Objective of Meeting
Summary
Outputs
Next Steps
Links
Sponsoring Forum(s):
Security
|
Meeting Report
Security Forum Report
Cannes, France - Thursday, October 17 2002
Objective of Meeting
Review the current work projects in the Security Forum and balance these against
available resources to produce a clear view up to 12-months ahead of Security Forum
projects and deliverables.
Summary
This meeting was attended by 8 members of the Security Forum
Current Projects
- Identity Management
Assessments on recent developments in the Liberty Alliance and WS-Security initiatives,
and how far they meet the requirements for Identity Management identified in The Open
Group Identity
Management business scenario and by the New York
Stock Exchange's Securities Industry Middleware Council
Identity Management Initiative.
- Access Control
Development of business scenario
- Security Design Patterns
Delivered tutorial on use of Design Patterns on Tuesday evening in Cannes meeting, and ran
Security Design Patterns application workshop on Wednesday afternoon in Cannes meeting.
This concluded material for completing the Security Design Patterns version 1 technical
guide. We aim for publication by end 2002.
- Project ALPINE
Review of Active Loss Prevention Initiative's current 3 projects under this program, and
proposals for the other 2 project slots under this program
- Intrusion Attack workshop
Report on progress and provision of support activities to the 2 project leaders, for
delivery of this workshop as part of the plenary in the San Francisco meeting (Feb 2003)
- Response to US Government National Strategy to Secure Cyberspace
Deadline for response comments is 18 Nov 2002
- Progress on Managers Guides:
- Data Privacy - completion by 28 Nov 2002
- Working with PKI - being re-assessed, n longer in 2002 deliverables
- Secure Email – joint with Messaging Forum, draft for review in San Francisco
meeting (Feb 2003)
- Digital Rights Management
White paper delivered – available from www.opengroup.org/sec-guides/
. Opportunities for technical solutions under consideration.
Future Projects and Deliverables
- Continue joint Forums project on Identity Management
- Continue joint Forums project on Access Control business scenario
- Maintain mutual interests in Risk Management projects with the Active Loss Prevention
Initiative, particularly with the ALPINE project
- Managers Guides:
- Data Privacy – handover by 28 Nov for publication
- Working with PKI – under reconsideration
- Secure Email – joint project with Messaging Forum; 1st draft for review in San
Francisco q103 meeting
- Under consideration - Security Perimeter Protection: Firewalls & VPNs
- Security Design Patterns technical guide: publish by Dec 2002
- Response to US Government National Strategy to Secure Cyberspace
Submit response by deadline of 18 November 2002
- Digital Rights Management
White Paper on DRM delivered. Now consider putative architecture & explore
opportunities (including with OMA) for standardization of identified interfaces.
- Progress Intrusion Attack workshop to be staged in San Francisco q103 meeting plenary
– Saving Private Data, in 2 Acts and several scenes.
- Potential for a follow-on Intrusion Attack & Response managers guide, around
mid-2003
Outputs
Updated view of Security Forum projects and deliverables.
Next Steps
Update the Security Forum Future Strategy and Roadmap Web pages in accordance with the
revised input from this q402 Cannes meeting.
Links
Security Forum Strategy and Roadmap Web page at
www.opengroup.org/security/planning.htm
|
