Security Forum : Publications

Development work by The Security Forum and Identity Management Forum members has resulted in the following publications - all currently available from The Open Group Online Bookstore.

Standards and Specifications
White Papers & Business Scenarios
Specifications from The Network Applications Consortium
Managers Guides
Technical Guides & Studies

Standards and Specifications

  • Risk Taxonomy C081
  • Systems Management: Backup Services API (XBSA) C425
  • Generic Security Service API (GSS-API) Base C441
  • X/Open Baseline Security Services (XBSS) C529
  • Authorization (AZN) API C908
  • Common Security: CDSA and CSSM, Version 2 (with corrigenda) C914
  • CDSA/CSSM Authentication: Human Recognition Service (HRS) API V2 C013
  • Distributed Audit Service (XDAS) P441
  • Generic Cryptographic Service API (GCS-API) Base P442
  • X/Open Single Sign-On Service (XSSO) - Pluggable Authentication P702
  • Security Interface Specifications: Auditing and Authentication S020
  • GSS-API Security Attribute and Delegation Extensions S307
  • LDAP Certified Product Standard V2 X04DJ
  • LDAP 2000 Product Standard X99DI
  • LDAP Features for Certification - Program Documentation I031
  • LDAP Features for Certification, Version 2 - Program Documentation I041

White Papers & Business Scenarios

  • Guide to Security Architecture in TOGAF ADM W055
  • Information Security Strategy, Version 1.0 W075
  • The Interoperable Enterprise K022
  • Standardization Priorities for the Directory W012
  • LDAP Certified: Consistent Results for LDAP Customers W032
  • Identity Management W041
  • Assuring Interoperability for the Directory-Enabled Enterprise W902
  • Directory-Enabled Enterprise K001
  • Directory in the Key Management Infrastructure K011
  • Executive on the Move K021
  • Identity Management K023
  • Identifiers in the Enterprise K061
  • Intrusion Attack and Response Workshop (inc. Full Script) W031
  • Intrusion Attack and Response Workshop (Summary) W031A

Specifications from The Network Applications Consortium

  • Enterprise Security Architecture H071
  • Enterprise-Wide Security: Authentication & Single Sign-On H072
  • Business Services Architecture H073
  • Interoperability: Electronic Mail Systems H074
  • Interoperability H075
  • Enterprise-Wide Security H076
  • Enterprise Directory Services Integration H077

Managers Guides

  • Risk Assessment Methodologies G081
  • Manager's Guide to Information Security G250
  • Manager's Guide to Data Privacy G033
  • Guide to Digital Rights Management G052
  • Framework for Control over Electronic Chattel Paper G061
  • Introduction to Architecting Secure Systems - Security Design Patterns G044
  • CDSA Explained, Second Edition G905

Technical Guides & Studies

  • Secure Mobile Architecture (SMA) E042
  • Core Identifier Framework Matrix G071
  • Architectures for Identity Management G072
  • Security Design Patterns G031
  • Distributed Security Framework G410
  • Architecture for Public-Key Infrastructure (APKI) G801
  • Security in Interworking Specifications E403
  • Desktop Security E503
  • Security in Federated Naming E605





We are proud of our key accomplishments, the results of which are reflected in these publications which are all available from our Online Bookstore.



The Open Group
Platinum Members
HP IBM Oracle Philips