By Ian Dobson & Jim Hietala, The Open Group
The Open Group Framework for Secure Collaboration Oriented Architectures (O-SCOA) Guide provides system and security architects and designers with a blueprint specifying the requirements for secure design of enterprise architectures that support safe and secure operation, globally, over any unsecured network.
This secure COA framework was originally developed by the Jericho Forum®, a forum of The Open Group, from 2007-2009. They started with an overview paper outlining the objectives and framework concepts, and quickly followed it with a high-level COA framework that mapped the primary components – processes, services, attributes and technologies – and identified the sub-components under each. Then, over the next 18 months the forum developed and published a series of requirements papers on the results of the methodical analysis of the security requirements that each sub-component should be architected to fulfill.
The O-SCOA Guide brings together an updated version of all these papers in one publication, adding the latest developments in the critical identity management component. It also includes the business case for building Enterprise Architectures that follow the O-SCOA guidance to assure safe and secure operations between business partners over insecure global networks. Additionally, it includes the Jericho Commandments, first published in 2006, which have stood the test of time as the proven benchmark for assessing how secure any Enterprise Architecture is for operations in open systems.
The SCOA guide may be downloaded here.
Ian Dobson is the director of the Security Forum and the Jericho Forum for The Open Group, coordinating and facilitating the members to achieve their goals in our challenging information security world. In the Security Forum, his focus is on supporting development of open standards and guides on security architectures and management of risk and security, while in the Jericho Forum he works with members to anticipate the requirements for the security solutions we will need in future.
Jim Hietala, CISSP, GSEC, is the Vice President, Security for The Open Group, where he manages all IT security and risk management programs and standards activities. He participates in the SANS Analyst/Expert program and has also published numerous articles on information security, risk management, and compliance topics in publications including The ISSA Journal, Bank Accounting & Finance, Risk Factor, SC Magazine, and others.