[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Subject: Re: Getting the security considerations group going
Here's a possible item for this group. Discussion in the use-case group has revealed some interest in stating some requirements regarding privacy, anonymity, pseudonymity and such. It was observed that privacy issues, like many security issues, tend to be related at least as much to how a technology is deployed as to the tech design per se; hence "privacy considerations", parallel to security considerations, is likely to be the best venue for saying what needs to be said about these issues. So, I propose that the scope of the "security considerations" area be expanded to "security and privacy considerations". One view, of course, is that privacy concerns are a subset of security concerns, but in my view it's worth it to consider them on their own. In my opinion the importance of privacy requirements is one of the main distinguishing characteristics of inter-domain security, which is one of the main targets of our work. Just as connecting networks, in practice, requires firewalls to provide policy-based control of information flow, so connecting autonomous security infrastructures will require precise control of the contents of security assertions that pass between domains. So, we should rise to this challenge. Thanks, - RL "Bob" Morgan University of Washington
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Powered by eList eXpress LLC