Service-oriented Assurance
|
|
- Olivia Doyle
- 5 years ago
- Views:
Transcription
1 Service-oriented Assurance Michael Waidner IBM Zurich Research, Security and Privacy Joint with Günter Karjoth, Matthias Schunter and Birgit Pfitzmann Riva San Vitale March 2006 Euro-Atlantic Symposium on Critical Information Infrastructure Assurance
2 IBM Research: 8 Labs, 3000 Researchers Almanden Established: 1986 Employees: 500 Watson Established: 1961 Employees: 1750 Zurich Established: 1955 Employees: 300 Beijing Established: 1995 Employees: 90 Austin Established: 1995 Employees: 40 Haifa Established: 1972 Employees: 500 Dehli Established: 1998 Employees: 60 Tokyo Established: 1982 Employees: Service-oriented Assurance Riva San Vitale March 23 rd, 2006
3 Security and Privacy Research Watson Secure Service Delivery SOA & Web Services Sec Language Security Cryptography & Privacy Biometrics & Surveillance Identity & Compli. Mgmt Secure Virtualization OS/Linux Security Wireless Security Secure HW Intrusion Defense Ethical Hacking Zurich Compliance Mgmt Crypto-based Security Identity Mgmt & Privacy Enterprise Key Mgmt Secure Identity Secure Trade Lane Security Event Mgmt Trusted Computing Beijing Compliance Almaden Digital Rights Mgmt Privacy & Data Mgmt Austin Haifa Storage Security Delhi Tokyo Compliance Web Services XACML/XML Worldwide ~110 researchers, 25+ in Zurich 3 Service-oriented Assurance Riva San Vitale March 23 rd, 2006
4 1. Service-oriented Architecture (SOA) 2. Service-oriented Assurance (SOAS) 3. Conclusion 4 Service-oriented Assurance Riva San Vitale March 23 rd, 2006
5 1. Service-oriented Architecture (SOA) 2. Service-oriented Assurance (SOAS) 3. Conclusion 5 Service-oriented Assurance Riva San Vitale March 23 rd, 2006
6 Trend: Virtual Enterprises Trust Trust 5 Cross-Industry Value Coalition 4 Industry-Centric Value Web 3 Value Chain Visibility Legend Core Business 1 Isolated Operations 2 Select Trusted Partners Collaboration Collaboration Subsidiary Customer Partner/Channel Supplier/Outsourcer 6 Service-oriented Assurance Riva San Vitale March 23 rd, 2006
7 Technical Basis: Service-Oriented Architecture Build Distributed Systems Based on Service Specifications Dynamically Across Multiple Domains 7 Service-oriented Assurance Riva San Vitale March 23 rd, 2006
8 Service-Oriented Architecture Service Requestor Service Locator Service Broker Distributed system described through allowed interactions, i.e., services, between components. Service interfaces are published and discoverable. Service Provider Provider and requestor agree on type and quality of service through service level agreements (SLA). Source: David Booth et. al.: Web Services Architecture; W3C Working Draft 8 August Service-oriented Assurance Riva San Vitale March 23 rd, 2006
9 Web Services Security WS-Secure Conversation WS-Policy WS-Federation WS-Trust WS-Security WS-Authorization WS-Privacy SOAP Foundation Describes security mechanisms and policies 9 Service-oriented Assurance Riva San Vitale March 23 rd, 2006
10 Open Problem: How to Justify Trust in Service? Service Requestor Service Locator Service Broker Service Provider Service-oriented Assurance SOAS enables products & services to express the offered degree of security as well as to assess the security of its components. Does it really work? 10 Service-oriented Assurance Riva San Vitale March 23 rd, 2006
11 1. Service-oriented Architecture (SOA) 2. Service-oriented Assurance (SOAS) 3. Conclusion 11 Service-oriented Assurance Riva San Vitale March 23 rd, 2006
12 Service Level Agreements (SLA) with Assurance Domain Comp SLA / Policy specifies properties and guarantees, including responsibilities, procedures, recourse Service (protocol) conveys evidence Comp SOAS Comp Comp SOAS Produces evidence (measurements, logs, signatures) articulate assurance assess assurance Comparison selection Service Service requestor can can make make a price/risk trade-off. Composition propagation Entity Entity can can derive derive its its own own assurances based based on on sub-service assurances. 12 Service-oriented Assurance Riva San Vitale March 23 rd, 2006
