[CESG] [Secretariat] [EXTERNAL] Re: CESG Approval of Revised Information Security Glossary
Margherita.di.Giulio at esa.int
Margherita.di.Giulio at esa.int
Wed Feb 5 16:05:42 UTC 2020
Dear Tom and All,
I will put one item in the Agenda of the CESG Telecon - and also of
future CCSDS sessions - to recap the discussion about the SANA Glossary,
and its relation with the Glossaries of the CCSDS books.
Namely:
- current situation of the SANA Glossary, where terms are derived
from normative as well as informative sources
- Evolution of the SANA Glossary , having either of the following
targets in mind:
o to clearly identify/distinguish between normative vs. informative
terms (depending if e.g. they come from blue or from green books), or
o to only leave normative terms in, thus aiming at fully normative
role of the Glossary
o other proposals, next steps and roadmap
- Terms and definitions replicated from copyrighted ISO publications
(issue is mainly with the Security Glossary) for which CCSDS does not
(yet) have ISO permission
Kind regards,
Margherita
--------------------------------------------------------------
Margherita di Giulio
Ground Station Systems Division
Backend Software Section (OPS-GSB)
European Space Agency ESA/ESOC
Robert-Bosch-Str. 5
D-64293 Darmstadt - Germany
Tel: +49-6151-902779
e-mail: Margherita.di.Giulio at esa.int
From: "Thomas Gannett" <thomas.gannett at tgannett.net>
To: <Gian.Paolo.Calzolari at esa.int>, "'Shames, Peter M\(US 312B\)'"
<peter.m.shames at jpl.nasa.gov>
Cc: "'CCSDS Engineering Steering Group - CESG Exec'"
<cesg at mailman.ccsds.org>, "'Space Assigned Numbers Authority'"
<info at sanaregistry.org>, "'CESG'" <cesg-bounces at mailman.ccsds.org>,
"'Weiss, Howard'" <Howard.Weiss at parsons.com>
Date: 04/02/2020 18:55
Subject: Re: [CESG] [Secretariat] [EXTERNAL] Re: CESG Approval of
Revised Information Security Glossary
Sent by: "CESG" <cesg-bounces at mailman.ccsds.org>
I think perhaps the term “normative” needs to be defined in the SANA
Glossary: Even though the SANA Glossary contains terms derived from
normative as well as informative sources, the purpose of having the
glossary is to normalize the terms within the CCSDS. The Glossary is in
fact intended to be “normative” for the CCSDS regardless of the source of
the terms: we do adjure all document developers that they should consult
it, preferentially use terms defined in it, not arbitrarily redefine terms
that already exist in it, etc.
Unfortunately, the SANA Glossary is also in a draft state, so discussions
of its normative force are academic at the present time.
Logothete, L.L.C.
thomas.gannett at tgannett.net
+1 443 472 0805
From: Secretariat [mailto:secretariat-bounces at mailman.ccsds.org] On Behalf
Of Gian.Paolo.Calzolari at esa.int
Sent: Tuesday, February 04, 2020 5:56 AM
To: Shames, Peter M(US 312B)
Cc: Weiss, Howard; CCSDS Engineering Steering Group - CESG Exec; Space
Assigned Numbers Authority; CESG
Subject: Re: [Secretariat] [CESG] [EXTERNAL] Re: CESG Approval of Revised
Information Security Glossary
There is an additional case: terms defined in an informative annex of a
Blue Book. :o)
Regards
Gian Paolo
From: "Shames, Peter M\(US 312B\) via CESG"
<cesg at mailman.ccsds.org>
To: "Weiss, Howard" <Howard.Weiss at parsons.com>, "Barkley, Erik J
(US 3970)" <erik.j.barkley at jpl.nasa.gov>, "Jonathan Wilmot"
<Jonathan.J.Wilmot at NASA.gov>
Cc: "Space Assigned Numbers Authority" <info at sanaregistry.org>,
"CCSDS Engineering Steering Group - CESG Exec" <cesg at mailman.ccsds.org>
Date: 03-02-20 20:45
Subject: Re: [CESG] [EXTERNAL] Re: CESG Approval of Revised
Information Security Glossary
Sent by: "CESG" <cesg-bounces at mailman.ccsds.org>
I would say that's a "qualified yes". The normative documents in CCSDS
are Blue and Magenta, and so the documents are authoritative. The
Glossary only contains terms that are published in CCSDS documents and it
includes the references to those source documents.
