help organizations around the world effectively manage the risks related to information security. CIS provides methods and tools to improve, measure, monitor, and compare the security status of
Internet-connected systems and appliances, particularly through Internet security benchmarks that it provides to its members.

The European Electronic Messaging Association (http://www.eema.org/) was formed in 1987, and has evolved its mission to continue through its members as the leading catalyst for e-Business in Europe. It has international links with other "messaging associations" in other continents, and has a wide customer-based membership.

The Information Security Forum (http://www.securityforum.org/ and previously known as the European Security Forum) is widely recognised as a provider of high quality, business-driven information security solutions. It is an independent, not-for-profit association. Its mission is to meet the ever-increasing demand for practical solutions to the security problems that surround protecting business information. The Forum undertakes an extensive work program funded from membership fees, and delivers the results of these programs to all members.

The International Information System Security Certification Consortium (http://www.isc2.org/) is a global, not-for-profit organization dedicated to providing IT security information and expertise to Governments, corporations, centers of higher learning, and other IT security-oriented organizations worldwide. Its mission is to provide a common platform for maintaining a common body of knowledge on information security, and certifying industry professionals and practitioners as profficient to recognized levels - Certified Information Systems Security Professional (CISSP), and System Security Certified Practitioner (SSCP).

For further information please contact Ian Dobson.



Next meeting
Past meetings

Other Conferences and Shows

Members Only

Enter Here

Who to Contact

Enter Here

Home · Contacts · Legal · Copyright · Members · News
© The Open Group 1995-2020