13 Example: Integrity & Isolation Assurance for Medical Databases Property MediCare s database operations are strongly isolated from (other) business processes. Data integrity is preserved. Evidence Statements about the database and the operating system (product manufacturer) Statements about the administration of the database (MediCare) Statements about running an industry-standard antivirus program Recourse Isolation checks are performed by a third party. (decision procedure) Compliance tool regularly verifies that virus checker is operational and runs according to specified policy. (decision procedure) In case MediCare violates the stated assurance, the contract is immediately terminated. MediCare will be liable for any damage caused. (compensation) 13 Service-oriented Assurance Riva San Vitale March 23 rd, 2006
14 Taxonomy for Service Oriented Assurance 14 Service-oriented Assurance Riva San Vitale March 23 rd, 2006
15 Negotiation & Monitoring 15 Service-oriented Assurance Riva San Vitale March 23 rd, 2006
16 1. Service-oriented Architecture (SOA) 2. Service-oriented Assurance (SOAS) 3. Conclusion 16 Service-oriented Assurance Riva San Vitale March 23 rd, 2006
17 Status and Research Challenges SOAS enables components to provide well-specified security guarantees, which can be monitored and validated Classification of assurances (security properties & evidence) Comparison Taxonomy of security properties Formalization (non-functional properties, ontology) Comparison (security metrics) Composition (side-effects) Implementing assurances via low-level checking Prototype implementation Assurance refinement From business goals to security properties 17 Service-oriented Assurance Riva San Vitale March 23 rd, 2006
Enterprise Privacy and Federated Identity Management
Enterprise Privacy and Federated Identity Management Michael Waidner IBM Zurich Research Lab & IBM Privacy Research Institute April 2003 Outline 1. Motivation 2. Enterprise Privacy Management 3. Federated
More informationData Security and Privacy Principles IBM Cloud Services
Data Security and Privacy Principles IBM Cloud Services 2 Data Security and Privacy Principles: IBM Cloud Services Contents 2 Overview 2 Governance 3 Security Policies 3 Access, Intervention, Transfer
More informationResearch Report. IBM Research. Trends in Access Control. RZ 3529 (# 99473) 01/19/04 Computer Science 4 pages. Thomas Groß
RZ 3529 (# 99473) 01/19/04 Computer Science 4 pages Research Report Trends in Access Control Thomas Groß IBM Research GmbH Zurich Research Laboratory 8803 Rüschlikon Switzerland tgr@zurich.ibm.com Anthony
More informationSolution Pack. Managed Services Virtual Private Cloud Security Features Selections and Prerequisites
Solution Pack Managed Services Virtual Private Cloud Security Features Selections and Prerequisites Subject Governing Agreement DXC Services Requirements Agreement between DXC and Customer including DXC
More informationCCISO Blueprint v1. EC-Council
CCISO Blueprint v1 EC-Council Categories Topics Covered Weightage 1. Governance (Policy, Legal, & Compliance) & Risk Management 1.1 Define, implement, manage and maintain an information security governance
More information2010 IEEE. Personal use of this material is permitted. Permission from IEEE must be obtained for all other uses, in any current or future media,
2010 IEEE. Personal use of this material is permitted. Permission from IEEE must be obtained for all other uses, in any current or future media, including reprinting/republishing this material for advertising
More informationNational Identity Exchange Federation. Terminology Reference. Version 1.0
National Identity Exchange Federation Terminology Reference Version 1.0 August 18, 2014 Table of Contents 1. INTRODUCTION AND PURPOSE... 2 2. REFERENCES... 2 3. BASIC NIEF TERMS AND DEFINITIONS... 5 4.
