Information Security News mailing list archives

Previous By Date Next
Previous By Thread Next

RFI aims at security info sharing

From: InfoSec News <isn () c4i org>
Date: Thu, 6 Feb 2003 00:19:16 -0600 (CST)
http://www.fcw.com/fcw/articles/2003/0203/web-fedcirc-02-05-03.asp

By Diane Frank 
Feb. 5, 2003

The Federal Computer Incident Response Center today released a call
for industry participation in an effort to develop common standards
for exchanging security incident information.

The request for information (RFI) stresses that compliance with such
standards likely will become a requirement to qualify for future
federal security purchases.

For some time, FedCIRC has been working with the CERT Coordination
Center (CERT/CC) on the Data Analysis Capability (DAC), a solution
that will allow FedCIRC to analyze and correlate incident information
across government. The idea is that as more agencies share
information, the better the overall management of security incidents
will be.

Several agencies have helped test the DAC and work through policy
issues surrounding data sharing among agencies, but technologically,
agencies face difficulty in combining information from proprietary
commercial security systems.

The request for information asks industry to work with the CERT/CC and
the Internet Engineering Task Force on the two standards under
development: The Intrusion Detection Message Exchange Format and the
Incident Object Description and Exchange Format. These standards are
independent of the DAC but are the most relevant to the government's
needs.

Industry involvement in the standards will become even more important
down the line. "We expect that compliance with the DAC architecture is
likely to become a requirement for future acquisition of
security-related products by federal civilian agencies," the RFI
states.

As more and more agencies purchase commercial intrusion detection and
management systems, such a requirement could have big implications in
the security market, the RFI points out.

A second pilot test of the DAC is planned for spring 2003, and FedCIRC
is encouraging vendors that can make their solutions DAC-compliant by
that time to participate.

Responses to the RFI are due via e-mail to FedCIRC by Feb. 28 at
dac-rfi () fedcirc gov.
 
 

-
ISN is currently hosted by Attrition.org

To unsubscribe email majordomo () attrition org with 'unsubscribe isn'
in the BODY of the mail.
Previous By Date Next
Previous By Thread Next

Current thread: