IEEE.org     |     IEEE Xplore Digital Library     |     IEEE Standards     |     IEEE Spectrum     |     More Sites

Commit 89b61813 authored by Beth Hancock's avatar Beth Hancock 🌿
Browse files

Update README.md

parent 17cccc23
# Draft - IEEE SA OPEN Community Platform Primer
1. Where we are now?
a. Describe Architecture
[Community Architecture Diagram]( https://opensource.ieee.org/technical-advisory-group/security/meetings/-/blob/main/Supporting%20Documentation/Community_Platform_Diagram.pdf ) <br>
b. Components
* Firewalls
* Certificate Authorities
* Encryption Standards
* Authentication Mechanism
* Remote Access Services
* Intrusion Detection/response
* Logging/Audit
2. Best Practices
* Information, Host, and Network Marking Requirements
* Host Security Control Requirements
## Current Platform Status - Where we are now?
a. Describe Architecture <br>
[Community Architecture Diagram]( https://opensource.ieee.org/technical-advisory-group/security/meetings/-/blob/main/Supporting%20Documentation/Meeting%20Notes/20220512-sec-mtg-notes.md#community-primer ) <br>
b. Components
* Firewalls
* Certificate Authorities
* Encryption Standards
* Authentication Mechanism
* Remote Access Services
* Intrusion Detection/response
* Logging/Audit
## Security Best Practices
We are currently seeking folks to adopt different sections of the primer. A [list]( https://opensource.ieee.org/technical-advisory-group/security/meetings/-/blob/main/Supporting%20Documentation/Meeting%20Notes/20220512-sec-mtg-notes.md#community-primer ) including possible resources is available for review. Please reach out on Mattermost to @beth to adopt a section or come an [upcoming meeting]( https://opensource.ieee.org/technical-advisory-group/security/meetings#upcoming-meeting-agenda ). Any section marked with a checkmark below has been adopted.
* [x] Information, Host, and Network Marking Requirements
* [x] Host Security Control Requirements
* Network Security Control Requirements
* Monitoring and Alert Management
Internet and Intranet Access
* [x] Internet Access
* Authorization and Access controls
* Data backup and Restoration
* Encryption Technology
......@@ -26,7 +29,7 @@ Internet and Intranet Access
* Physical Security
* Accountability and Responsibility
3. Where are we trying to do (objectives)? <br>
## Objectives - Where are we trying to go? <br>
a. Demonstrate a minimum level of protection for data. <br>
b. What types of testing would we like to implement to increase security? <br>
......@@ -37,5 +40,4 @@ Look at other security primers for ideas.
1. https://sansorg.egnyte.com/dl/gOZUEgP73s
Merge request- Does the tool provide any tracking? Share idea with Tom for consideration for Maturity model. (Sarah)
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment