Home · About · A-Z Index · Search · Contacts · Press · Register · Login

Plans


Members Only




How to Join




Topic Telecons


Recent News

Members

Presentations

Publications

Links

Past Projects



Forum Data Sheets


Contact Us



You are here: Forums->Security Forum->Plans

Current Projects

  • Trust Models - technical guide, due April 2006
  • Framework for Control of Electronic Chattel Paper - guide published jointly with the American Bar Association, due Feb 2006.
  • Identity Management - joint activity in the Identity Management Forum. Business Scenario published. White Paper published. See the IdM Web page at www.opengroup.org/projects/idm/. The follow-on activities are aimed at  building on the published business scenario and white paper, to develop further IdM deliverables:
    • IdM Implementation Catalog - due June 2006)
    • Guide to IdM Architectures - due April 2006)
    • IdM Standards Framework - joint with INCITS CS1 and ISO JTC1 SC27, due in 2007)
    • Common Core Identifiers - joint activity with NAC & DMTF, due in April 2006)
    • Design Patterns for IdM - ongoing development, with no delivery date yet defined.
  • Managers Guide to Identity & Authentication, split into 3 Managers Guides - ongoing project with no closing date yet set:
    • Manager's Guide to Identity Lifecycle Management
    • Manager's Guide to Identity Access Management
    • Manager's Guide to PKI-based Identity Management
  • Security in Data - technical guide, no completion date yet set.
  • Security Strategy - white paper, target for July 2006 delivery, see the sec-strategy Web page

Recent Deliverables

  • Identity Management White Paper - delivered and published January 2004
  • ALPINE project deliverables - completed and published April 2004
    • Trust Services Mapping
    • Liability for Mobile Transactions
    • Security Policy Management
    • Dependable Embedded Systems
    • Trust Marks
  • Technical Guide to Security Design Patterns - published April 2004.
  • Digital Rights Management - technical guide - published December 2005
  • Framework for Control of Electronic Chattel Paper - joint publication with the American Bar Association - published December 2005.
  • Security in TOGAF ADM (Architecture Development Model) - white paper published in Nov 2005.

Proposed New Projects

Further information on these new projects is available on the members-only plans page.

  • Technical Guide on Identity Theft
  • Technical Guide on Security in Data (perimeter security outside the desktop)
  • Updating XBSS to raise the barrier for baseline security, and include new requirements on privacy (in EU and other global markets), due care considerations, and measures which will afford some legal protection.
  • Security for laptops
  • A neutral web services security architecture along the lines of what the Security Forum produced as the APKI.
  • XSSO and PAM - updated standard
  • SAML interoperability
  • Guide to Perimeter Security - VPNs and Firewalls Security Countermeasures is an alternative title.
  • Managers Guide to Authorization
  • Managers Guide to Access Control
  • Managers Guide to Security Policy in Principle & Practice
  • Managers Guide to Security Basics
  • Managers Guide to Federation Credentials
  • Managers Guide to Risk Managed Security
  • Managers Guide to Enterprise Vulnerability Management
  • Managers Guide to Services for Regulatory Compliance
  • Regulators Guide to Information Security

Other Activities

Expert Briefings

Widen the area of interest in the Security Forum by including varied Security Briefing sessions in which invited experts from selected vertical market sectors give presentations, as part of an outreach effort to grow our membership. This includes providing tutorials explaining security issues from both technology and business perspectives, particularly for legal/regulatory issues, vertical industry sectors, certification schemes, AES, PKI, Real Time operating systems, intrusion detection, evidence collecting (forensics), Privacy, Public Infrastructure (converting Intranets to Internet), and Security Economics (risk versus cost).

Joint Working Groups

Provide security expertise in joint project work with other Open Group forums, to ensure appropriate information security in their deliverables, and to address cross-discipline issues are properly addressed. Current joint working activities include:

  • the Real-Time Group, on protection profiles
  • the Messaging Forum, on a Guide to secure Messaging
  • the Directory Interoperability Forum, on Identity Management
  • the Architecture Forum, on architectures for Security and Boundaryless Information Flow

External Liaisons

The Security Forum monitors work in other information security consortia, and seeks to set up mutually beneficial working relationships whereever possible, to share expertise, harmonize solutions, and avoid duplication of effort. See our Links page for a list of these external consortia.

Strategy and Planning

The Security Forum holds regular strategy and planning reviews, evaluating progress on current projects & deliverables, proposed new projects & deliverables, new and emerging technologies, industry trends and priorities, and new opportunities to leverage resources. The outcome of each review results in updates to our work priorities aimed at optimizing the value of our deliverables. These updates are reflected directly in updates to this page.


Home · Contacts · Legal · Copyright · Members · News
© The Open Group 1995-2020