More informationFederated Access. Identity & Privacy Protection
Federated Access Identity & Privacy Protection Presented at: Information Systems Security Association-Northern Virginia (ISSA-NOVA) Chapter Meeting Presented by: Daniel E. Turissini Board Member, Federation
More informationFiXs - Federated and Secure Identity Management in Operation
FiXs - Federated and Secure Identity Management in Operation Implementing federated identity management and assurance in operational scenarios The Federation for Identity and Cross-Credentialing Systems
More informationWireless e-business Security. Lothar Vigelandzoon
Wireless e-business Security Lothar Vigelandzoon E-business evolution Increased business drivers for cost efficiency & market penetration Increased Importance of brand reputation Distance between IT and
More informationGlobal Reference Architecture: Overview of National Standards. Michael Jacobson, SEARCH Diane Graski, NCSC Oct. 3, 2013 Arizona ewarrants
Global Reference Architecture: Overview of National Standards Michael Jacobson, SEARCH Diane Graski, NCSC Oct. 3, 2013 Arizona ewarrants Goals for this Presentation Define the Global Reference Architecture
More informationNational Information Assurance Partnership (NIAP) 2017 Report. PPs Completed in CY2017
National Information Assurance Partnership (NIAP) 2017 Report NIAP continued to grow and make a difference in 2017 from increasing the number of evaluated products available for U.S. National Security
More informationProtecting Privacy while Sharing Medical Data between Regional Healthcare Entities
IBM Almaden Research Center Protecting Privacy while Sharing Medical Data between Regional Healthcare Entities Tyrone Grandison, Srivatsava Ranjit Ganta, Uri Braun, James Kaufman Session S113: Sharing
More informationAIM Enterprise Platform Software IBM z/transaction Processing Facility Enterprise Edition 1.1.0
z/tpf V1.1 TPF Users Group - Spring 2009 Security Considerations in a Service Oriented Architecture (SOA) Jason Keenaghan Main Tent AIM Enterprise Platform Software IBM z/transaction Processing Facility
More informationDATA GOVERNANCE LEADS TO DATA QUALITY
DATA GOVERNANCE LEADS TO DATA QUALITY Trending. Kash Mehdi Senior Product Specialist and Instructor May 3, 2017 1 Collibra 2017 2017 Collibra Inc How Many of Your Reports Have Good Data Quality? What would
More informationImplementing a Ground Service- Oriented Architecture (SOA) March 28, 2006
Implementing a Ground Service- Oriented Architecture (SOA) March 28, 2006 John Hohwald Slide 1 Definitions and Terminology What is SOA? SOA is an architectural style whose goal is to achieve loose coupling
More informationTechnologies for Securing the Networked Supply Chain. Alex Deacon Advanced Products and Research Group VeriSign, Inc.
Technologies for Securing the Networked Supply Chain Alex Deacon Advanced Products and Research Group VeriSign, Inc. Agenda Introduction Security challenges Security technologies in use today Applying
More informationSecuring the Cloud Today: How do we get there?
Samson Tai, Chief Technologist, IBM Innovation Network Securing the Cloud Today: How do we get there 9/15/2009 What is Cloud Computing Cloud is a new consumption and delivery model for many IT-based services,
More informationIBM Research Report. Model-Driven Business Transformation and Semantic Web
RC23731 (W0509-110) September 30, 2005 Computer Science IBM Research Report Model-Driven Business Transformation and Semantic Web Juhnyoung Lee IBM Research Division Thomas J. Watson Research Center P.O.
More informationIT SECURITY RISK ANALYSIS FOR MEANINGFUL USE STAGE I
Standards Sections Checklist Section Security Management Process 164.308(a)(1) Information Security Program Risk Analysis (R) Assigned Security Responsibility 164.308(a)(2) Information Security Program
More informationC2-Simulation Interoperability in NATO
C2-Simulation Interoperability in NATO Dr Hans Jense Chief, Capability Planning, Exercises and Training NATO UNCLASSIFIED 1 NATO CIS Services Agency NATO Consultation, Command and Control Agency NATO Air
More informationIBM Research Report. A Negotiation Protocol Framework for WS-Agreement
RC24094 (W0610-165) October 31, 2006 Computer Science IBM Research Report A Negotiation Protocol Framework for WS-Agreement Sebastian Hudert Department of Information Systems University of Bayreuth 95440
