draft-ietf-opsec-efforts-19.txt | draft-ietf-opsec-efforts-20.txt | |||
---|---|---|---|---|
Network Working Group C. Lonvick | Network Working Group C. Lonvick | |||
Internet-Draft D. Spak | Internet-Draft D. Spak | |||
Intended status: Informational Cisco Systems | Intended status: Informational Cisco Systems | |||
Expires: April 20, 2013 October 17, 2012 | Expires: October 15, 2013 April 13, 2013 | |||
Security Best Practices Efforts and Documents | Security Best Practices Efforts and Documents | |||
draft-ietf-opsec-efforts-19.txt | draft-ietf-opsec-efforts-20.txt | |||
Abstract | Abstract | |||
This document provides a snapshot of the current efforts to define or | This document provides a snapshot of the current efforts to define or | |||
apply security requirements in various Standards Developing | apply security requirements in various Standards Developing | |||
Organizations (SDO). | Organizations (SDO). | |||
Status of this Memo | Status of this Memo | |||
This Internet-Draft is submitted in full conformance with the | This Internet-Draft is submitted in full conformance with the | |||
skipping to change at page 1, line 32 | skipping to change at page 1, line 32 | |||
Internet-Drafts are working documents of the Internet Engineering | Internet-Drafts are working documents of the Internet Engineering | |||
Task Force (IETF). Note that other groups may also distribute | Task Force (IETF). Note that other groups may also distribute | |||
working documents as Internet-Drafts. The list of current Internet- | working documents as Internet-Drafts. The list of current Internet- | |||
Drafts is at http://datatracker.ietf.org/drafts/current/. | Drafts is at http://datatracker.ietf.org/drafts/current/. | |||
Internet-Drafts are draft documents valid for a maximum of six months | Internet-Drafts are draft documents valid for a maximum of six months | |||
and may be updated, replaced, or obsoleted by other documents at any | and may be updated, replaced, or obsoleted by other documents at any | |||
time. It is inappropriate to use Internet-Drafts as reference | time. It is inappropriate to use Internet-Drafts as reference | |||
material or to cite them other than as "work in progress." | material or to cite them other than as "work in progress." | |||
This Internet-Draft will expire on April 20, 2013. | This Internet-Draft will expire on October 15, 2013. | |||
Copyright Notice | Copyright Notice | |||
Copyright (c) 2012 IETF Trust and the persons identified as the | Copyright (c) 2013 IETF Trust and the persons identified as the | |||
document authors. All rights reserved. | document authors. All rights reserved. | |||
This document is subject to BCP 78 and the IETF Trust's Legal | This document is subject to BCP 78 and the IETF Trust's Legal | |||
Provisions Relating to IETF Documents | Provisions Relating to IETF Documents | |||
(http://trustee.ietf.org/license-info) in effect on the date of | (http://trustee.ietf.org/license-info) in effect on the date of | |||
publication of this document. Please review these documents | publication of this document. Please review these documents | |||
carefully, as they describe your rights and restrictions with respect | carefully, as they describe your rights and restrictions with respect | |||
to this document. Code Components extracted from this document must | to this document. Code Components extracted from this document must | |||
include Simplified BSD License text as described in Section 4.e of | include Simplified BSD License text as described in Section 4.e of | |||
the Trust Legal Provisions and are provided without warranty as | the Trust Legal Provisions and are provided without warranty as | |||
skipping to change at page 2, line 17 | skipping to change at page 2, line 17 | |||
1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 4 | 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 4 | |||
