OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

soa-rm-ra message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]


Subject: RE: [soa-rm-ra] Good Security Reference Material


Great input! Thanks! 
I have been using the FIPS-199 Standards for the Security Categorization
of Federal Information and Federal Information Systems and FIPS-200
Minimum Security Requirements for Federal Information and Federal
Information Systems as basic guidelines. The FIPS-200 mirrors Jeff's
presentation (nice job on it Jeff)in many aspects.
I'll pick up a copy of the book that Danny suggested. 


Regards,
 
Tom Merkle
 

-----Original Message-----
From: Danny Thornton [mailto:danny_thornton2@yahoo.com] 
Sent: Thursday, June 15, 2006 2:56 PM
To: soa-rm-ra@lists.oasis-open.org
Subject: Re: [soa-rm-ra] Good Security Reference Material

The book "core Security Patterns" is directly in line with Jeff's slide
presentation and goes into great detail about how to incorporate and
apply security - life cycle, process, standards, technologies, patterns,
products. For right now, it is about as up to date as you will find in a
published book.  

Danny

--- Jeffrey A Estefan <Jeffrey.A.Estefan@jpl.nasa.gov>
wrote:

> Dave, Rex, and Tom,
> 
> Following up on Danny's recommendation, I also encourage you to review

> this briefing material I posted sometime back on a candidate SOA 
> security model:
> 
>
http://www.oasis-open.org/apps/org/workgroup/soa-rm-ra/download.php/1757
3/06-04-00008.000.pdf
> 
> You should see some alignment with the policy model Danny has put 
> together.
> According to our RA guiding requirements, policy and security threats 
> are feeds to the security model.  I believe the current RA outline 
> only includes the threat model but it should be broader in scope.
> 
> Regards...
> 
>  - Jeff
> 
> 
> 


__________________________________________________
Do You Yahoo!?
Tired of spam?  Yahoo! Mail has the best spam protection around
http://mail.yahoo.com 


[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]