The "qualified" part is that there are terms in the Glossary that were
were pulled in from Green Books. As such these are not normative. So as
long as you stick with terms from normative documents I think you are on
safe ground.
Thanks, Peter
From: Howie Weiss <Howard.Weiss at parsons.com>
Date: Monday, February 3, 2020 at 11:28 AM
To: Peter Shames <peter.m.shames at jpl.nasa.gov>, Erik Barkley
<erik.j.barkley at jpl.nasa.gov>, "Wilmot, Jonathan J. (GSFC-5820)"
<Jonathan.J.Wilmot at NASA.gov>
Cc: CCSDS Engineering Steering Group - CESG Exec <cesg at mailman.ccsds.org>,
Space Assigned Numbers Authority <info at sanaregistry.org>, CCSDS
Secretariat <secretariat at mailman.ccsds.org>
Subject: [EXTERNAL] Re: CESG Approval of Revised Information Security
Glossary
Peter
Question - in its current state, can a CCSDS document use the SANA
glossary as a normative reference?
howie
HOWARD WEISS, CISSP
7110 Samuel Morse Drive
Columbia, MD 21046
443-430-8089 (office) / 443-494-9087 (cell)
howard.weiss at parsons.com
www.parsons.com
Please consider the environment before printing this message
From: Shames, Peter M (US 312B) <peter.m.shames at jpl.nasa.gov>
Sent: Monday, February 3, 2020 1:15 PM
To: Barkley, Erik J (US 3970); Weiss, Howard; Jonathan Wilmot
Cc: CCSDS Engineering Steering Group - CESG Exec; Space Assigned Numbers
Authority; CCSDS Secretariat
Subject: [EXTERNAL] Re: CESG Approval of Revised Information Security
Glossary
Guys,
Once this document is approved those terms will be entered into / updated
in the SANA Terminology registry.
That is the process and has been for years.
Thanks, Peter
From: Erik Barkley <erik.j.barkley at jpl.nasa.gov>
Date: Monday, February 3, 2020 at 10:07 AM
To: Howie Weiss <Howard.Weiss at parsons.com>, "Wilmot, Jonathan J.
(GSFC-5820)" <Jonathan.J.Wilmot at NASA.gov>
Cc: Peter Shames <peter.m.shames at jpl.nasa.gov>
Subject: RE: CESG Approval of Revised Information Security Glossary
Howie,
Glad to hear you agree with getting the terms into SANA. With regard to
getting “it” into SANA (existing glossary and/or security terms glossary –
“it” was not quite clear to me but I assume security terms) I think that
is something best initiated under the cognizance of the SE Area. I’ll be
happy to “second” any motion if need be, but I think the origin for any
such request has to be with the SE Area. I am copying Peter on this email.
Best regards,
-Erik
From: Weiss, Howard <Howard.Weiss at parsons.com>
Sent: Friday, January 31, 2020 10:25
To: Jonathan Wilmot <Jonathan.J.Wilmot at NASA.gov>; Barkley, Erik J (US
3970) <erik.j.barkley at jpl.nasa.gov>
Subject: [EXTERNAL] FW: CESG Approval of Revised Information Security
Glossary
Erik and Jonathan
I just saw your comments regarding the Information Security Glossary and I
couldn’t agree with you more.
It has always been our plan that the glossary move into SANA. Others have
voiced the same opinion. However, there has been no movement. I’ve heard
that the existing glossary found on the SANA web site required the first
attention since its not been reviewed or revised. Maybe you guys can
initiate some movement to get it into SANA?
Regards
howie
----------
HOWARD WEISS, CISSP
PARSONS, Inc.
