The Open Group : Making Standards Work
About The Open Group The Open Group Forums Certification Collaboration Services
HOME   |   SITE MAP   |   SEARCH  
Sponsor an Event Become a Member of The Open Group The Open Group Member Area
Government Programs Events Bookstore & Downloads Newsroom Contact The Open Group
You are here: The Open Group > Managed Consortia > Jericho Forum
Jericho logo

Member login

Jericho Home
About: Vision-Mission
Publications
Meetings
Events
Presentations
Newsletters/Articles
Press Coverage
Why Join?
Members & BoM
Join
De-perimeterization
Business Case
Jericho Blueprint
Brochure
FAQs

 
Jericho

The Jericho Forum Blueprint - based on the Jericho Forum principles

    

Origin

The term "blueprint" was originally derived from the visual appearance of printed technical and architectural drawings that were produced using the cyanotype contact printing process, which produced the white lines on blue background - characteristic of this old-style paper-based printing technique. Today the term "blueprint" refers to a plan for a conceptual design - not even necessarily drawn.

In the ESAF conference at RSA Security, Feb 2007, Qualys CEO Philippe Courtot coined the term "Jericho Forum blueprint" to describe the design of IT systems which will perform secure transactions over open insecure networks - i.e. in de-perimeterized environments.

The Jericho Forum adopted this term in the theme for its 2007 European Spring Conference, where the theme was "Delivering solutions to the Jericho Forum blueprint".

The Concept translated to reality

A natural progression of the idea of a Jericho Forum blueprint is to translate the concept into tangible form, building on:

  • de-perimeterization, explained on our Web site and in numerous presentations since formation of the Jericho Forum in 2004
  • vision white paper
  • Jericho Forum principles
  • our other position papers
  • our Collaboration Oriented Architecture (COA), which is being built on our work and publications to date.

Other vital components in our blueprint include:

  • secure design (top-down approach to good design)
  • secure coding (bottom-up approach to good design). We have held discussions with the SANS Institute which is very interested in promoting this skill.
  • compliance & regulation
  • risk analysis & risk management
  • information quality management
  • enterprise architecture - methodologies

A University Computer Science Module?

The notion of a Jericho Forum blueprint course was conceived as a way to pass on to graduates entering the computer science industry the training and skills required for building secure IT systems which comply with the Jericho Forum's principles for building systems which will assure secure transactions over open insecure networks in our ever increasing globally interconnected IT world.

Discussions with our academic members (see our members list) have resulted in understanding on how we might evolve this approach into an acceptable University computer science module, for integrating into a computer science undergraduate course. An important requirement for take-up is that the content of the module is proven and practical - not a concept.

Feedback from Academia

Most Universities have industry advisory boards or similar consultative bodies which maintain links with relevant industries to develop courses which will meet the needs of those industries. It will be most effective for us to work through these industry advisory boards to promote our Jericho Forum blueprint initiative. In the United States, university research sponsorships are a highly effective way to influence universities. This also applies in UK universities, though research usually has to involve practice-based work.

The Jericho Foprum blueprint module could also be introduced as a post-graduate qualification. Particular in this regard, it will help greatly if the module was to count towards a recognized professional qualification (CISSP CBK, ISSA credits, etc.) or other professional or skills development qualification. An established logo (Jericho Forum) identifier would add to the recognized value.

Considerations in compiling course materials include that security has to be built into IT architectures, and that we need to structure it so it fits the requirements of academics who create University courses. Another consideration is that we need to deliver the module under an established conveyance mechanism - such as a creative commons license.

The Way Forward

We believe the components in our outline blueprint can be developed into a significant module - comprising say 8 lectures, 2 seminars, 3 coursework projects, and 1 examination. Our vision, and challenge, is to act upon the feedback from our academic members and work with them to get the Jericho Forum blueprint accepted as a university computer science module.

     
 

 

 

  
   |   Legal Notices & Terms of Use   |   Privacy Statement   |   Top of Page   Return to Top of Page

Copyright © 2009. The Open Group. All Rights Reserved.