Wikipedia

Open Trusted Technology Provider Standard: Difference between revisions

Browse history interactively
← Previous editNext edit →
Content deleted Content added
VisualWikitext
GreenC bot (talk | contribs)
Bots
3,062,595 edits
Removed 2 archive links. Wayback Medic 2.5
GreenC bot (talk | contribs)
Bots
3,062,595 edits
Line 3:
 
== Background ==
The O-TTPS was developed in response to a changing landscape and the increased sophistication of cybersecurity attacks worldwide.<ref name="United States House of Representatives Commerce and Energy Committee">{{cite web|title=IT Supply Chain Security: Review of Government and Industry Efforts|url=http://energycommerce.house.gov/hearing/it-supply-chain-security-review-government-and-industry-efforts|publisher=US House of Representatives}}</ref> The intent is to help providers build products with integrity and to enable their customers to have more confidence in the technology products they buy.<ref>{{cite web|author1=Messmer, Ellen|title=Defense Department wants secure, global high-tech supply chain|url=httphttps://www.networkworld.com/article/2196759716997/malware-cybercrime/-defense-department-wants-secure--global-high-tech-supply-chain.html|website=networkworld.com[[Network World]]|publisher=IDG (International Data Group)|access-date=30 March 2015}}</ref> Private and public sector organizations rely largely on COTS ICT products to run their operations. These products are often produced globally, with development and manufacturing taking place at different sites in multiple countries.<ref>{{cite news|last1=Lennon|first1=Mike|title=USCC Releases Report on Chinese Capabilities for Cyber Operations and Cyber Espionage|url=http://www.securityweek.com/uscc-commissioner-cyberattacks-getting-harder-chinas-leaders-claim-ignorance|access-date=25 January 2016|work=Security Week|issue=9 March 2012|publisher=Wired Business Media|date=9 March 2012}}</ref> The O-TTPS is designed to mitigate the risk of counterfeit and tainted components and to help assure product integrity and supply chain security throughout the lifecycle of the product.<ref>{{cite web|title=Cybersecurity: An Examination of the Communications Supply Chain (testimony before Committee on Energy and Commerce Subcommittee on Communications and Technology U.S. House of Representatives|url=http://www.itic.org/dotAsset/3/a/3a48cdde-f1e5-4080-9773-315bf14a5142.pdf|publisher=Information Technology Industry Council|access-date=24 September 2015}}</ref><ref>{{cite news|last1=Prince|first1=Brian|title=Consortium Pushes Security Standards for Technology Supply Chain|url=http://www.securityweek.com/consortium-pushes-security-standards-technology-supply-chain|access-date=25 January 2016|work=SecurityWeek|issue=March 5, 2012|publisher=Wired Business Media|date=5 March 2012}}</ref>
 
[[The Open Group| The Open Group's Trusted Technology Forum]] (OTTF) is a vendor-neutral international forum that uses a formal consensus based process for collaboration and decision making about the creation of standards and certification programs for information technology, including the O-TTPS.<ref>{{cite web|url=http://www.opengroup.org/getinvolved/becomeamember|title=Membership|publisher=opengroup.org}}</ref> In the forum, ICT providers, integrators and distributors work with organizations and governments to develop standards that specify secure engineering and manufacturing methods along with supply chain security practices.<ref>{{cite web|url=http://opengroup.org/subjectareas/trusted-technology|title=Open Group Trusted Technology Forum|website=opengroup.org|publisher=The Open Group|access-date=11 May 2015}}</ref>
Line 39:
*http://csrc.nist.gov/scrm/references.html
*http://www.afcea.org/committees/cyber/documents/Supplychain.pdf
*httphttps://www.networkworld.com/article/2196759716997/malware-cybercrime/-defense-department-wants-secure--global-high-tech-supply-chain.html
*http://www.computerworlduk.com/news/security/3343185/the-open-group-previews-o-ttps-security-standard-for-supply-chains/
*http://www.opengroup.org/subjectareas/trusted-technology
Retrieved from "https://en.wikipedia.org/wiki/Open_Trusted_Technology_Provider_Standard"