Objective of Meeting
Summary
Outputs
Next Steps
Links

 

Sponsoring Forum(s)

Security

Security Forum

Objective of Meeting

The Security Forum aimed to review and progress its current projects, review and update its work program and priorities in the light of existing developments, and establish actions to progress its activities between this meeting and the next (in Boston, July 19-23, 2004).

Summary

The Security Forum addressed the following topics in its meeting in Brussels on April 20-22, 2004. For members of the Security Forum, a more detailed report is available here.

  • Reviewed progress and actions (see slides) since previous meeting (Feb 2004 in San Diego) and revised priorities taking into account expected progress on our agenda of meeting sessions during this week.
  • Gathered members' feedback and discussion on their hot topics, current projects, business drivers, etc.
  • Continued its Identity Management program - joint with Directory and Messaging Forums - working on an Architecture Guide for IdM, on the Role of IdM in combating Spam, and considering a proposal to use UUID pairs for unique identity. For a report on this, see the meeting report for the Identity Management Work Area.
  • On Managers' Guides:
    • Reviewed and agreed how we will handle recent feedback on our Managers' Guide to Information Security (MGIS)
    • Agreed how we will resume work to complete our Managers' Guide to Identity & Authentication
  • Reviewed all existing and proposed new Security Forum projects, and re-evaluated their relative importance and current priorities
  • On Technical Guides:
    • Progressed our Guide to PKI Trust Models
    • Started our Digital Rights Management project
    • Considered initial input to our Identity Theft project, and our Security in Data project
  • On our Vulnerability Management (VM) program: 
    • Summarized our progress and current status
    • Considered proposals for projects which aim to address:
      • Writing software which is secure. This item took up the majority of the time available in this session. It will be the focus of our VM activities between this and the next meeting (Boston, July 2004).
      • Collaborating with legal consortia (e.g., the American Bar Association) and with regulators to contribute technical information in developing effective legal and regulatory regimes
      • Developing an industry-accepted metrics methodology for risk & vulnerability

Outputs

Achieved all the objectives set at the start of the meeting.

Next Steps

An actions list is available to members of the Security Forum, recording who has agreed to lead what activities on each of our projects between the end of this Brussels meeting and the start of the next meeting (Boston, July 2004). 

Links

See above.
Home · Contacts · Legal · Copyright · Members · News
© The Open Group 1995-2012  Updated on Wednesday, 28 April 2004