More informationPanel 1 Service Platform and Network Infrastructure for Ubiquitous Services
Panel 1 Platform and Network Infrastructure for Ubiquitous s Wolfgang Kellerer DoCoMo Euro-Labs Munich, Germany WWRF WG2 ( Architecture) Vice Chair DoCoMo Communications Landsberger Str. 312 80687 Munich
More informationIBM Case Manager on Cloud
Service Description IBM Case Manager on Cloud This Service Description describes the Cloud Service IBM provides to Client. Client means and includes the company, its authorized users or recipients of the
More informationSeven Requirements for Successfully Implementing Information Security Policies and Standards
Seven Requirements for Successfully Implementing and Standards A guide for executives Stan Stahl, Ph.D., President, Citadel Information Group Kimberly A. Pease, CISSP, Vice President, Citadel Information
More informationPEOPLE CENTRIC SECURITY THE NEW
PEOPLE CENTRIC SECURITY THE NEW PARADIGM IN CYBERSECURITY David Karlsson SE Nordics March 2018 1 2018 Proofpoint, Inc. Proofpoint at a Glance LEADING CUSTOMERS DEEP SECURITY DNA UNIQUE VISIBILITY PARTNERS
More informationC2-Simulation Interoperability in NATO
C2-Simulation Interoperability in NATO Dr Hans Jense Chief, Capability Planning, Exercises and Training NATO UNCLASSIFIED 1 Report Documentation Page Form Approved OMB No. 0704-0188 Public reporting burden
More informationGDPR Processor Security Controls. GDPR Toolkit Version 1 Datagator Ltd
GDPR Processor Security Controls GDPR Toolkit Version 1 Datagator Ltd Implementation Guidance (The header page and this section must be removed from final version of the document) Purpose of this document
More informationHelping Meet the OMB Directive
Helping Meet the OMB 11-11 Directive March 2017 Implementing federated identity management OMB Memo 11-11 Meeting FICAM Objectives Figure 1: ICAM Conceptual Diagram FICAM Targets Figure 11: Federal Enterprise
More informationBYOD Policy. Table of Contents
Version 1.6 Table of Contents Bring Your Own Device (BYOD) Access and Use Policy... 3 Overview... 3 Components of the BYOD Strategy and Basics for BYOD Policy... 4 Device Choices... 4 User Experience and
More informationIT Service Quality amidst a World Gone Cloud. June 2012 V: 2.0
IT Service Quality amidst a World Gone Cloud June 2012 V: 2.0 Agenda A World Gone Cloud (federal perspective) Impacts to IT Infrastructures Impacts to ITIL-based Service/Quality Retooling ITIL Quality
More informationHIPAA Security and Privacy Policies & Procedures
Component of HIPAA Security Policy and Procedures Templates (Updated for HITECH) Total Cost: $495 Our HIPAA Security policy and procedures template suite have 71 policies and will save you at least 400
More informationGeneral Data Protection Regulation
General Data Protection Regulation Workshare Ltd ( Workshare ) is a service provider with customers in many countries and takes the protection of customers data very seriously. In order to provide an enhanced
More informationVERSION 1.3 MAY 1, 2018 SNOWFLY PRIVACY POLICY SNOWFLY PERFORMANCE INC. P.O. BOX 95254, SOUTH JORDAN, UT
VERSION 1.3 MAY 1, 2018 SNOWFLY PRIVACY POLICY SNOWFLY PERFORMANCE INC. P.O. BOX 95254, SOUTH JORDAN, UT 84095-9998 SNOWFLY PRIVACY POLICY This Privacy Policy describes Snowfly s practices regarding the
More informationMulti-Level Security for Service-Oriented Architectures
RZ 3672 (# 99672) 06/22/06 Computer Science 12 pages Research Report Multi-Level Security for Service-Oriented Architectures HariGovind V. Ramasamy and Matthias Schunter IBM Research GmbH Zurich Research
More informationCASP CompTIA Advanced Security Practitioner Study Guide: (Exam CAS-001)
CASP CompTIA Advanced Security Practitioner Study Guide: (Exam CAS-001) Gregg, Michael ISBN-13: 9781118083192 Table of Contents Foreword xxi Introduction xxvii Assessment Test xliv Chapter 1 Cryptographic
More informationIBM Case Manager on Cloud
Service Description IBM Case Manager on Cloud This Service Description describes the Cloud Service IBM provides to Client. Client means the company and its authorized users and recipients of the Cloud
More informationIBM SmartCloud Engage Security
White Paper March 2012 IBM SmartCloud Engage Security 2 IBM SmartCloud Engage Security Contents 3 Introduction 3 Security-rich Infrastructure 4 Policy Enforcement Points Provide Application Security 7
More informationFederated Mission Networking
