[STF] Security Harvesting

The STF has been tasked with three main goals.  One of these is the harvesting of security relevant technologies.  I’d like to ensure I correctly understand this goal and make a start at compiling a list.   

 

To ensure I understand the objective, the STF is tasked with coming up with a list of existing security “Initiatives” that have  “Relevant Bodies of Work”.  To define this further, I offer the following:

 

A Security Initiative is:

An existing, newly formed or forming group, consortium or initiative that produces any “Body of Work” deemed relevant to the security concerns of the WSA-WG STF.

 

A Relevant Body of Work is:

A model, architecture, pattern, component or approach, deemed relevant to the security concerns of the WSA-WG STF.

 

On the (presumption) that the above is correct, I’ll start the bidding on this thread and suggest the following (far from complete) list of initiatives and relevant bodies of work:

 

OASIS WS-Security

          - Spec

OASIS Security TC

          - SAML 1.0

OASIS XCBF TC

          - XCBF

OASIS Provisioning TC

          - SPML

OASIS Access Control TC

          - XACML

OASIS Rights Language TC

          -XrML

OASIS ebXML

          - Various security relevant elements

W3C XML Digital Signatures

          - XML-DSIG

W3C XML Encryption

          - XML Encryption

W3C/IETF XKMS

-        XKISS

-        XRISS

W3C SOAP 1.2

          - Security stuff

DMTF

-        Security stuff in CIM

BEEP

 

<Out of time>sorry<Out of time/>

 

Darran Rolls  
MSIM  drolls_waveset@hotmail.com 
AIM    drollswaveset 
YIM    drolls_waveset
http://www.waveset.com/ <htp://www.waveset.com>  
drolls@waveset.com <mailto:drolls@waveset.com>  

Received on Monday, 15 July 2002 14:09:12 UTC