TM Forum

TM Forum Standards

To run your business with maximum agility and to deliver growth, you need to automate your core business operations with commercial off-the-shelf systems. TM Forum's Frameworx suite of standards and support services provide the blueprint for effective business operations, enabling you to take a service-oriented approach to your business.

Cyber Security Across Complex Networks – Protecting Your Systems with TM Forum Frameworx

Security Management Padlock By Christy Coffey, Head of Government/Defense Support Center, TM Forum and John Reilly, Senior Program Manager, TM Forum

Reflective of the urgency established by our Defense Community and Service Provider members, in late 2009 TM Forum launched an aggressive Security Management Initiative to enrich its Frameworks and certification processes with full-spectrum Security Management guidance concerning architecture, processes, information, applications, interfaces and testing.

In January 2010, a generous contribution of intellectual property from the National Security Agency (NSA) and the Defense Information Systems Agency (DISA) in the form of a Computer Net-Defense (NetD) data model, Implementation Guide and accompanying data dictionary provided TM Forum with valuable insights on how to model information related to assets, vulnerabilities, threats, events and incidents. The National Institute of Standards and Technology (NIST) Security Content Automation Protocol (SCAP) suite of standards were embraced during the creation of the NSA's NetD data model.

TM Forum completed a project in October 2010 to extend its Information Framework, or SID, to include the NetD entities and attributes. This work will be available to TM Forum members in the next Frameworx release, scheduled for delivery on March 15. The Information Framework describes the structure of business entities and their relationships, which are of interest to a business. With the inclusion of NetD concepts in the new Enterprise Security Management Aggregate Business Entity (ABE), the Information Framework now supports the following:

What vulnerabilities do the assets (resources) have?
What threats are targeting the vulnerabilities on those assets?
What events are occurring on the network?
What incidents are discovered from assessments of the events?

This project is only an initial step to incorporating security into Frameworx. The Enterprise Security Management ABE, along with future security enhancements to Frameworx, can be used to integrate security management capabilities into a service provider's Operations Support System (OSS). This will improve the service provider's ability to detect, analyze and act on security vulnerabilities, threats, events and incidents as they relate to its assets and to the services and products it provides.

As security features are incorporated into TM Forum's Frameworx, service providers and suppliers will be able to certify their conformance to Frameworx security-oriented best practices and standards using Frameworx Conformance Certification Assessment. Service Providers can then confidently procure standards-based products rich with security management features.

Other security related topics being pursued within the security management community include: Mobility Security, Cyber Security (sharing of real-time data on attacks), Digital Policy Management, Privacy and Governance and Federated Identity Management and Auditing. TM Forum is actively recruiting Subject Matter Experts to join our community and encourages participation in forthcoming projects.

Back to full issue
Subscribe now
Sponsor or advertise

What is Collaboration?

Collaboration Program

What is Collaboration?

Collaboration Topics

Collaboration A-Z

TM Forum Standards

Frameworx 11.5

Latest Downloads

Conferences & Webinars

TM FORUM
CONFERENCES

SUMMITS

ACTION WEEK

WEBINARS VIEW ALL

SEE TM FORUM AT:

Training & Certification

ONLINE TRAINING

ON-SITE TRAINING

TRAINING ROADSHOWS

CERTIFICATION

SUPPORT YOUR CASE TO ATTEND TRAINING

Research & Publications

Latest Releases

Research & Publications


What is Collaboration? TM Forum's Collaboration Program is a "Virtual Research and Development Consortium" made up of TM Forum members for a growing array of industries, including communications - telco, wireless, cable and Internet; cloud; defense; content; and information services. Collaboration Program What is Collaboration? Collaboration Program How can I participate? What can I participate in? How does Collaboration work? What are the benefits of participation? Catalyst Program Document Library Collaboration Community Collaboration Topics Transformation Business Analytics and Benchmarking Business Process Management Developing Service-Oriented Architecture Solutions Frameworx Core Core Frameworx Extensions Standardized Interfaces Cable Cloud Catalyst Demonstrations Defense Enabling & Managing Services Market Groups Resource Management Revenue Management & Customer Experience Security Universities Collaboration A-Z Application Framework (TAM) Asset Management Community Benchmarking Participant Community Benchmarking Public Community BtoB Business Process Framework Extensions Business Enablement Business Metrics and Scaffold Business Process Framework (eTOM) Cable - eTOM for Cable Cable - OSS/BSS Architecture for Cable Cable Business Intelligence Cable Initiative Catalog Management Catalyst Program Charging and Billing Cloud and New Services Initiative Cloud Billing Cloud Business Models and Services Initiative Cloud/Frameworx QSP Cloud Security & Risk Cloud Service Definitions Cloud SLA Management Concept to Market Customer Experience Data Analytics Data Migration Defense Initiative Developer Network Energy Smart Grid Enterprise Cloud Leadership Council (ECLC) Enterprise Risk Management Enterprise Security Management (eSec) Fault Management Harmonization Federated Service Level Management Frameworx Frameworx Architecture Steering Team (FAST) Fraud Management Information Framework (SID) Integration Program Integration Program/Interfaces Intelligent Device Management Inventory Management IPDR Next Gen IPsphere Lean Six Sigma MTOSI MTOSI GPON Activaction New Business Models Next Generation Wireless Wireline Ordering and Activation OSS/J Policy Based Management Resource Alarm Management Resource and Service Assurance -- Fault Management Resource and Service Assurance -- Performance Management Resource and Service Assurance -- Resource Management Resource and Service Management Revenue Assurance Revenue Management Initiative Security Management Service Level Agreement Management Service Management --IP Management Service Provider Cloud Requirements Service Provider Leadership Council (SPLC) SES (Software Enabled Services) Shared Interface Infrastructure Spectrum Management Wholesale Cost Management Workforce Management