Federated Mission Networking Learning & Applying the Lessons John Palfreyman, IBM V4; 20 Mar 14 Agenda Future Mission Networking - Context Effective Coalitions through OPEN Integration Save money through
More informationIdentity-Enabled Web Services
Identity-Enabled s Standards-based identity for 2.0 today Overview s are emerging as the preeminent method for program-toprogram communication across corporate networks as well as the Internet. Securing
More informationFusio: Semantic Integration of Systems Management and Enterprise Information
RZ 3752 (# 99762) 10/12/09 Computer Science 11 pages Research Report Fusio: Semantic Integration of Systems Management and Enterprise Information Axel Tanner and Metin Feridun IBM Research GmbH Zurich
More informationCertified Information Systems Auditor (CISA)
Certified Information Systems Auditor (CISA) 1. Domain 1 The Process of Auditing Information Systems Provide audit services in accordance with IT audit standards to assist the organization in protecting
More informationArchitecting a Network-Centric M&S Application
Introduction to Modeling and Simulation Architecting a Network-Centric M&S Application OSMAN BALCI Professor Department of Computer Science Virginia Polytechnic Institute and State University (Virginia
More informationTivoli Federated Identity Manager. Sven-Erik Vestergaard Certified IT Specialist Security architect SWG Nordic
Tivoli Federated Identity Manager Sven-Erik Vestergaard Certified IT Specialist Security architect SWG Nordic svest@dk.ibm.com IBM Software Day Vilnius 2009 Agenda IBM strategy on IAA What is a federation
More informationNebraska CERT Conference
Nebraska CERT Conference Security Methodology / Incident Response Patrick Hanrion Security Center of Excellence Sr. Security Consultant Agenda Security Methodology Security Enabled Business Framework methodology
More informationCompTIA Advanced Security Practitioner (CASP) (Exam CAS-001)
CompTIA Advanced Security Practitioner (CASP) (Exam CAS-001) Course Outline Course Introduction Course Introduction Lesson 01 - The Enterprise Security Architecture Topic A: The Basics of Enterprise Security
More informationMNsure Privacy Program Strategic Plan FY
MNsure Privacy Program Strategic Plan FY 2018-2019 July 2018 Table of Contents Introduction... 3 Privacy Program Mission... 4 Strategic Goals of the Privacy Office... 4 Short-Term Goals... 4 Long-Term
More informationInternational Journal of Computer Science Trends and Technology (IJCST) Volume 3 Issue 6, Nov-Dec 2015
RESEARCH ARTICLE OPEN ACCESS Middleware Interoperability using SOA for Enterprise Business Application T Sathis Kumar Assistant Professor Department of Computer Science and Engineering Saranathan College
More informationHealth Data & Blockchain: The New Sharing Frontier. Michael Dillhyon, CCO, Graftworx
Health Data & Blockchain: The New Sharing Frontier Michael Dillhyon, CCO, Graftworx Twitter: @SwissGator Overview Who? Background Why? Enterprise & Consumer Benefit What? (Blockchain of course) Value Prop
More informationNational Cybersecurity Challenges and NIST. Matthew Scholl Chief Computer Security Division
National Cybersecurity Challenges and NIST Matthew Scholl Chief Computer Security Division National Archives The Importance of Standards Article I, Section 8: The Congress shall have the power to fix the
More informationService Level Agreements: An Approach to Software Lifecycle Management. CDR Leonard Gaines Naval Supply Systems Command 29 January 2003
Service Level Agreements: An Approach to Software Lifecycle Management CDR Leonard Gaines Naval Supply Systems Command 29 January 2003 Report Documentation Page Form Approved OMB No. 0704-0188 Public reporting
More informationCLOUD QUALITY AND CLOUD CERTIFICATION
CLOUD QUALITY AND CLOUD CERTIFICATION 8th EuroCloud Congress Cloud, Trust & Security 25th October 2017 / Brussels, Belgium Ivana Tepčević Project Manager and Lead Auditor, SGS Belgrade AGENDA SGS in brief
More informationand Privacy HIPAA-Compliance Checklist
Email and Privacy HIPAA-Compliance Checklist TBHI Checklist Copyright 2017 Telebehavioral Health Institute All rights reserved. Telebehavioral Health Institute www.telehealth.org No part of this publication
More informationMicrosoft SharePoint Server 2013 Plan, Configure & Manage
