Cookbook for Security Considerations

From IHE Wiki
Revision as of 17:26, 12 February 2010 by JohnMoehrke (talk | contribs) (New page: As not all IHE profile writers are security experts, this cookbook is intended to provide basic knowledge on conducting a risk assessment and some “tricks of the trade” relevant to [[S...)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to navigation Jump to search

As not all IHE profile writers are security experts, this cookbook is intended to provide basic knowledge on conducting a risk assessment and some “tricks of the trade” relevant to Security Consideration section writing. It is not only based on best practice in the field of risk assessment and mitigation but also on the experience of the ITI Technical Committee while compiling the Security Consideration section for new profiles during the year 5 cycle (mainly XCA and RFD).

This cookbook is specifically intended for IHE profile writers. Though it is based on best practice, it is not a complete method for thorough risk assessment of a package product. IHE does not endorse any use of this cookbook outside of the scope of IHE profile editing.

After presenting the basics of risk assessment and risk mitigation, the cookbook explains how to scope security consideration for IHE profiles and finally provides guidelines on the effective writing of the Security Consideration section.

Formal White Paper can be found at http://www.ihe.net/Technical_Framework/upload/IHE_ITI_Whitepaper_Security_Cookbook_2008-11-10.pdf

Retrieved from "http://wiki.ihe.net/index.php?title=Cookbook_for_Security_Considerations&oldid=40144"