|
1 | | -[](http://security-and-privacy-reference-architecture.readthedocs.io/en/latest/?badge=latest) |
2 | 1 |
|
3 | | -# SecurityPrivacyReferenceArchitecture |
4 | | -Open Repository for the Open Security and Privacy Reference Architecture |
| 2 | +# Open Security Reference Architecture |
5 | 3 |
|
6 | | -Open publications for IT security and privacy are still rare. Despite the great work of the OWASP foundation many valuable resources for Security and Privacy are not open. Security and Privacy is technological complex and real risks mitigation is still problematic and expensive. |
| 4 | +IT Security is a complex field. People, processes and technology are crucial parts of an architecture to reduce risks. Our certified experts love to solve your cyber security challenges. Detecting what is not good with your current security is the simple work. You can find many companies that launch automated test suites based on open source tools that tell you that you are not secure enough. However the real challenge is designing solutions that are secure. |
| 5 | + |
| 6 | + |
| 7 | +Open publications for cyber security are still rare. Despite the great work of the [OWASP](https://owasp.org) foundation many valuable resources for Security are not open. |
| 8 | + |
| 9 | +This reference architecture aims to enable you to create better and faster security solutions. You SHOULD use and reuse content that is provided in this reference architecture to prevent reinventing the wheel. |
7 | 10 |
|
8 | | -This reference architecture aims to enable you to create better and faster security and privacy solutions. This by reusing content that is provided in this reference architecture or by directing you to open (cc-by) resources to prevent reinventing the wheel. |
9 | 11 | To encourage collaboration for this project this reference architecture is of course free and open (cc-by-sa). |
10 | 12 |
|
11 | 13 | This project is supported by the BM-Support Foundation, https://www.bm-support.org/ |
12 | 14 |
|
13 | 15 | Current status: We are working on a update for the 2022 [hardcopy](https://www.amazon.de/Open-Reference-Architecture-Security-Privacy/dp/1540606481/ref=sr_1_2?ie=UTF8&qid=1480495211&sr=8-2&keywords=maikel+mardjan) version of this 'Open Reference Architecture for Security and Privacy'. But the online version will always be up-to-date! |
14 | 16 | So join the party and join the team to make this Open resource better! |
15 | 17 |
|
| 18 | +The initial version (2015) of this project was called the 'Open Reference Architecture for Security and Privacy'.However we decided to split the project in a security Playbook and a privacy playbook. Content for this Security Reference Architecture is partly derived from the original 2015-2021 publication, but heavily edited and improved. |
| 19 | + |
16 | 20 |
|
17 | 21 | # Contributing |
18 | 22 |
|
19 | 23 | We encourage all security professionals to improve this reference architecture. Join the team to: |
20 | 24 |
|
21 | | -* Add security or privacy principles. |
22 | | -* Add security or privacy models. |
23 | | -* Help us create the largest OSS reference framework on OSS security and privacy applications and tools. |
| 25 | +* Add open (cc-by) security resources. |
| 26 | +* Add security models. |
24 | 27 | * Create better graphics and text. |
25 | 28 | * Add threat models that can be easily reused. |
26 | 29 | * Improve criteria on selecting OSS solutions for security and privacy applications. |
27 | 30 | * Create tools to speed up the process of making your security architectures or privacy designs with use of this reference architecture (and tools). |
28 | 31 |
|
29 | | -Your contributions to this Guide are greatly appreciated as long as contributions fit within the scope and goal of this security and privacy reference architecture. As an open project, this Open Reference Architecture for Security and Privacy shall always remain vendor-neutral and freely available for all to use. If you contribute you will of course get credit (mentioned in upcoming publications). |
30 | | - |
31 | | - |
32 | | -With the exception of typos and spelling mistakes (feel free to fix these and they’ll be merged), please observe the following guides: |
| 32 | +Your contributions to this Guide are greatly appreciated as long as contributions fit within the scope and goal of this security reference architecture. As an open project, this Security Architecture shall always remain vendor-neutral and freely available for all to use. If you contribute you will of course get credit (mentioned in upcoming publications). |
33 | 33 |
|
34 | | -* Always open an issue first. This will allow us to determine whether or not the change should take place. |
35 | | -* Explain your issue, and we will discuss it with you. If we agree the change is necessary we will mark it as TODO and will fix it when we get a chance, or we will allow a member of the community to supply the change with a pull request. |
36 | | -* This reference architecture is intended to be a helpful resource aimed at professional security/privacy architects and engineers. |
37 | | -* Contributions must fit within the scope and goal of this security and privacy reference architecture. Of course we like to discuss your input for changing scope or goals if needed! |
| 34 | +* This reference architecture is intended to be a helpful resource aimed at professional security architects and engineers. |
| 35 | +* Contributions must fit within the scope and goal of this security reference architecture. |
| 36 | +* All contributions to resources must be open. E.g. cc-by licensed) |
38 | 37 |
|
39 | 38 | For small corrections or input, just send me an email. For larger contributions, please create a pull request. |
40 | 39 |
|
|
0 commit comments