Members Only
How to Join
Topic Telecons
Recent News
Members
Presentations
Publications
Links
Past Projects
Forum Data Sheets
Contact Us
|
You are here: Forums->Security Forum->Plans
Current Projects
- Trust Models - technical guide, due April 2006
- Framework for Control of Electronic Chattel Paper - guide published jointly with the
American Bar Association, due Feb 2006.
- Identity Management - joint activity in the Identity Management Forum. Business Scenario
published. White Paper published. See the IdM Web page at www.opengroup.org/projects/idm/. The
follow-on activities are aimed at building on the published business scenario and
white paper, to develop further IdM deliverables:
- IdM Implementation Catalog - due June 2006)
- Guide to IdM Architectures - due April 2006)
- IdM Standards Framework - joint with INCITS CS1 and ISO JTC1 SC27, due in 2007)
- Common Core Identifiers - joint activity with NAC & DMTF, due in April 2006)
- Design Patterns for IdM - ongoing development, with no delivery date yet defined.
- Managers Guide to Identity & Authentication, split into 3 Managers Guides - ongoing
project with no closing date yet set:
- Manager's Guide to Identity Lifecycle Management
- Manager's Guide to Identity Access Management
- Manager's Guide to PKI-based Identity Management
- Security in Data - technical guide, no completion date yet set.
- Security Strategy - white paper, target for July 2006 delivery, see the sec-strategy Web page
Recent Deliverables
- Identity Management White Paper -
delivered and published January 2004
- ALPINE project deliverables - completed
and published April 2004
- Trust Services Mapping
- Liability for Mobile Transactions
- Security Policy Management
- Dependable Embedded Systems
- Trust Marks
- Technical Guide to Security
Design Patterns - published April 2004.
- Digital Rights Management - technical guide - published December 2005
- Framework for Control of Electronic Chattel Paper - joint publication with the American
Bar Association - published December 2005.
- Security in TOGAF ADM (Architecture Development Model) - white paper published in Nov
2005.
Proposed New Projects
Further information on these new projects is available on the members-only plans
page.
- Technical Guide on Identity Theft
- Technical Guide on Security in Data (perimeter security outside the desktop)
- Updating XBSS to raise the barrier for baseline security, and include new requirements
on privacy (in EU and other global markets), due care considerations, and measures which
will afford some legal protection.
- Security for laptops
- A neutral web services security architecture along the lines of what the Security Forum
produced as the APKI.
- XSSO and PAM - updated standard
- SAML interoperability
- Guide to Perimeter Security - VPNs and Firewalls Security Countermeasures is an
alternative title.
- Managers Guide to Authorization
- Managers Guide to Access Control
- Managers Guide to Security Policy in Principle & Practice
- Managers Guide to Security Basics
- Managers Guide to Federation Credentials
- Managers Guide to Risk Managed Security
- Managers Guide to Enterprise Vulnerability Management
- Managers Guide to Services for Regulatory Compliance
- Regulators Guide to Information Security
Other Activities
Expert Briefings
Widen the area of interest in the Security Forum by including varied Security Briefing
sessions in which invited experts from selected vertical market sectors give
presentations, as part of an outreach effort to grow our membership. This includes
providing tutorials explaining security issues from both technology and business
perspectives, particularly for legal/regulatory issues, vertical industry sectors,
certification schemes, AES, PKI, Real Time operating systems, intrusion detection,
evidence collecting (forensics), Privacy, Public Infrastructure (converting Intranets to
Internet), and Security Economics (risk versus cost).
Joint Working Groups
Provide security expertise in joint project work with other Open Group forums, to
ensure appropriate information security in their deliverables, and to address
cross-discipline issues are properly addressed. Current joint working activities include:
- the Real-Time Group, on protection profiles
- the Messaging Forum, on a Guide to secure Messaging
- the Directory Interoperability Forum, on Identity Management
- the Architecture Forum, on architectures for Security and Boundaryless Information Flow
External Liaisons
The Security Forum monitors work in other information security consortia, and seeks to
set up mutually beneficial working relationships whereever possible, to share expertise,
harmonize solutions, and avoid duplication of effort. See our Links
page for a list of these external consortia.
Strategy and Planning
The Security Forum holds regular strategy and planning
reviews, evaluating progress on current projects & deliverables, proposed new projects
& deliverables, new and emerging technologies, industry trends and priorities, and new
opportunities to leverage resources. The outcome of each review results in updates to our
work priorities aimed at optimizing the value of our deliverables. These updates are
reflected directly in updates to this page. |