Security
From OPeNDAP Documentation
Authentication Working Group
Motivation
We want to develop a policy that helps both OPeNDAP and the people who run our software to be confident that using the software does not substantially increase the level of risk of a computer/network security problem. We know that risk is inherent in using computer networks, but it can be managed and reduced by avoiding certain behaviors. The policy we develop here should address those behaviors. As we do this, we can hopefully increase awareness about computer security in the OPeNDAP community to the point where more services become available for users.
Statement of Work
- Evaluate existing Computer and Network security policies
- Distill from those elements which apply to OPeNDAP and its community of users
- Determine if we need to address both Servers and Clients in separate policies or not, or if we only need to address Server security
- Make recommendations to OPeNDAP regarding its Interim policy
- Develop a Community policy if that's appropriate
- Move on from policy to procedures, it that seems appropriate
Members
Resources
information-security-policies-and-standards.com cert.org
--James Gallagher 11:20 3 May 2007 (MDT)