Our Objective: To provide a business-oriented briefing for our general membership and to raise awareness of key security issues and topics.
Audience: These tutorials give a basic understanding of the subject and the issues and are best suited to attendees who are either new to the subject or wish to view the subject from a business rather than a purely technical viewpoint. These briefings could be considered as a primer for those considering active participation in the Security Program Group.
Format: A half-day session consisting of a brief introduction to The Open Group Security Program plus two ninety minute sessions with opportunities for audience questions and answers.
Tuesday 28th April at 8.30 a.m.
Welcome and Introduction: "The work of the
Security Program Group"
by Dean Adams, The Open Group
9.00 a.m. - Session 1: "Security Breaches and
their Avoidance"
by Vernon Poole, Aid to Industry
The risk of an information security breach increases in a distributed computing environment especially with Internet connections. Businesses need to develop well planned and architecturally sound security solutions with "training and awareness" high on the business agenda.
The presentation will focus on the results of recent Information Security Surveys and the key business messages emerging. It will also look at the recent changes and developments of BS7799 (The British Standard on Information Security Management) which aims to provide a practical information security framework.
Vernon Poole's briefing will complement that given by Stan Dormer during the Amsterdam meeting.
Vernon Pool is a Chartered Accountant (CPFA), a member of the Institute of Internal Auditors and the Information Systems Auditing and Control Association. He is in charge of AID TO INDUSTRY a Division of the Deliotte & Touche National Internal Audit Services Group. Vernon has taught and consulted widely with clients including Shell, NatWest Bank, National Grid, Manchester City Council, States of Jersey and Boots Company PLC. He is an active member of the UK Information Security Forum.
AID TO INDUSTRY is a specialist training organization dedicated to providing audit and information security professionals with the skills necessary to meet the business requirements of their organization or clients. Since its formation in 1982 Aid to Industry has gained a reputation for providing excellent development consultancy services and intensive practical training courses.
10.30 a.m. - Break
11.00 a.m. - Session 2: "An Introduction to
CDSA"
by Denise Ecklund and John Wilson, Intel Corporation
The Common Data Security Architecture (CDSA) provides an open, cross-platform, interoperable, and extensible software framework consisting of APIs designed to make computer platforms more secure for applications such as electronic commerce, communications, and digital content. The Common Security Services Manager (CSSM) is a key component. The publication of The Open Group Technical Standard for CDSA & CSSM, development of the test suite, and building of an Open Brand Program for CDSA will ensure that CDSA is implemented in a consistent fashion.
The presentation will give a basic understanding of CDSA & CSSM. It will look at the business case for its deployment and describe the work of the early adopters.
