[Security_sig] [Reminder] Security SIG conf. call - 3/31
Ed Reed
ereed at novell.com
Thu Mar 31 08:42:49 PST 2005
First cut - work in progress.
Attached are different formatted versions of the outline I started after our last call.
Don't be put off by it's length - I deepended a little exploring features and options that ought to be rolled up into higher level requirements.
For instance, while I spend too much time describing Login Policies, it might be sufficient to say support POSIX-style password and login policies, if we can refer to them externally.
Similarly with Crypto - basically, we need to be able to let people say needs FIPS 140-2 crypto algorithms and implementations, without detailing hash algorithms, etc.
But - you get the broad idea...
Outline:
1) Introduction
2) Definitions
3) Security Objectives
a) Objective Names & Descriptions
b) Target System Profile Descriptions
i) Database Server
ii) Mid-Tier Application Server
iii) Edge / Public Facing Network Services Server
iv) Internal Infrastructure Server
v) File / Print / Departmental / Storage Server (out of scope for DCL)
c) Objectives / Target System Coverage matrix
4) Functionality Table
5) Assurances Table
6) Appendixes
>>>Chris Wright <chrisw at osdl.org> 03/31/05 1:50 am >>>
Reminder - security SIG bi-weekly conference call
Date: 3/31/05
Time: 9AM to 10AM Pacific
Toll-free: 1-800-211-0633
Toll: 1-719-867-0485
Participant code: 932475
Note taker: TBD
Agenda
- CGL security spec
- DCL security spec
- DTL (-ish) directory style authentication
- OLS BoF material
- any other business
thanks,
-chris
--
Linux Security Modules http://lsm.immunix.org http://lsm.bkbits.net
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.linux-foundation.org/pipermail/security_sig/attachments/20050331/342a0378/attachment-0001.htm
More information about the security_sig
mailing list