Security Forum : Publications

Development work by The Security Forum and Identity Management Forum members has resulted in the following publications - all currently available from The Open Group Online Bookstore.

Standards and Specifications
White Papers & Business Scenarios
Specifications from The Network Applications Consortium
Managers Guides
Technical Guides & Studies

Standards and Specifications

  • Risk Taxonomy C081
  • Systems Management: Backup Services API (XBSA) C425
  • Generic Security Service API (GSS-API) Base C441
  • X/Open Baseline Security Services (XBSS) C529
  • Authorization (AZN) API C908
  • Common Security: CDSA and CSSM, Version 2 (with corrigenda) C914
  • CDSA/CSSM Authentication: Human Recognition Service (HRS) API V2 C013
  • Distributed Audit Service (XDAS) P441
  • Generic Cryptographic Service API (GCS-API) Base P442
  • X/Open Single Sign-On Service (XSSO) - Pluggable Authentication P702
  • Security Interface Specifications: Auditing and Authentication S020
  • GSS-API Security Attribute and Delegation Extensions S307
  • LDAP Certified Product Standard V2 X04DJ
  • LDAP 2000 Product Standard X99DI
  • LDAP Features for Certification - Program Documentation I031
  • LDAP Features for Certification, Version 2 - Program Documentation I041

White Papers & Business Scenarios

  • Guide to Security Architecture in TOGAF ADM W055
  • Information Security Strategy, Version 1.0 W075
  • The Interoperable Enterprise K022
  • Standardization Priorities for the Directory W012
  • LDAP Certified: Consistent Results for LDAP Customers W032
  • Identity Management W041
  • Assuring Interoperability for the Directory-Enabled Enterprise W902
  • Directory-Enabled Enterprise K001
  • Directory in the Key Management Infrastructure K011
  • Executive on the Move K021
  • Identity Management K023
  • Identifiers in the Enterprise K061
  • Intrusion Attack and Response Workshop (inc. Full Script) W031
  • Intrusion Attack and Response Workshop (Summary) W031A

Specifications from The Network Applications Consortium

  • Enterprise Security Architecture H071
  • Enterprise-Wide Security: Authentication & Single Sign-On H072
  • Business Services Architecture H073
  • Interoperability: Electronic Mail Systems H074
  • Interoperability H075
  • Enterprise-Wide Security H076
  • Enterprise Directory Services Integration H077

Managers Guides

  • Risk Assessment Methodologies G081
  • Manager's Guide to Information Security G250
  • Manager's Guide to Data Privacy G033
  • Guide to Digital Rights Management G052
  • Framework for Control over Electronic Chattel Paper G061
  • Introduction to Architecting Secure Systems - Security Design Patterns G044
  • CDSA Explained, Second Edition G905

Technical Guides & Studies

  • Secure Mobile Architecture (SMA) E042
  • Core Identifier Framework Matrix G071
  • Architectures for Identity Management G072
  • Security Design Patterns G031
  • Distributed Security Framework G410
  • Architecture for Public-Key Infrastructure (APKI) G801
  • Security in Interworking Specifications E403
  • Desktop Security E503
  • Security in Federated Naming E605





We are proud of our key accomplishments, the results of which are reflected in these publications which are all available from our Online Bookstore.