Microsoft SharePoint Server 2013 Plan, Configure & Manage Course 20331-20332B 5 Days Instructor-led, Hands on Course Information This five day instructor-led course omits the overlap and redundancy that
More informationIdentität und Autorisierung als Grundlage für sichere Web-Services. Dr. Hannes P. Lubich IT Security Strategist
Identität und Autorisierung als Grundlage für sichere Web-Services Dr. Hannes P. Lubich IT Security Strategist The Web Services Temptation For every $1 spent on software $3 to $5 is spent on integration
More informationAssessing the Security of Internet Connected Critical Infrastructures
Assessing the Security of Internet Connected Critical Infrastructures The Comifin Project Approach H. Ghani, A. Khelil, N. Suri, G. Csertán, L. Gönczy, G. Urbanics, J. Clarke Dept of Computer Science,
More informationVersion 1/2018. GDPR Processor Security Controls
Version 1/2018 GDPR Processor Security Controls Guidance Purpose of this document This document describes the information security controls that are in place by an organisation acting as a processor in
More informationDOD Medical Device Cybersecurity Considerations
Enedina Guerrero, Acting Chief, Incident Mgmt. Section, Cyber Security Ops Branch 2015 Defense Health Information Technology Symposium DOD Medical Device Cybersecurity Considerations 1 DHA Vision A joint,
More informationArchitecting the Right SOA Infrastructure
Infrastructure Architecture: Architecting the Right SOA Infrastructure Robert Insley Principal SOA Global Technology Services 2007 IBM Corporation SOA Architect Summit Roadmap What is the impact of SOA
More informationCommunications Technology Trends
Communications Technology Trends Enterprise Convergence Phases Differentiating Across PBXs Business Integration Andy Mercker Sphere Communications amercker@spherecom.com Business Business Values Values
More informationInformation Security Incident Response Plan
Information Security Incident Response Plan Purpose It is the objective of the university to maintain secure systems and data. In order to comply with federal, state, and local law and contractual obligations,
More informationEveryday Security: Simple Solutions to Complex Security Problems
Everyday Security: Simple Solutions to Complex Security Problems Adrian Aldea Tivoli Technical Sales IBM South East Europe The world continues to get flatter, smaller and more interconnected through forces
More informationSimplifying Federation Management with the Federation Router
Technical White Paper Simplifying Federation Management with the Federation Router HP Select Federation By: Jason L Rouault Introduction... 2 What is federation... 2 How does federation work... 3 Federation
More informationQoS-aware model-driven SOA using SoaML
QoS-aware model-driven SOA using SoaML Niels Schot A thesis submitted for the degree of MSc Computer Science University of Twente EEMCS - TRESE: Software Engineering Group Examination committee: Luís Ferreira
More informationSentinet for BizTalk Server SENTINET
Sentinet for BizTalk Server SENTINET Sentinet for BizTalk Server 1 Contents Introduction... 2 Sentinet Benefits... 3 SOA and API Repository... 4 Security... 4 Mediation and Virtualization... 5 Authentication
More informationInfosec Europe 2009 Business Strategy Theatre. Giving Executives the Security Management Information that they Really Need
Infosec Europe 2009 Business Strategy Theatre Giving Executives the Security Management Information that they Really Need Simon Marvell Managing Director simon.marvell@acuityrm.com Agenda 1. What financial
More informationWHAT CIOs NEED TO KNOW TO CAPITALIZE ON HYBRID CLOUD
WHAT CIOs NEED TO KNOW TO CAPITALIZE ON HYBRID CLOUD 2 A CONVERSATION WITH DAVID GOULDEN Hybrid clouds are rapidly coming of age as the platforms for managing the extended computing environments of innovative
More informationOverview SENTINET 3.1
Overview SENTINET 3.1 Overview 1 Contents Introduction... 2 Customer Benefits... 3 Development and Test... 3 Production and Operations... 4 Architecture... 5 Technology Stack... 7 Features Summary... 7
More informationISO / IEC 27001:2005. A brief introduction. Dimitris Petropoulos Managing Director ENCODE Middle East September 2006
ISO / IEC 27001:2005 A brief introduction Dimitris Petropoulos Managing Director ENCODE Middle East September 2006 Information Information is an asset which, like other important business assets, has value
More informationADIENT VENDOR SECURITY STANDARD
