Objective of Meeting
Summary
Outputs
Next Steps
Links
Sponsoring Forum
Security
|
Security Forum
Objective of Meeting
The Security Forum aimed to review and progress its current projects, review and update
its work program and priorities in the light of existing developments, and establish
actions to progress its activities between this meeting and the next.
This next meeting will be in
San Francisco, 24-28 January 2005, where the plenary theme will be "Architecting
Identity Management".
Summary
The Security Forum addressed the following topics in its meeting in Boston, July 20-22,
2004. For members of the Security Forum, a more detailed report, including the slide
presentations used during the meeting, is available here.
- Reviewed progress and actions since the previous meeting (July 2004 in Boston).
- Revised our Forum priorities taking into account our progress during this New Orleans
meeting.
- Shared industry news on events and interesting developments since the previous (July
2004) meeting.
- Continued our Identity Management program - joint with the Directory Interoperability
Forum. For more information, see the Identity Management meeting
report. The topics worked on included:
- Developing an Architecture Guide for IdM
- Core identity
- Interoperability test suites for *ML languages (DSML, XACML, SAML, etc.)
- Reviewed progress and agreed further actions on developing Technical Guides:
- Progressed our Guide to PKI Trust Models
- Progressed our Guide to Digital Rights Management
- Considered actions to work on Version 2 of our Guide to Security Design Patterns
- Initiated a new Guide on Security in Data
- Received a presentation on Security aspects of TOGAF and ADM, and discussed our proposed
architected approach to information security.
- Received a presentation: "Alchemy of Digital Signatures" - turning the law
from a barrier to an enabler of e-Commerce.
- Reviewed our Vulnerability Management (VM) program in the light of our new architected
approach to information security projects.
- Discussed a collaboration with the T4 Security Techniques TC of INCITS, on developing an
open systems standard for role-based access control (RBAC).
Outputs
Achieved all the objectives set at the start of the meeting.
Next Steps
An actions
list is available to members of the Security Forum, recording who has agreed to lead
what activities on each of our projects between the end of this New Orleans meeting and
the start of the next meeting (San Francisco, January 2005).
Links
See above.
|