Security Briefing
The Open Group Security Briefing is free of charge and open to Members and Non-Members of The Open Group. Its aim is to explain two aspects of Security, namely Security Management and Single Sign On.

The Security Briefing takes place on Tuesday 27th January 1998 at the Grand Hotel Krasnapolsky, located at Dam 9, NL 1012 JS Amsterdam, commencing at 1.30 p.m. The sessions will be followed by a reception for participants to meet the presenters. The subjects are:

  • SECURITY MANAGEMENT – an introduction to the key issues and solutions for handling security in complex distributed computing networks including external access via the Internet.
  • SINGLE SIGN ON – one of the key developments in the security field.

The objective is to give a grounding in two key areas of Security. Some basic understanding of the issues will be assumed and we will provide a refresher and update. This could serve as a primer for those considering active participation in the Security Program Group. It will also aid in the launch of The Open Group's collaborative security training initiative.

Members of The Open Group are asked to register for this Security Briefing as part of their Registration for the Member Meeting

Non-members of The Open Group are welcome to attend and should reserve their place by phone, fax or email to Marie-France Serruys in our Brussels office:

Tel: +32 2 772 8888
Fax: +32 2 772 9228
Email: mf.serruys@opengroup.org

Places are limited and will be offered on a first come, first served basis.

Full details of the Program and the Presenters can be found below:

Programme

Welcome and Introduction * 1.30 - 2.00 p.m.

Session 1: Security Management 2.00 - 3.30 p.m.
Presenter: Stan Dormer, Aid to Industry

The risk of a breach in security increases in a distributed computing environment especially when external links are provided through the Internet and the World Wide Web. Businesses need well-planned and architecturally sound solutions.

The presentation will focus on the development and implementation of an IT Security Policy based on Open Systems Standards. It will cover the provisions of BS7799 (The British Standard Code of Practice), The Open Group Baseline Security Specification and related standards and practice.

Security is a non-linear problem
Complex environments create multiple bi-directional domains of risk whilst the security challenge grows exponentially with numbers of computers, interfaces and users. Connections to other businesses especially those through the Internet create the challenge of controlling unknown and unseen "agents of harm"; the consequences may range from disruption to disaster.

The impact of Security on business confidence
Globalisation of businesses demands reliable inter and intra business communications and data transport. Businesses will, sooner rather than later, demand a "proof of trust" in the same way as they demand a proof of quality.

The basis for a Proof of Trust
There is a need for security architectures that are not dependent on proprietary solutions and a scheme that provides a basis for measurable conformance. This requires a framework of policy, procedures, practices and standards such as BS:7799 and the Open Group Baseline Security Specification

Developing an IT Security Strategy
Management and resource needs should be considered in the context of an overall and integrated approach to security for protection from abuse, error and loss of service. This can be examined in a layered approach and through a series of fail-safe wrappers.

Summary - "Where to, from here?"

Break 3.30 - 4.00 p.m.

Session 2 Single Sign On 4.00 5.30 p.m.
Presenter: Pierre Noel, The Open Group

In today's heterogeneous computing environment, both administrators and users are required to maintain multiple user profile and password information, leading to complex consistency and maintenance problems that frequently compromise computer security. An immediate resolution of this problem lies in the provision of a single security profile for every user of computer resources within the enterprise.

This presentation highlights the work that has been done within The Open Group with respect to Single Sign On standards and how this information has been used to practical effect by Open Group Professional Services in conjunction with several member organizations.

  • What is Single Sign On
  • Why an enterprise should consider moving to Single Sign On
  • Case studies with examples of where companies have progressed from a complex multiple password environment to one of a single logon.
  • Industry trends - indications of where individual vendors are placing themselves with respect to Single Sign On.
  • There is a need for vendor neutral advice and experience in field.

Reception 5.30 - 6.30 p.m.

*A member of The Open Group staff will chair the sessions. There will be an opportunity to ask questions of the presenters and to meet staff and members of The Open Group before and after the formal session.

About the Presenters:

Stan Dormer
Representing "Aid to Industry", a specialist training organisation working with The Open Group.

Stan Dormer, B.Sc., FIIA, a British national, is the managing director of STAN DORMER ASSOCIATES. He has a career that spans more than thirty years of information systems technologies and auditing, has been involved with audit research and with the automation of audit processes since the mid '70s, and is at the forefront of the use of technology to control technology!

Stan has been a contributor to the Institute of Internal Auditors since 1975, was one of the co-founders of the renowned COMPACS series of conferences now in its 21st year, and is the author / editor of numerous IT Audit articles and publications. Stan is currently redeveloping the support materials for the IIA-UK's QiCA qualification.

He has spoken at numerous conferences including COMPACS, CHARTAC - the IT specialist forum of the Institute of Chartered Accountants, COSAC - the all-Ireland series of Computer Audit and Security Conferences and at the ACE Audit Automation series of conferences.

Stan has also been a keynote speaker for the Bull User Group, the Midlands CIPFA Computer Audit Group, the IIA North West District Society, the London CIPFA Audit Group, the CASCON group of KPMG, and the Midlands ISACA (UK) Chapter.

As the inventor of the first practical Resident Audit Monitoring system embedded in an operating system, Stan has developed a concise and formal audit methodology and most recently has developed novel Risk Mapping Techniques and a Rapid Audit Methodology based on Risk Mapping and Triage.

Pierre Noel
Representing The Open Group

Pierre Noel is a Belgian national educated in Computer Science at the Université Libre de Bruxelles (ULB)

Pierre has key strengths in the areas of DCE, security, Single Sign On open transaction processing, and distributed systems. He is involved in providing consulting and expertise in Europe and Asia on topics such as DCE, distributed security in open environments, including SSO, Public Key, Internet integration and high volume, resilient open transactions. Pierre has deep and practical knowledge on the different aspects of SSO, in addition to being able to evaluate the different products available on the market today. He has already provided practical SSO solutions and is the principal architect formalizing The Open Group's consultancy approach to Single Sign On.

Pierre has worked with a number of Open Group members including Deutsche Telekom - to provide key distributed computing experience, Police IT Organisation - giving consultancy within the area of Single Sign On and the Hong Kong Jockey Club - architecting a complex DCE distributed computing environment. He has also provided key SSO and distributed computing expertise to various enterprises in Asia-Pacific including Mitsubishi, NTT, National Computer Board Singapore, and Hewlett Packard.

    
© 1995-2010     Sales Enquiries      Site Index