[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Subject: RE: Things to do - Requirement Document. Security.
> Are you talking about security *only* or more ? I have > a hard time > understanding which angle you are coming from. From your > note, it looks like > you are talking about general voting system and not just security. Krishna, My categorisation proposal (which you've commented on before) was purely and only about security issues. But you responded to me saying that we should take a broader view. This is why I've stressed out that I was talking *only* about categorising security issues, nothing else. Hope that clear up your first confusion. > > Second, from what I see, your view is a technology > view. This group has to > balance the technology view as well as the sociological view. > A security > discussion *without* the environment it is going to support, > would be a > security standards document not a *voting* security standards > document. The > SAML (Security Assertions Markup Language) committee is the > vehicle for that > kind of pure security activity. > > Third, we are not defining or redefining the voting > systems, but adding > value by supporting the existing and new voting processes > using XML and > related technologies. So in our domain model we have to *refer* to or > generically define the domain, the different voting systems, > the interfaces > and the information they exchange. > > The processes we support would come from existing > manual and automatic > systems, inside and outside US and even from folks who have > new ideas. We do > need to capture and articulate the use cases we plan to > support and develop > the specification to those use cases. > > We would, of course, refer to existing documents and > then generalize them > in our domain model/use case documents. I am talking about > the specification > not security alone. The security requirements themselves come > from these > documents, the use cases and the domain model. There are no separate > security requirements independent of the domain. > > I do not know where you got the impression that we are > re-defining the > voting systems. I was not saying that! I was simply saying that we should probably use some existing documents when "touching upon" the framework which "our" work applies to. That's it, nothing more. In plain, do not spend extra time on writing what could've already been written - i.e. general environment and requirements for the voting process. Borrow, or reference some existing resource. Which I'm sure the vendors can point us to. It is probable that I had created that > impression in one of > my e-mails. Pl let me know where and if it is in my e-mail, I > will clarify > it, No problems. > Hope it cleared things up. Best regards Michael ----------------------------------------------------------------------------------------------------------------- "How can I make sure the right people get access to the right resources and business applications, with a user base that's constantly growing and changing?" The answer... Baltimore SelectAccess Next Generation Authorisation Management http://www.baltimore.com/selectaccess/index.html ----------------------------------------------------------------------------------------------------------------- The information contained in this message is confidential and is intended for the addressee(s) only. If you have received this message in error or there are any problems please notify the originator immediately. The unauthorized use, disclosure, copying or alteration of this message is strictly forbidden. Baltimore Technologies plc will not be liable for direct, special, indirect or consequential damages arising from alteration of the contents of this message by a third party or as a result of any virus being passed on. In addition, certain Marketing collateral may be added from time to time to promote Baltimore Technologies products, services, Global e-Security or appearance at trade shows and conferences. This footnote confirms that this email message has been swept by Baltimore MIMEsweeper for Content Security threats, including computer viruses.
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Powered by eList eXpress LLC