7110 Samuel Morse Dr, Suite 200
Columbia, MD 21046
howard.weiss at parsons.com
443-430-8089 (office) / 443-494-9087 (mobile)
From: SEA-SEC <sea-sec-bounces at mailman.ccsds.org> On Behalf Of Weiss,
Howard
Sent: Friday, January 31, 2020 1:19 PM
To: 'sea-sec at mailman.ccsds.org' <sea-sec at mailman.ccsds.org>
Subject: [EXTERNAL] [Sea-sec] CESG Approval of Revised Information
Security Glossary
FYI - The CESG has approved the revised Information Security Glossary:
* * * * * * * * * * * * * * * * * * * * * * * *
CESG E-Poll Identifier: CESG-P-2019-12-004 Approval to publish CCSDS
350.8-M-2, Information Security Glossary of Terms (Magenta Book, Issue 2)
Results of CESG poll beginning 31 December 2019 and ending 29 January
2020:
Abstain: 0 (0%)
Approve Unconditionally: 6 (100%) (Barkley, Merri, Shames, Burleigh,
Moury, Wilmot)
Approve with Conditions: 0 (0%)
Disapprove with Comment: 0 (0%)
CONDITIONS/COMMENTS:
Erik Barkley (Approve Unconditionally): A comment/question (not a
condition): Seems like it would make sense to have this in SANA rather
than a book -- has that been considered? In terms of normative application
the MB could still be normative in identifying SANA registry and the
update/governance policy.
Jonathan Wilmot (Approve
Unconditionally): I agree with Eric that glossaries would be better in
SANA as they are living documents that will change over time. Example:
where would terms from BPsec be placed?
Total Respondents: 6
All Areas responded to this question.
SECRETARIAT INTERPRETATION OF RESULTS: Approved Unconditionally
PROPOSED SECRETARIAT ACTION: Generate CMC poll
----------
HOWARD WEISS, CISSP
PARSONS, Inc.
7110 Samuel Morse Dr, Suite 200
Columbia, MD 21046
howard.weiss at parsons.com
443-430-8089 (office) / 443-494-9087 (mobile)
NOTICE: This email message and all attachments transmitted with it may
contain privileged and confidential information, and information that is
protected by, and proprietary to, Parsons Corporation, and is intended
solely for the use of the addressee for the specific purpose set forth in
this communication. If the reader of this message is not the intended
recipient, you are hereby notified that any reading, dissemination,
distribution, copying, or other use of this message or its attachments is
strictly prohibited, and you should delete this message and all copies and
backups thereof. The recipient may not further distribute or use any of
the information contained herein without the express written authorization
of the sender. If you have received this message in error, or if you have
any questions regarding the use of the proprietary information contained
therein, please contact the sender of this message immediately, and the
sender will provide you with further instructions.
_______________________________________________
CESG mailing list
CESG at mailman.ccsds.org
https://mailman.ccsds.org/cgi-bin/mailman/listinfo/cesg
This message is intended only for the recipient(s) named above. It may
contain proprietary information and/or
protected content. Any unauthorised disclosure, use, retention or
dissemination is prohibited. If you have received
this e-mail in error, please notify the sender immediately. ESA applies
appropriate organisational measures to protect
personal data, in case of data privacy queries, please contact the ESA
Data Protection Officer (dpo at esa.int).
_______________________________________________
CESG mailing list
CESG at mailman.ccsds.org
https://mailman.ccsds.org/cgi-bin/mailman/listinfo/cesg
This message is intended only for the recipient(s) named above. It may contain proprietary information and/or
protected content. Any unauthorised disclosure, use, retention or dissemination is prohibited. If you have received
this e-mail in error, please notify the sender immediately. ESA applies appropriate organisational measures to protect
personal data, in case of data privacy queries, please contact the ESA Data Protection Officer (dpo at esa.int).
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.ccsds.org/pipermail/cesg/attachments/20200205/209f6263/attachment-0001.htm>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: image/png
Size: 9998 bytes
Desc: not available
URL: <http://mailman.ccsds.org/pipermail/cesg/attachments/20200205/209f6263/attachment-0002.png>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: image/png
Size: 9998 bytes
Desc: not available
URL: <http://mailman.ccsds.org/pipermail/cesg/attachments/20200205/209f6263/attachment-0003.png>
More information about the CESG
mailing list