The Open Group Security Forum Current Projects
You are here:  > Security Forum Current Projects

Welcome to the Security Forum Current Projects List page, showing the currently active projects under the Security Forum's 2 strategy areas:

  • Security Architectures
  • Security Management

Security Architectures

  • Integrating TOGAF and SABSA: the objectives are twofold: to describe SABSA in TOGAF terms, emphasizing some strong and useful concepts of SABSA, to present useful TOGAF principles to the wider security architect community. This project will contribute to the associated project on Integrating of Security into TOGAF
    https://www.opengroup.org/projects/security/arch-int/
  • Integration of Security into TOGAF: Joint activity with the RT&ES Forum and SOA Working Group. Includes integrating with the Sherwood Applied Business Security Architecture (SABSA) framework.
    http://www.opengroup.org/projects/soa-sec/
  • COA Framework Standard: develop from the Jericho Forum Commandments and COA Position a single volume presenting a standard for a Framework for Collaboration-Oriented Architectures.
    https://www.opengroup.org/projects/security/coafwk/
  • Securing the Cloud: Collaboration with the Cloud Security Alliance (CSA) on developing and editing their CSA Guidelines version 3. High-priority issues for the Security Forum include identity & access management, data-centric security, and governance & compliance.
  • Identity, Entitlement & Access Management (IAM): The Jericho Forum is developing a set of Identity Principles, from which it proposes to define requirements for Identity & Entitlement Management, and for Access Management. The Security Forum aims to evaluate and contribute to this development activity, created appropriate publications that contribute added value to these topic areas, and consider submitting input on them under TOG’s ISO PAS Submitter status to ISO/IEC JTC 1 SC27 as updates to ISO/IEC 10181-2/3, to meet the needs for IAM solutions in de-perimeterized environments, including Cloud Computing
  • Cloud/SOA-Security white paper: In collaboration with the Cloud Computing and SOA Working Groups, developing a best practice guide to describe the key requirements specific to assuring secure operations in Cloud and SOA environments, and a white paper for a Cloud-SOA Reference Architecture.
    http://www.opengroup.org/projects/soa-sec/
  • Secure Mobile Architectures (SMA) Standard: Specifying the common technologies for a standards-based SMA solution. Other industry groups involved include the PCI Forum, ARC, SANS Institute, ISA, and TCG-TNC. Application areas include large manufacturing flow lines and safety-critical SCADA environments.
    https://www.opengroup.org/projects/security/sma/

Security Management

  • Information Security Management Maturity Model (O-ISM3) Standard: guidance on how to build an O-ISM3 Maturity Model for any enterprise vertical business sector, using the O-ISM3 processes defined in the O-ISM3 standard.
    https://www.opengroup.org/projects/security/ism3/
  • DAS version 2: Updating our 1998 Distributed Audit Services (XDAS) standard to define in a DASv2 standard a common Event Record Format to meet today's more demanding requirements for consuming (logging and auditing) event records. Includes collaboration with the DMTF to use their CIM objects as major resource entities, and working with Mitre to achieve interoperability with their Common Event Expression (CEE) standard.
    https://www.opengroup.org/projects/security/xdas/
  • Automated Compliance Expert (ACE) Standard: next stage on implementation & exploitation in an automated compliance system.
    https://www.opengroup.org/projects/security/ace/
  • Trust Management/Confidence Model Guide: develop from Jericho Forum work on trust management and classification a guide defining the essential requirements for building a trust/confidence environment for enterprise collaborations.
    http://www.opengroup.org/projects/security/tmc
  • Risk Management – Managing Risk in Complex Interdependent Systems: standard for evaluating trust levels to establish a chain of trust between collaborating parties ... secure and trusted exchange of digital Information and transactions based on Risk Status. This is a UK Technology Strategy Board part-funded project.
    https://www.opengroup.org/projects/security/tsb/
  • Authorization Roles Mapped Over RBAC (ARMOR) - Security Management for UNIX vendors: create a standard mapping between different Role Based Access Control naming space.
Contacts

For further information please contact 'ogsecurity-interest@opengroup.org'
If you experience any problems with broken links, or incorrect or unexpected functionality, click here to request help.
   |   Legal Notices & Terms of Use   |   Privacy Statement   |   Top of Page   Return to Top of Page
  PHPlato: 2.0 (655) [p]