Read the Community Blog

New icons- Black Hat and iPhone

We've added a few new icons to the 11_02 set for an upcoming pattern. We now have a Black Hat to represent a 'hacker' (I place it in quotes as the term originally meant computer user who hacked together code quickly to achieve a given objective, and has somewhat changed meaning in recent years).

The black hat took it's inspiration from the Mad Spy vs Spy comic, a firm favourite when I was younger, especially the rather good game on the C64 :-) We have also added an iPhone (or possibly Android) icon as this would appear to be a necessary staple of modern life to enable us to function...and we needed it for the new pattern Tobi is building.

As usual the icons have been added to the icon library as SVG and PNG, and are included into the icons packs

Sony and Amazon outages

2 high impact outages for large service providers recently. Amazon cloud services which had knock on effects for a number of large companies relying on their cloud services. Sony which suffered a major security breach and which at the time of writing is still being cleaned up with unknown total impact on customers.

It made me think again about how the importance of security (Confidentiality, Integrity, and Availability) is increasing for society as we place more and more systems within the cloud in complex chains. This chimed given the original goals for starting OSA captured in this article.

See these articles on the BBC site for summaries:

Amazon apologises for web fault one week on

PlayStation Network credit card details were encrypted

February 2011 Open Security Architecture Newsletter

February 2011 Open Security Architecture Newsletter

Please find a short summary of recent changes on the Open Security Architecture website.


NEW PATTERNS


We have just finalised the DMZ pattern.
http://www.opensecurityarchitecture.org/cms/en/library/patternlandscape/286-sp-016-dmz-module
This pattern is a standard module that will be reused within the pattern library.

There is a near final draft of the Board of Directors Room pattern.
http://www.opensecurityarchitecture.org/cms/en/library/patternlandscape/292-draft-pattern-board-room
This pattern gives a solution for secure collaboration on highly sensitive materials such as financial reporting and board minutes.

There is an initial draft of Industrial Control Systems pattern.
http://www.opensecurityarchitecture.org/cms/en/library/patternlandscape/293-draft-sp-023-industrial-control-systems
This pattern is a first in this area, and we are really please to have been able to collaborate with Industrial Control System experts to ensure that the quality is high for this first draft. If this is an area you have experience in we'd welcome comments.

A secure audit trails pattern is being started.
Please join the discussion in the forum thread.
http://opensecurityarchitecture.org/BB3/viewtopic.php?f=8&t=31


Mappings and Icons
You can now download the entire catalog and mappings as a database that can be imported into MySQL or any other DBMS of your choice.
More info here: http://www.opensecurityarchitecture.org/cms/en/library/0802control-catalogue/266-08-02-controls-catalog-sql-export

The icon packs and templates have been updated to add a couple of new icons and correct an SVG rendering bug under Chrome.
http://www.opensecurityarchitecture.org/cms/library/icon-library
http://www.opensecurityarchitecture.org/cms/library/pattern-template


Outlook
We aim to add a PCI-DSS v2 mapping to the catalog shortly.
Do you have other ideas for the roadmap? Let us know at info at opensecurityarchitecture.org

All work from contributors is always credited to the originator.

We always appreciate feedback on progress, and further improvements you want to see.
If you think OSA could be useful for your contacts please pass on the word.

Best regards
The OSA core team

OSA has more than 1000 members

OSA is visited by more than 10'000 visitors from almost 100 countries each month
We highly appreciate all contributions and donations

Updated icon pack

There is a new icon pack available (11.02) that includes the icons created for the Industrial Control Systems pattern.

  • Programmable Logic Controller (PLC)
  • Drive or motor to represent output
  • Thermometer to represent input

We've also added an iMac icon.

Get the new pack from the icon library. These will also be integrated into the base template.

Update to patterns

Quick update on pattern progress as it has been quiet lately given the core team have been very busy.

  • The DMZ pattern has been promoted from draft
  • Board of Directors pattern requires a few small updates to bring into line with the standard template then will be finalised.
  • We are working an Industrial Process Automation pattern and should have a draft ready for comment in coming weeks
  • 2 other patterns are pending owners: Secure Network Zone and Consumer Devices

All work is credited back to originators.