OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

mqtt message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: [OASIS Issue Tracker] (MQTT-228) Missing References

     [ https://tools.oasis-open.org/issues/browse/MQTT-228?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Richard Coppen updated MQTT-228:

    Component/s: SecuritySC_edits

> Missing References
> ------------------
>                 Key: MQTT-228
>                 URL: https://tools.oasis-open.org/issues/browse/MQTT-228
>             Project: OASIS Message Queuing Telemetry Transport (MQTT) TC
>          Issue Type: Bug
>          Components: SecuritySC_edits
>         Environment: References 
>            Reporter: Patrick Durusau
> 1.4.2 MQTT Cybersecurity Framework Implementation Tiers reads in part:
> *****
> External guidance will be helpful, such as information that could be obtained from OASIS Security Assertion Markup Language (SAML), the Federal Information Processing Standards (FIPS), and Payment Card Industry Data Security Standard (PCI DSS).
> *****
> MQTT Cybersecurity Framework reads in part:
> *****
> Following the initial steps the energy provider has developed a Framework Core informed by several recommendation publications such as NIST Special publication 800-26 (Security Self-Assessment Guide for Information Technology Systems" for advice on how to manage IT security and ISO 15408 (Evaluation criteria for IT security) to test the security of the bus architecture.
> *****
> None of the five (5) documents/standards cited in these two sections appear under references. For the convenience of the reader, if no other reason, these should appear under references with appropriate links/citations. 

This message was sent by Atlassian JIRA

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]