Thoughts on Jericho Forum

[David Morton <dmorton () U WASHINGTON EDU>]

Lately we've been engaged in some conversation about the Jericho
Forum and their thoughts on security.

From their home page (http://www.opengroup.org/jericho/), they
describe their work as:
_________________________________________
"The Jericho Forum is an international IT security thought-leadership
group dedicated to defining ways to deliver effective IT security
solutions that will match the increasing business demands for
secureIT operations in our open, Internet-driven, globally networked
world. Our members include multi-national corporate user
organizations, major security vendors, solutions providers, and
academics, working together to:
drive and influence development of new architectures, inter-workable
technologysolutions, and implementation approaches, for securing our
de-perimeterizing world
support development of open standards that will underpin these
technology solutions.
The de-perimeterization solution

While traditional security solutions like network boundary technology
will continue to have their roles, we must respond to their
limitations. In a fully de-perimeterized network, every component
will be independently secure, requiring systems and data protection
on multiple levels, using a mixture of

encryption
inherently-secure computer protocols
inherently-secure computer systems
data-level authentication"
_________________________________________

Key issues such as the ineffectiveness of traditional perimeter
defenses and encryption have rang true for a long time.

Have the principals of the Jericho Forum been discussed at your
organizations and if so, what has come out of those thoughts and
discussions?

David



David Morton
Director, Network and Security Architectures
University of Washington
dmorton () u washington edu

PGP: https://staff.washington.edu/dmorton/files/dmorton.gpgkey