OPENframework

OPENframework is an approach for coping with the complexity of modern business computing; addressing the question "How does an enterprise best exploit information technology?"

The OPENframework approach is explained in a series of books.

Highly illustrated and using everyday language, the OPENframework Systems Architecture Series is an ideal companion for those involved in planning or implementing systems strategy. The series will be of value to professionals and students of business and information technology.

Security measures an information system's ability to withstand malicious attack, such as unauthorized observation, or interference of information, or denial of the service to others.

This book explains how to discuss security, breaking the subject down into easily managed concepts. It describes the latest products and techniques and identifies where they can best be employed. The problems associated with security in distributed computing and Open Systems environments are addressed in some detail.

1. What is security?
• Aspects of the OPENframework technical architecture
• Information system architecture
• Security scope
• Security functionality
• Security and OPENframework
• Mission
2. Trends in security
• Security awareness
• User Mobility
• Distributed computing
• PC security
• Electronic trading
• Personal communications
• Technology trends
• Rating secure systems
3. Perspectives on security
• Responsibilities
• Enterprise management's perspective
• Application developers' perspective
• Service providers' perspective
• Users' perspective
4. OPENframework policies for security
• Product security
• Distributed security
• Assurance
5. Security model
• Components
6. Security functionality
• Positioning of security functionality
• Configurable security
• Functionality
7. Assurance
• Components, products and systems
• Development process
• Evaluation
8. Distributed security architecture
• Privilege attribute certificate
• User sponsor
• User log-on
• Privilege attributes
• Software authentication
• Association management
• Protecting application data
• Audits and alarms
• Access control
• Interdomain working
• PAC protection and control
• Cryptography
• Recovery
9. Distributed security services
• User sponsor
• Authentication and privilege attribute services
• Authorization facilities
• Association management and security
• Cryptography
• Audits and alarms
• Interfaces and firewalls
10. Security and the OPENframework elements
• Application architectures
• User interface
• Distributed application services
• Information management
• Application development
• Systems management
• Networking services
• Platforms
11. Security and the other OPENframework qualities
12. Security support services

1. Architecture guidelines for best practice
• Product functionality
• Distributed security
• Assurance
2. Further reading
• Other books in the OPENframework series
• Enterprise management
• Security
3. Glossary

ICL's view on security a la 1993. Today they refuse to acknowledge its existance. Surprising, as the quality is high.