Jericho Forum

The Jericho Forum was an international group working to define and promote de-perimeterisation. It was initiated by David Lacey from the Royal Mail, and grew out of a loose affiliation of interested corporate CISOs (Chief Information Security Officers), discussing the topic from the summer of 2003, after an initial meeting hosted by Cisco, but was officially founded in January 2004. It declared success, and merged with The Open Group industry consortium's Security Forum in 2014.[1]

The problem

It was created because the founding members claimed that no one else was appropriately discussing the problems surrounding de-perimeterisation. They felt the need to create a forum to define and solve consistently such issues. One of the earlier outputs of the group is a position paper entitled the Jericho Forum Commandments which are a set of principles that describe how best to survive in a de-perimeterised world.

Membership

The Jericho Forum consisted of "user members" and "vendor members". Originally, only user members were allowed to stand for election. In December 2008 this was relaxed, allowing either vendor or user members to be eligible for election. The day-to-day management was provided by the Open Group.

While the Jericho Forum had its foundations in the UK, nearly all the initial members worked for corporates and had global responsibilities, and involvement grew to Europe, North America and Asia Pacific.

Results

After the initial focus on defining the problem, de-perimeterisation, the Forum then moved onto focussing on defining the solution, which it delivered in the publication of the Collaboration Oriented Architecture (COA) paper and COA Framework paper.

The next focus of the Jericho Forum was "Securely Collaborating in Clouds", which involves applying the COA concepts to the emerging Cloud Computing paradigm. The basic premise is that a collaborative approach is essential to gain most value from "the cloud". Much of this work was transferred to the Cloud Security Alliance for use in its "guidance" document.

The final (major) piece of the Jericho Forum's work (from 2009) was around Identity, culminating in 2011 with the publication of their Identity, Entitlement & Access Management Commandments.[2]

In its final months the Jericho Forum contributed thinking to the debate around "Smart Data" and this was handed over to the Security forum within The Open Group to continue, while the work on Identity has been continued by the Global Identity Foundation.

Success and closure

The Jericho Forum declared success and sunsetted at the London conference of the OpenGroup on 29 October 2013[3] (video).

The Jericho Forum work on identity has been carried on by the Global Identity Foundation, a not-for-profit organisation working to define the components of a global digital identity ecosystem, with the Identity "commandments" directly translating into the principles behind Identity 3.0.

Key publications

Position papers

External articles

  1. Alan Lawson “A World without Boundaries” Butler Review Journal Article April 2005 http://www.butlergroup.com/research/DocView.asp?ID={BD1E4C70-F644-42F1-903E-CDBC09A38B8D} [Membership required to access document] “Deperimeterisation has become more than an interesting idea it is now a requirement for many organisations. Vendors have shown an increasing willingness to listen to the user community, but in the absence of a coherent voice from the end-users themselves, may have been uncertain about to whom they should be listening. As long as Jericho [Forum] can continue to build upon its foundations and successfully integrate vendor input into its ongoing strategies, then we see no reason why this community should not become a strong and valuable voice in the years ahead.”
  2. Paul Stamp, & Robert Whiteley with Laura Koetzle & Michael Rasmussen “Jericho Forum Looks To Bring Network Walls Tumbling Down” Forrester http://www.forrester.com/Research/Document/Excerpt/0,7211,37317,00.html [Chargeable document] “The Jericho Forum is turning current security models on their heads, and it’s likely to affect much more than the way companies look at orthodox IT security. Jericho’s approach touches on domains like digital rights management, network quality of service, and business partner risk management.”
  3. Angela Moscaritolo "Cloud computing presents next challenge" SC World Congress Dec 2008 http://www.scmagazineus.com/SC-World-Congress-Cloud-computing-presents-next-challenge/article/122288/ "Jericho Forum – which has been preaching the notion of security in an open-network environment since the group was founded more than four years ago – next year plans to focus on the necessary steps to secure the cloud. But the forum is relying on IT security professionals for help, Seccombe said. “The very idea of bolting on security when you have already moved to the cloud is dumb,” he said. “You can't bolt security into the cloud; you need to build it in.”

See also

References

This article is issued from Wikipedia. The text is licensed under Creative Commons - Attribution - Sharealike. Additional terms may apply for the media files.