Security Standards & Guides

Printer-friendly versionSend by emailPDF version

Leading the development of security standards and best practices

With an extensive track record in the development of important security standards, The Open Group continues to create security standards that promote the development of secure IT systems. Our work encompasses technical security standards that are implemented by vendors to deliver security functionality in IT products and software, as well as best practice security standards that are implemented by security practitioners in customer organizations.

The Open Group is dedicated to sustaining a vigorous professional community that ensures the ongoing development of consistent and reliable open standards. We invite you to explore the work we have done to bring security standards to the IT industry. Some of our past work on important security standards includes:

  • C013 - CDSA/CSSM Authentication: Human Recognition Service (HRS) API V2
  • C081 - Risk Taxonomy
  • C425 - Systems Management: Backup Services API (XBSA)
  • C441 - Generic Security Service API (GSS-API) Base
  • C529 - X/Open Baseline Security Services (XBSS)
  • C908 - Authorization (AZN) API
  • C914 - Common Security: CDSA and CSSM, Version 2 (with corrigenda)
    • P441 - Distributed Audit Service (XDAS)
    • P442 - Generic Cryptographic Service API (GCS-API) Base
    • P702 - X/Open Single Sign-On Service (XSSO) - Pluggable Authentication
    • We also have a strong track record on developing technical guides. Among the most popular downloads are:
    • C103 - AIR – ISO/IEC 27005 Cookbook
    • G031 - Security Design Patterns
    • G410 - Distributed Security Framework (XDSF)
    • G801 - Architecture for Public-Key Infrastructure (APKI)

If your organization is not a member of The Open Group, please contact us to learn more about how to get involved.