Interest in a Security Label Working Group?

jbailey · ‎Nov 16, 2021

After implementing security labels to help manage CUI (and other sensitive data), I felt it might be important to see what other companies / people might be interested in a Security Label working group. I think Focus should be in a few areas:

Protecting Sensitive Data / meeting federal and company data security requirements
Limitations with Current Security Label tools
Key improvements necessary to mark, manage, audit, and control Security Labeled data

Thoughts?

Jim

WD_10120618 · ‎Nov 18, 2021

Scope:

Modern Web Applications are composed of many parts and technologies. They may transclude, reference or have information flows between resources at the same, related, or different origins. Due to the historically coarse-grained nature of the security boundaries and principles defined for such applications, they can be very difficult to secure System.

Areas of scope for this working group include:

Vulnerability Mitigation
Attack Surface Reduction
Secure Mashups
Manageability
The Web Security Mode

avillanueva · ‎Nov 19, 2021

count me in