Contents 1. Scope and General Considerations... 1 2. Definitions... 1 3. Governance... 2 3.1 Personnel... 2 3.2 Sub-Contractors... 2 3.3. Development of Applications... 2 4. Technical and Organizational
More informationRID IETF Draft Update
RID IETF Draft Update Kathleen M. Moriarty INCH Working Group 5 August 2004 This work was sponsored by the Air Force under Air Force Contract Number F19628-00-C-0002. "Opinions, interpretations, conclusions,
More informationCOURSE OUTLINE MOC : PLANNING AND ADMINISTERING SHAREPOINT 2016
COURSE OUTLINE MOC 20339-1: PLANNING AND ADMINISTERING SHAREPOINT 2016 Module 1: Introducing SharePoint 2016 This module describes the structure and capabilities of a SharePoint environment, and the major
More informationClearPath OS 2200 System LAN Security Overview. White paper
ClearPath OS 2200 System LAN Security Overview White paper Table of Contents Introduction 3 Baseline Security 3 LAN Configurations 4 Security Protection Measures 4 Software and Security Updates 4 Security
More informationRealizing the Army Net-Centric Data Strategy (ANCDS) in a Service Oriented Architecture (SOA)
Realizing the Army Net-Centric Data Strategy (ANCDS) in a Service Oriented Architecture (SOA) A presentation to GMU/AFCEA symposium "Critical Issues in C4I" Michelle Dirner, James Blalock, Eric Yuan National
More informationInformation Security Incident Response Plan
Information Security Incident Response Plan Purpose It is the objective of the university to maintain secure systems and data. In order to comply with federal, state, and local law and contractual obligations,
More informationCopyright 2011 EMC Corporation. All rights reserved.
1 2 How risky is the Cloud? 3 Is Cloud worth it? YES! 4 Cloud adds the concept of Supply Chain 5 Cloud Computing Definition National Institute of Standards and Technology (NIST Special Publication 800-145
More informationAuditing and Monitoring for HIPAA Compliance. HCCA COMPLIANCE INSTITUTE 2003 April, Presented by: Suzie Draper Sheryl Vacca, CHC
Auditing and Monitoring for HIPAA Compliance HCCA COMPLIANCE INSTITUTE 2003 April, 2003 Presented by: Suzie Draper Sheryl Vacca, CHC 1 The Elements of Corporate Compliance Program There are seven key elements
More informationImplementing the Army Net Centric Data Strategy in a Service Oriented Environment
Implementing the Army Net Centric Strategy in a Service Oriented Environment Michelle Dirner Army Net Centric Strategy (ANCDS) Center of Excellence (CoE) Service Team Lead RDECOM CERDEC SED in support
More informationCIAM: Need for Identity Governance & Assurance. Yash Prakash VP of Products
CIAM: Need for Identity Governance & Assurance Yash Prakash VP of Products Key Tenets of CIAM Solution Empower consumers, CSRs & administrators Scale to millions of entities, cloud based service Security
More informationIBM Security Intelligence on Cloud
Service Description IBM Security Intelligence on Cloud This Service Description describes the Cloud Service IBM provides to Client. Client means and includes the company, its authorized users or recipients
More informationGlobal R&D Partnerships for Innovation
Governmental Programs Philippines Global R&D Partnerships for Innovation Alejandro Melchor III Governmental Programs Executive IBM Philippines IBM Research Worldwide Watson Zurich Almaden China Austin
More informationMobility Policy Bundle
Version 2018-02 Mobility Policy Bundle Table of Contents This document contains the following policies: BYOD Access and Use Policy (revised 02/2018) Mobile Device Access and Use Policy (revised 02/2018)
More informationAcceptable Use Policy
Acceptable Use Policy POLICY 07.01.01 Effective Date: 01/01/2015 The following are responsible for the accuracy of the information contained in this document Responsible Policy Administrator Information
More informationMaking Privacy Operational
Making Privacy Operational Introduction to the Privacy Management Reference Model John Sabo Director, Global Government relations CA, Inc. and President, ISTPA john.t.sabo@ca.com Michael Willett President,
More informationSecurity Policies and Procedures Principles and Practices
Security Policies and Procedures Principles and Practices by Sari Stern Greene Chapter 3: Information Security Framework Objectives Plan the protection of the confidentiality, integrity and availability
