Security

From OPeNDAP Documentation
⧼opendap2-jumptonavigation⧽

Authentication Working Group

Motivation

We want to develop a policy that helps both OPeNDAP and the people who run our software to be confident that using the software does not substantially increase the level of risk of a computer/network security problem. We know that risk is inherent in using computer networks, but it can be managed and reduced by avoiding certain behaviors. The policy we develop here should address those behaviors. As we do this, we can hopefully increase awareness about computer security in the OPeNDAP community to the point where more services become available for users.

Statement of Work

  1. Evaluate existing Computer and Network security policies
  2. Distill from those elements which apply to OPeNDAP and its community of users
  3. Determine if we need to address both Servers and Clients in separate policies or not, or if we only need to address Server security
  4. Make recommendations to OPeNDAP regarding its Interim policy
  5. Develop a Community policy if that's appropriate
  6. Move on from policy to procedures, it that seems appropriate

Members

  1. James Gallagher
  2. Jerry Pan
  3. Chris Lynnes

Resources

information-security-policies-and-standards.com cert.org

--James Gallagher 11:20 3 May 2007 (MDT)