Jericho Forum - PowerPoint PPT Presentation

1 / 10
About This Presentation
Title:

Jericho Forum

Description:

Released Papers. Jericho Forum Commandments. Architecture for De-perimeterization ... Will costly re-engineering be needed? Is the answer an adaptive de ... – PowerPoint PPT presentation

Number of Views:35
Avg rating:3.0/5.0
Slides: 11
Provided by: IanDo9
Category:

less

Transcript and Presenter's Notes

Title: Jericho Forum


1
Jericho Forum
  • Joint Meetingwith SOA WG
  • 26 October 2006
  • www.jerichoforum.org

2
Global Enabling means Hardening Everything
  • Yesterday the threats to our information were
  • From outside our networks (the Internet)
  • From non-employees (Hackers, spies)
  • Todays reality is
  • Threats can come from inside or outside
  • Attacks can come through compromised PCs
  • Employees are best positioned to do the most
    damage
  • We need to harden PCs, Servers and Networks
  • We need to evolve our infrastructure
  • Separate our user devices from our application
    servers
  • Harden and externalize our applications
  • Use secure protocols
  • Manage information access based on sensitivity

3
What Is Deperimeterization?
  • De-perimeterization
  • Is a consequence of globalization and user
    mobility
  • Is happening, whether we plan for it or not
  • While de-perimeterization is the cause the term
    has also described the counter-measures, for
    example
  • Wikipedea Definition
  • De-perimeterisation is a concept/strategy used to
    describe protecting an organisations systems and
    data on multiple levels by using a mixture of
    encryption, inherently-secure computer protocols,
    inherently-secure computer systems and data-level
    authentication rather than the reliance of an
    organisation on its (network) boundary to the
    Internet.
  • Successful implementation of a de-perimeterised
    strategy within an organisation thus implies that
    the perimeter, or outer security boundary, could
    be removed.

4
Business Drivers
  • An increased use of an extended enterprise
    business model between enterprises
  • Tighter integration of IT systems across this
    extended enterprise
  • Requirement to provide non-corporate users with
    both onsite and logical access to
    corporate-hosted systems
  • Requirement for external access by onsite
    non-corporate users
  • Transition to a mobile, virtual, and
    geographically distributed work force
  • A service oriented architecture that requires
    direct application to application interaction
  • The proliferation of complex legal and regulatory
    requirements for controlling information access

5
Released Papers
  • Jericho Forum Commandments
  • Architecture for De-perimeterization
  • Inherently Secure Protocols
  • VoIP Security
  • Wireless
  • Internet Filtering Reporting
  • End Point Security
  • All Jericho Forum position papers available at
    www.jerichoforum.org

6
Draft Papers
  • Trust Co-operation
  • Digital Rights Management Enterprise
    Information Protection Control
  • Privacy
  • Federated Identity
  • Encryption Encapsulation
  • Regulation, Compliance Certification
  • Audit Management
  • Data/Information Management

7
Proposed Papers
  • Network Security QoS
  • Audit Management
  • Wi-Fi Connectivity
  • Net-Neutrality
  • Virtualization
  • Overarching Trust Paper
  • And 2 new proposed papers from Seattle meeting
  • Web Services Perimeters
  • Data Protection Provenance

8
Secure Protocols Attributes
  • Protocols used should have the appropriate level
    of data security, and authentication
  • The use of a protective security wrapper (or
    shell) around an application protocol may be
    applicable
  • However the use of an encrypted tunnel negates
    most inspection and protection and should be
    avoided in the long term.

9
Secure Protocols - Secure out of the box
  • An inherently secure protocol is
  • Authenticated
  • Protected against unauthorised reading/writing
  • Has guaranteed integrity
  • For inherently secure protocols to be adopted
    then it is essential that
  • Systems start being delivered preferably only
    supporting inherently secure protocols or
  • With the inherently secure protocols as the
    default option

10
Architecture for De-perimeterization
  • If boundaries are eroding, and one organisation
    merges into another, how should we approach
    architecture?
  • Are existing approaches invalidated by
    de-perimeterisation?
  • Will costly re-engineering be needed?
  • Is the answer an adaptive de-perimeterised
    architecture?
  • Vision emphasizes application autonomy, platform
    survivability and network transparency.
  • Believes we should be looking at several
    different approaches, including SOA, Grid, other
  • Paper comments that SOA approach seeks to provide
    a unifying view of distributed systems and
    enterprise architecture focused on the notion of
    services
  • Believes it is realistic for organizations to
    start trialling and adopting architectures that
    support de-centralised trust frameworks and P2P
    applications based around them.
  • Recommend reading the Jericho Forums
    Architecture for De-perimeterization position
    paper.
Write a Comment
User Comments (0)
About PowerShow.com
Home About Us Terms and Conditions Privacy Policy Presentation Removal Request Contact Us
Copyright 2025 CrystalGraphics, Inc. — All rights Reserved. PowerShow.com is a trademark of CrystalGraphics, Inc.
The PowerPoint PPT presentation: "Jericho Forum" is the property of its rightful owner.
Do you have PowerPoint slides to share? If so, share your PPT presentation slides online with PowerShow.com. It's FREE!