More informationDagstuhl Seminar on Service-Oriented Computing Session Summary Cross Cutting Concerns. Heiko Ludwig, Charles Petrie
Dagstuhl Seminar on Service-Oriented Computing Session Summary Cross Cutting Concerns Heiko Ludwig, Charles Petrie Participants of the Core Group Monika Kazcmarek, University of Poznan Michael Klein, Universität
More informationIntroduction. Deployment Models. IBM Watson on the IBM Cloud Security Overview
IBM Watson on the IBM Cloud Security Overview Introduction IBM Watson on the IBM Cloud helps to transform businesses, enhancing competitive advantage and disrupting industries by unlocking the potential
More informationThe Open Group SOA Ontology Technical Standard. Clive Hatton
The Open Group SOA Ontology Technical Standard Clive Hatton The Open Group Releases SOA Ontology Standard To Increase SOA Adoption and Success Rates Ontology Fosters Common Understanding of SOA Concepts
More informationCloud Communications for Healthcare
Cloud Communications for Healthcare Today, many powerful business communication challenges face everyone in the healthcare chain including clinics, hospitals, insurance providers and any other organization
More informationService Oriented Architectures Visions Concepts Reality
Service Oriented Architectures Visions Concepts Reality CSC March 2006 Alexander Schatten Vienna University of Technology Vervest und Heck, 2005 A Service Oriented Architecture enhanced by semantics, would
More informationWELCOME TO ITIL FOUNDATIONS PREP CLASS AUBREY KAIGLER
WELCOME TO ITIL FOUNDATIONS PREP CLASS AUBREY KAIGLER 2 Demand Management Demand management: The process used to make investmentrelated decisions across the enterprise. Pattern Pattern of of Business Activity
More informationISA99 - Industrial Automation and Controls Systems Security
ISA99 - Industrial Automation and Controls Systems Security Committee Summary and Activity Update Standards Certification Education & Training Publishing Conferences & Exhibits February 2018 Copyright
More informationWeb Services QoS: External SLAs and Internal Policies Or: How do we deliver what we promise?
T. J. Watson Research Center Web Services QoS: External SLAs and Internal Policies Or: How do we deliver what we promise? WISE Web Services Quality Workshop Rome, December 13, 2003 Heiko Ludwig hludwig@us.ibm.com
More informationAgenda. BYOD, Texting & Social Media How to Keep BYODFrom Becoming OMG! Introduction BYOD Defined Trends By the Numbers
BYOD, Texting & Social Media How to Keep BYODFrom Becoming OMG! Daniel M. Briley, CISSP, CIPP Managing Director Summit Security Group Agenda Introduction BYOD Defined Trends By the Numbers Common Risks
More informationAUTHORITY FOR ELECTRICITY REGULATION
SULTANATE OF OMAN AUTHORITY FOR ELECTRICITY REGULATION SCADA AND DCS CYBER SECURITY STANDARD FIRST EDITION AUGUST 2015 i Contents 1. Introduction... 1 2. Definitions... 1 3. Baseline Mandatory Requirements...
More informationExtending SOA Infrastructure for Semantic Interoperability
Extending SOA Infrastructure for Semantic Interoperability Wen Zhu wzhu@alionscience.com ITEA System of Systems Conference 26 Jan 2006 www.alionscience.com/semantic Agenda Background Semantic Mediation
More informationToken-based Web Single Signon with Enabled Clients
RZ 3458 (# 93844) 11/04/02 Computer Science 11 pages Research Report Token-based Web Single Signon with Enabled Clients Birgit Pfitzmann, Michael Waidner IBM Research Zurich Research Laboratory 8803 Rüschlikon
More information10/18/2016. Preparing Your Organization for a HHS OIG Information Security Audit. Models for Risk Assessment
Preparing Your Organization for a HHS OIG Information Security Audit David Holtzman, JD, CIPP/G CynergisTek, Inc. Brian C. Johnson, CPA, CISA HHS OIG Section 1: Models for Risk Assessment Section 2: Preparing
More informationYou Can Click at the enclosed Link to check out AATP Authorization:
Apple Education App Development Training Introduction to Swift 4 Introduction to the ios 11 SDK App Development with Swift 4 macos and OS X Training macos Support Essentials 10.12 (Sierra 101) macos Server
More informationFIBO Operational Ontologies Briefing for the Object Management Group
FIBO Operational Ontologies Briefing for the Object Management Group March 20, 2013, Reston, VA David Newman Strategic Planning Manager, Senior Vice President, Enterprise Architecture Chair, Semantic Technology
More information