2. Format of this Document . . . . . . . . . . . . . . . . . . . 6 | 2. Format of this Document . . . . . . . . . . . . . . . . . . . 6 | |||
3. Online Security Glossaries . . . . . . . . . . . . . . . . . . 7 | 3. Online Security Glossaries . . . . . . . . . . . . . . . . . . 7 | |||
3.1. ATIS Telecom Glossary 2007 . . . . . . . . . . . . . . . . 7 | 3.1. ATIS Telecom Glossary 2007 . . . . . . . . . . . . . . . . 7 | |||
3.2. Internet Security Glossary - RFC 4949 . . . . . . . . . . 7 | 3.2. Internet Security Glossary - RFC 4949 . . . . . . . . . . 7 | |||
3.3. Compendium of Approved ITU-T Security Definitions . . . . 7 | 3.3. Compendium of Approved ITU-T Security Definitions . . . . 7 | |||
3.4. Microsoft Malware Protection Center . . . . . . . . . . . 8 | 3.4. Microsoft Malware Protection Center . . . . . . . . . . . 8 | |||
3.5. SANS Glossary of Security Terms . . . . . . . . . . . . . 8 | 3.5. SANS Glossary of Security Terms . . . . . . . . . . . . . 8 | |||
3.6. Security Taxonomy and Glossary - Anne & Lynn Wheeler . . . 8 | 3.6. Security Taxonomy and Glossary - Anne & Lynn Wheeler . . . 8 | |||
3.7. NIST - Glossary of Key Information Security Terms . . . . 8 | 3.7. NIST - Glossary of Key Information Security Terms . . . . 8 | |||
3.8. RSA Information Security Glossary . . . . . . . . . . . . 9 | ||||
4. Standards Developing Organizations . . . . . . . . . . . . . . 10 | 4. Standards Developing Organizations . . . . . . . . . . . . . . 10 | |||
4.1. 3GPP - Third Generation Partnership Project . . . . . . . 10 | 4.1. 3GPP - Third Generation Partnership Project . . . . . . . 10 | |||
4.2. 3GPP2 - Third Generation Partnership Project 2 . . . . . . 10 | 4.2. 3GPP2 - Third Generation Partnership Project 2 . . . . . . 10 | |||
4.3. ANSI - The American National Standards Institute . . . . . 11 | 4.3. ANSI - The American National Standards Institute . . . . . 11 | |||
4.3.1. Accredited Standards Committee X9 (ASC X9) . . . . . . 11 | 4.3.1. Accredited Standards Committee X9 (ASC X9) . . . . . . 11 | |||
4.4. ATIS - Alliance for Telecommunications Industry | 4.4. ATIS - Alliance for Telecommunications Industry | |||
Solutions . . . . . . . . . . . . . . . . . . . . . . . . 11 | Solutions . . . . . . . . . . . . . . . . . . . . . . . . 11 | |||
4.4.1. ATIS NPRQ - Network Performance, Reliability, and | 4.4.1. ATIS NPRQ - Network Performance, Reliability, and | |||
Quality of Service Committee, formerly T1A1 . . . . . 12 | Quality of Service Committee, formerly T1A1 . . . . . 12 | |||
4.4.2. ATIS TMOC - Telecom Management and Operations | 4.4.2. ATIS TMOC - Telecom Management and Operations | |||
skipping to change at page 8, line 7 | skipping to change at page 8, line 7 | |||
Recommendations with a view toward establishing a common | Recommendations with a view toward establishing a common | |||
understanding and use of security terms within ITU-T. The original | understanding and use of security terms within ITU-T. The original | |||
Compendium was compiled by SG 17, Lead Study Group on Communication | Compendium was compiled by SG 17, Lead Study Group on Communication | |||
Systems Security (LSG-CSS). | Systems Security (LSG-CSS). | |||
http://www.itu.int/itudoc/itu-t/com17/activity/def004.html | http://www.itu.int/itudoc/itu-t/com17/activity/def004.html | |||
Date published: 2003 | Date published: 2003 | |||
3.4. Microsoft Malware Protection Center | 3.4. Microsoft Malware Protection Center | |||
http://www.microsoft.com/security/glossary.mspx | http://www.microsoft.com/security/portal/threat/encyclopedia/ | |||
glossary.aspx | ||||
The Microsoft Malware Protection Center, Threat Research and Response | The Microsoft Malware Protection Center, Threat Research and Response | |||
Glossary was created to explain the concepts, technologies, and | Glossary was created to explain the concepts, technologies, and | |||
products associated with computer security. | products associated with computer security. | |||
