Fortress Security
Back in 2002, Aidan Ward and I wrote some reports for the CBDI Forum on Web Services Security, which among other things lay siege to the Fortress Model of security. We were ahead of our time. The Fortress walls are not crumbling yet, but we are now joined by some serious allies.
See also brief note on Autonomous Computing: Fiefdoms & Fortresses
Jericho Forum
Jericho Forum (part of the Open Group) is a non-profit security standards group, led by user organizations. This is leading the push towards more agile and interoperable security models.
Press Release: Executives Agree that Interoperability, Deperimeterization of Data and Horizontal Integration Are Essential (April 2004) News Story: New boundaries and new rules (John Sterlicchi, SC Magazine, Jan 2005) News Story: Vendors line up to see Jericho vision (Ron Condon, SC Magazine, Feb 2005) News Story: The Future of IT Security is Fewer Walls, Not More (Dan Ilett, ZDNet, April 2005)
dePerimeterization
This essentially means tearing down the Fortress model. Definitions: Whatis.com, Word of the DaySecurity Vendors
| nCipher | Cryptographic IT Security | See press release (April 2005), on joining the Jericho Forum. |
| Vordel | XML Web Services Security | See weblog postings (March 2004, July 2004) by CTO Mark O'Neil |
CBDI Forum
Web Service Security (CBDI Journal, January 2002)
Component-Based Security for Web Services (CBDI Special Report, July 2002)
Agile Security for SOA (CBDI Journal, June 2005)
No comments:
Post a Comment