[cabfpub] New Security Information Sharing Working Group

Ben Wilson ben.wilson at digicert.com
Wed Oct 29 10:02:16 MST 2014


The CA/Browser Forum has started a new working group to discuss the
logistics of sharing infosec-related information among members of the
CA/Browser Forum.  Just as a heads-up, a lot of the discussion will be about
how to structure a system that minimizes the potential for legal liability
(e.g. libel, unfairness/lack of due process, etc.).   The discussions will
be public, but in order to participate and fully contribute, you will need
to indicate your interest in participating.  Please send me an email
off-list, and I'll add you as a working group participant.

 

If you are unfamiliar with this topic and would like to learn more, here are
some resources:

 

CRS: Report for Congress, Prepared for Members and Committees of Congress

Cybersecurity: Selected Legal Issues, beginning at page 26 -
http://www.law.umaryland.edu/marshall/crsreports/crsdocuments/R42409_0420201
2.pdf 

Evaluating the Impact of Cybersecurity Information Sharing on Cyber
Incidents and Their Consequences -
http://papers.ssrn.com/sol3/papers.cfm?abstract_id=2418357 

Rethinking FS-ISAC: An IT Security Information Sharing Network Model for the
Financial Services Sector - http://aisel.aisnet.org/cais/vol34/iss1/2 

Legal Issues Associated with Data Collection & Sharing -
http://www.syssec-project.eu/m/page-media/23/bic2011-09-westby.pdf 

Incentive Mechanism Design Based on Repeated Game Theory in Security
Information Sharing -
http://www.atlantis-press.com/php/download_paper.php?id=7740 

Designing a Formal Model Facilitating Collaborative Information Sharing for
Community Cyber Security -
http://www.computer.org/csdl/proceedings/hicss/2014/2504/00/2504b987.pdf 

Towards Improved Cyber Security Information Sharing -
http://www.ccdcoe.org/publications/2013proceedings/d3r1s5_dandurand.pdf 

Information Sharing Models for Cooperative Cyber Defence -
http://www.ccdcoe.org/publications/2013proceedings/d1r2s2_hernandezardieta.p
df 

 

Draft Recommendation ITU-T X.1500 [X.cybex], Cybersecurity information
exchange framework -
http://www.ietf.org/mail-archive/web/scap_interest/current/doc9OXVaIF1qq.doc


 

ISAC Council - http://www.isaccouncil.org/memberisacs.html 

 

ENISA - Flair for Sharing -
http://www.enisa.europa.eu/activities/cert/support/fight-against-cybercrime/
legal-information-sharing/legal-information-sharing-1/at_download/fullReport


 

Incentives and Challenges for Information Sharing in the Context of Network
and Information Security -
http://www.enisa.europa.eu/activities/Resilience-and-CIIP/public-private-par
tnership/information-sharing-exchange/incentives-and-barriers-to-information
-sharing 

-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://cabforum.org/pipermail/public/attachments/20141029/9cea014a/attachment-0001.html 
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4998 bytes
Desc: not available
Url : https://cabforum.org/pipermail/public/attachments/20141029/9cea014a/attachment-0001.bin 


More information about the Public mailing list