Date published: indeterminate | Date published: indeterminate | |||
3.5. SANS Glossary of Security Terms | 3.5. SANS Glossary of Security Terms | |||
http://www.sans.org/security-resources/glossary-of-terms/ | http://www.sans.org/security-resources/glossary-of-terms/ | |||
skipping to change at page 9, line 7 | skipping to change at page 9, line 8 | |||
This glossary of basic security terms has been extracted from NIST | This glossary of basic security terms has been extracted from NIST | |||
Federal Information Processing Standards (FIPS) and the Special | Federal Information Processing Standards (FIPS) and the Special | |||
Publication (SP) 800 series. The terms included are not all | Publication (SP) 800 series. The terms included are not all | |||
inclusive of terms found in these publications, but are a subset of | inclusive of terms found in these publications, but are a subset of | |||
basic terms that are most frequently used. The purpose of this | basic terms that are most frequently used. The purpose of this | |||
glossary is to provide a central resource of definitions most | glossary is to provide a central resource of definitions most | |||
commonly used in NIST security publications. | commonly used in NIST security publications. | |||
Date originally published: April 2006 | Date originally published: April 2006 | |||
Date of this update: February 2100 | Date of this update: February 2010 | |||
3.8. RSA Information Security Glossary | ||||
http://www.rsa.com/glossary/ | ||||
Welcome to the RSA Security Information Security Glossary. This | ||||
glossary is offered as an aid to understanding current concepts and | ||||
initiatives in the realm of Information Security. The terms were | ||||
chosen based on their importance in understanding the solutions, | ||||
services and products that RSA security provides for its customers. | ||||
Date originally published: 2005 | ||||
4. Standards Developing Organizations | 4. Standards Developing Organizations | |||
This section of this document lists the SDOs, or organizations that | This section of this document lists the SDOs, or organizations that | |||
appear to be developing security related standards. These SDOs are | appear to be developing security related standards. These SDOs are | |||
listed in alphabetical order. | listed in alphabetical order. | |||
Note: The authors would appreciate corrections and additions. This | Note: The authors would appreciate corrections and additions. This | |||
note will be removed before publication as an RFC. | note will be removed before publication as an RFC. | |||
skipping to change at page 40, line 27 | skipping to change at page 40, line 27 | |||
-18 : Eighteenth revision of the WG ID. | -18 : Eighteenth revision of the WG ID. | |||
Updated the date and reviewed the accuracy of Section 4. Some | Updated the date and reviewed the accuracy of Section 4. Some | |||
changes made. | changes made. | |||
-19 : Ninteenth revision of the WG ID. | -19 : Ninteenth revision of the WG ID. | |||
Updated the date and reviewed the accuracy of Section 5. Some | Updated the date and reviewed the accuracy of Section 5. Some | |||
changes made. | changes made. | |||
-20 : Twentieth revision of the WG ID. | ||||
Updated the date and reviewed the accuracy of Section 3. Some | ||||
changes made. | ||||
Note: This section will be removed before publication as an RFC. | Note: This section will be removed before publication as an RFC. | |||
Authors' Addresses | Authors' Addresses | |||
Chris Lonvick | Chris Lonvick | |||
Cisco Systems | Cisco Systems | |||
12515 Research Blvd. | 12515 Research Blvd. | |||
Austin, Texas 78759 | Austin, Texas 78759 | |||
US | US | |||
End of changes. 8 change blocks. | ||||
6 lines changed or deleted | 25 lines changed or added | |||
This html diff was produced by rfcdiff 1.41. The latest version is available from http://tools.ietf.org/tools/rfcdiff/ |