TM Forum Standards To run your business with maximum agility and to deliver growth, you need to automate your core business operations with commercial off-the-shelf systems. TM Forum's Frameworx suite of standards and support services provide the blueprint for effective business operations, enabling you to take a service-oriented approach to your business. What is the value of standards? How can I participate in standards development? Frameworx Frameworx Overview Frameworx Quick Start Library Business Process Framework (eTOM) Information Framework (SID) Application Framework (TAM) Integration Framework Business Metrics Frameworx Implementation Support Frameworx Implementation Support Frameworx Conformance Certification Business Benchmarking Business Metrics Automation Certification Training & Certification Best Practices Procurement Revenue Assurance Service Level Agreement Management Software Enabled Services Management IPsphere Frameworx 11.5 Suite of standards that enable successful business transformation Latest Downloads Select the standard you would like to download. Application Framework (TAM) 4.5 Business Process Framework (eTOM) 9.0 Business Process Framework (eTOM) 11.5 beta Information Framework (SID) 9.5 Integration Framework 2.5 Integration Framework 11.5 beta Revenue Assurance Solution Suite 3.0 Revenue Assurance Solution Suite 3.5 beta Business Performance Measurement System (BPMS 5.5.0)


Conferences & Webinars View: Conferences Summits Action Week Excellence Awards Webcasts About TM Forum Events Past Events Speaker Resources Sponsorship Opportunities TM FORUM CONFERENCES Management World 2012 Dublin, Ireland May 21 - 24, 2012 Management World Americas 2012 Orlando, Florida December 4 - 6, 2012 SUMMITS TM Forum's Africa Summit Johannesburg, South Africa September 18 - 19, 2012 TM Forum's Customer Experience Management Summit Kuala Lumpur, Malaysia November 27 - 28, 2012 ACTION WEEK Baltimore, Maryland July 16 - 20, 2012


Training & Certification View: About TM Forum Training On-Site Training Online Training Upcoming Courses Course Information Certification TM Forum Trainers Making Training Count FAQs TM Forum Training Topics: Frameworx Revenue Assurance Customer Experience Cloud Training ONLINE TRAINING Frameworx Overview Online Our popular introductory Frameworx course has been redesigned and is now available when you are in English and in Spanish. We now offer a number of Cloud Online training courses, exams and a learning game! LEARN MORE ON-SITE TRAINING Bringing official TM Forum training courses led by industry experts to your office LEARN MORE


CERTIFICATION You can start your career certification in just a week. MORE DETAILS SUPPORT YOUR CASE TO ATTEND TRAINING Download this simple document to show your manager how your company will benefit when you attend TM Forum Training.


Research & Publications Latest Releases View: Perspectives 2012 Business Benchmarking Business Intelligence Quarterly Insights Research Reports Quick Insights Regional Insights Newsletters Case Studies White Papers Bookstore Think Tank Media Kits Browse all Publications Unzipping the Digital World May 2012 Securing our connected world: Transforming Security May 2012 Insights Research: Managed Services for OSS/BSS May 2012


About TM Forum About TM Forum Introduction to TM Forum Background Board of Directors Management Team Careers with TM Forum Industry Jobs Board Contact Us 中国的 Collaboration Collaboration Program How can I participate? What can I participate in? How does Collaboration Work? What are the benefits of participation? Project list Catalyst Program Publications Perspectives 2011 Business Benchmarking Business Intelligence Quarterly Insights Research Reports Quick Insights Newsletters Case Studies White Papers Bookstore Media Kits Conferences Management World 2012 TM Forum's Middle East Summit TM Forum's Latin America Summit Spotlights Training Webcasts Supported Events Membership Membership Membership Benefits How to Join Member List Marketing Solutions Center Contact Us Standards Frameworx Overview Business Process Framework (eTOM) Information Framework (SID) Application Framework (TAM) Integration Framework Business Metrics Frameworx Implementation Support Revenue Assurance SLA Management Software Enabled Services Management IPsphere Training About Training Upcoming Training Courses On-Site Training TM Forum Certification Executive Workshops Course Details Copyright © 1988-2012, TeleManagement Forum. All Rights Reserved Contact Us Careers with TM Forum News Room Privacy Policy Terms of Use Sitemap