[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: RE: [soa-rm-ra] Good Security Reference Material
Great input! Thanks! I have been using the FIPS-199 Standards for the Security Categorization of Federal Information and Federal Information Systems and FIPS-200 Minimum Security Requirements for Federal Information and Federal Information Systems as basic guidelines. The FIPS-200 mirrors Jeff's presentation (nice job on it Jeff)in many aspects. I'll pick up a copy of the book that Danny suggested. Regards, Tom Merkle -----Original Message----- From: Danny Thornton [mailto:danny_thornton2@yahoo.com] Sent: Thursday, June 15, 2006 2:56 PM To: soa-rm-ra@lists.oasis-open.org Subject: Re: [soa-rm-ra] Good Security Reference Material The book "core Security Patterns" is directly in line with Jeff's slide presentation and goes into great detail about how to incorporate and apply security - life cycle, process, standards, technologies, patterns, products. For right now, it is about as up to date as you will find in a published book. Danny --- Jeffrey A Estefan <Jeffrey.A.Estefan@jpl.nasa.gov> wrote: > Dave, Rex, and Tom, > > Following up on Danny's recommendation, I also encourage you to review > this briefing material I posted sometime back on a candidate SOA > security model: > > http://www.oasis-open.org/apps/org/workgroup/soa-rm-ra/download.php/1757 3/06-04-00008.000.pdf > > You should see some alignment with the policy model Danny has put > together. > According to our RA guiding requirements, policy and security threats > are feeds to the security model. I believe the current RA outline > only includes the threat model but it should be broader in scope. > > Regards... > > - Jeff > > > __________________________________________________ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]