ISO/IEC JTC1/SC22/WG15 Security Rapporteur Group

                              Document Reference : WG15-RSE N010


                    Liaison Statement To SC27


SC22/WG15  is  Currently   working  towards   the  international
standardization of an interface standard  for portable operating
systems, POSIX (ISO IS 9945-1). It is intended that software (at
the source code level) will be portable between systems which
support this standard.

The  POSIX committee  is curently  partitioned into  a number of
working  groups,  including  P1003.6  which  is  concerned  with
security extensions to the POSIX interface standard.

The POSIX security group are defining interfaces which are
intended to support Access Control (Discretionary and Mandatory),
Information Labels, Audit and Privilege.  Although the POSIX
security group are defining security interfaces, the side effects
and proposed underlying data structures are also being addressed.
The current target date for completion of this work is Autumn
1990.


SC27 is currently defining its proposed scope and objectives for
the standardization of security mechanisms. Clearly, there is a
need for liaison between SC27 and the POSIX security group in
order to permit the development of coherent security standards
within ISO.

To assist the cross fertilization of ideas between SC27 and SC22,
I have enclosed a copy of teh latest draft of the proposed POSIX
security extensions together with a copy of the WG15 security
rapporteur group's Terms Of Reference.

Please send any comments that you may have regarding these
documents or on related topics to the address given below.

Kevin V Murphy
Data Security Laboratory
British Telecom
1 Cutler Street
Ipswich, U.K.








K V Murphy  June 18 1990                           WG15-RSE N010












         ISO/IEC JTC1/SC22/WG15 Security Rapporteur Group

                              Document Reference : WG15-RSE N009


                         Terms Of Reference



1>   To provide a focus for the presentation of security concerns
     regarding SC22/WG15, from the international community.

2>   To make appropriate recommendations to SC22/WG15, such that
     the emerging SC22/WG15 documents will accommodate the
     security needs of the international community.

3>   To seek coordination with similar security efforts
     undertaken by other international, regional and national
     bodies.


















K V Murphy  June 16 1990                           WG15-RSE N009