[Owasp-leaders] SOA security governance - feedback requested
GREENG1 at nationwide.com
GREENG1 at nationwide.com
Fri May 22 11:11:31 EDT 2009
OWASP leaders,
I am the vice chair of the Columbus, Ohio OWASP chapter (Chris Hayes is
the chair). I am a security architect for Nationwide Insurance in
Columbus, Ohio (Chris is my teammate). I have been leading an effort since
late last year within Nationwide Insurance to define information security
governance standards for service-oriented architectures. Nationwide is a
large multi-line insurance and financial services company, with literally
100s of both internally and externally facing services. In essence, the
governance defines which security controls are required or recommended to
assure confidentiality, integrity and availability for a SOA interaction,
based upon various application security risk attributes.
I plan to present a summary of the governance approach to the 05/27
Columbus OWASP meeting. I am sending this note to elicit your feedback
prior to 05/27. Any advice that you could provide would be much
appreciated, including whether or not it could/should be integrated with
other OWASP projects.
Thanks!
Greg S. Green
Enterprise Security Architecture
Nationwide Insurance
greeng1 at nationwide.com
Columbus OWASP chapter vice chair
greg.s.green at gmail.com
-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://lists.owasp.org/pipermail/owasp-leaders/attachments/20090522/47af266e/attachment-0001.html
-------------- next part --------------
A non-text attachment was scrubbed...
Name: SOA Security Governance.pdf
Type: application/octet-stream
Size: 857935 bytes
Desc: not available
Url : https://lists.owasp.org/pipermail/owasp-leaders/attachments/20090522/47af266e/attachment-0001.obj
More information about the OWASP-Leaders
mailing list