Publications by Subject Area : Security

 - Sort by Subject  -  Sort by Date  -

Subject : ArchiMate

White Papers

W172Modeling Enterprise Risk Management and Security with the ArchiMate® Language
W150Modeling Enterprise Risk Management and Security with the ArchiMate® Language

Subject : Cloud Computing

White Papers

W116An Architectural View of Security for Cloud

Subject : Corrigenda


U051CDSA/CSSM Authentication: Human Recognition Service (HRS) API
U039X/Open Single Sign-On Service (XSSO) - Pluggable Authentication

Subject : Desktop

Technical Studies

E503Desktop Security

Subject : Enterprise Management


C425Systems Management: Backup Services API (XBSA)

Subject : General


D160The Open Group Blog Volume 3 Issue 1
D150The Open Group Blog Volume 2 Issue 1
D140The Open Group Blog Volume 1 Issue 6
D130The Open Group Blog Volume 1 Issue 5
D122The Open Group Blog Volume 1 Issue 4
D121The Open Group Blog Volume 1 Issue 3
D113The Open Group Blog Volume 1 Issue 2
D111The Open Group Blog Volume 1 Issue 1
D111KThe Open Group Blog Volume 1 Issue 1 (Kindle Edition)

Subject : Interworking

Technical Studies

E403Security in Interworking Specifications

Subject : Jericho Forum


G128Jericho Forum® Identity Commandments: Key Concepts
G124Jericho Forum® Self-Assessment Scheme


D045The Jericho Forum® Identity Commandments

White Papers

W125Jericho Forum® Identity Commandments
W126Jericho Forum® Cloud Cube Model
W124Jericho Forum® Commandments
W127Jericho Forum® Business Rationale for De-Perimeterization
W128Jericho Forum® Trust and Co-operation

Subject : Open FAIR


G144A Pocket Guide to the Open FAIR Body of Knowledge

Study Materials

B140Open FAIR Foundation Study Guide


D164Using Open FAIR™ to Communicate with Boards on Cybersecurity Risk
D126Overview of the Information Risk Management Process (Open FAIR Standard)

White Papers

W177Open FAIR™ – STIX™ Integration
W148An Introduction to the Open FAIR Body of Knowledge

Subject : SOA

White Papers

W119Security Principles for Cloud and SOA

Subject : Security

Certification Product Standards

X1301Role-Based Access Control (RBAC)
X98SSSecure Communications Services
X98XSBaseline Security 98

Consortium Specifications

H073Business Services Architecture
H072Enterprise-Wide Security: Authentication & Single Sign-On
H076Enterprise-Wide Security
H077Enterprise Directory Services Integration
H074Interoperability: Electronic Mail Systems


G152Integrating Risk and Security within a TOGAF® Enterprise Architecture
G125Optimizing ISO/IEC 27001:2013 using O-ISM3
G141Trust Ecosystem
G112Open Enterprise Security Architecture (O-ESA)
G081Requirements for Risk Assessment Methodologies
G061Framework for Control over Electronic Chattel Paper
G052Guide to Digital Rights Management
G044Introduction to Security Design Patterns
G033Manager's Guide to Data Privacy
G250Manager's Guide to Information Security
G905CDSA Explained, Second Edition

Information Sheets

Q059The Open Group Security Forum

Preliminary Specifications

P702X/Open Single Sign-On Service (XSSO) - Pluggable Authentication
P441Distributed Audit Service (XDAS)
P442Generic Cryptographic Service API (GCS-API) Base


S307GSS-API Security Attribute and Delegation Extensions
S020Security Interface Specifications: Auditing and Authentication


C17BOpen Information Security Management Maturity Model (O-ISM3), Version 2.0
C142Open Secure Mobile Architecture (O-SMA): Reference Architecture and Implementation Guidance
C13GRisk Analysis (O-RA)
C13KRisk Taxonomy (O-RT), Version 2.0
C133Dependency Modeling (O-DM)
C125Authorization Roles Managed On RBAC (O-ARMOR)
C111Open Automated Compliance Expert Markup Language (O-ACEML)
C013CDSA/CSSM Authentication: Human Recognition Service (HRS) API V2
C914Common Security: CDSA and CSSM, Version 2 (with corrigenda)
C908Authorization (AZN) API
C441Generic Security Service API (GSS-API) Base
C529X/Open Baseline Security Services (XBSS)

Technical Guides

G167The Open FAIR™ – NIST Cybersecurity Framework Cookbook
G127Framework for Secure Collaboration-Oriented Architectures (O-SCOA)
C103FAIR - ISO/IEC 27005 Cookbook
G031Security Design Patterns
G801Architecture for Public-Key Infrastructure (APKI)
G410Distributed Security Framework (XDSF)
G206Defining and Buying Secure Open Systems

Technical Studies

E605Security in Federated Naming


D115Is your Organization Ready to Respond to the Next Heartbleed?
D105Applying Open FAIR to Analyze Risk in a Retail Environment
D104Visualizing the Business Impact of Technical Cyber Risks
D091Open FAIR Certification for Risk Analysts
D083Risk and IT Security: Developing and Communicating the InfoSec Value Proposition to Senior Management
D082The Value of Certification for Risk Analysts
D070Quantifying Cybersecurity Risk in $$$
D069Communicating Cybersecurity Risk to Business Leaders
D038Dependency Modeling – Capturing and Sharing Organizational Interdependencies
D025O-ISM3 Implementation and Case Study
D023O-ISM3 Implementation and Case Study
D022Deep Dive on O-ISM3 – Tactical-Specific Processes Overview
D021Deep Dive on O-ISM3 – Process Model, Generic Processes, and Strategic-Specific Processes
D019Deep Dive on O-ISM3 – Business Context and Security Concepts
D017An Introduction to O-ISM3
D005Logging Use-Cases and Standards Update
D004Enterprise Logging and Log Management: Hot Topics
D003Jericho Forum®: Achievements through 2009, and Plans for 2010
D002IT Risk Management: Overview of The Open Group Risk Taxonomy Standard with Jack Jones

White Papers

W176Putting Open FAIR™ Risk Analysis Into Action
W154IT Risk Management Survey Summary
W152Best Practices for Security in Cloud Adoption by Indian Banks
W143The Need for Data Principles
W142Protecting Information: Steps for a Secure Data Future
W141Managing Network Entities in a Collaborative World
W140Smart Data for Secure Business Collaboration
W137Information Security Management (20 CSC)
W133Information Security Management (O-ISM3, TOGAF®, and SABSA®)
W117TOGAF® and SABSA® Integration
W075Information Security Strategy, Version 1.0
W031Intrusion Attack and Response Workshop (inc. Full Script)
W031AIntrusion Attack and Response Workshop

Subject : TOGAF

White Papers

W055Guide to Security Architecture in the TOGAF® ADM
The Open Group
Platinum Members