The Emerging Standards War in Cyberspace Security

John W. Bagby, Prof. of Info. Sci. & Tech. Pennsylvania State University

6/13/2008
(Original Publish Date: 3/1/2006)

Cyberspace Security standards are proliferating as new vulnerabilities and response are identified. Consider the breadth of such schema in particular nations and applicable to particular industries as exemplified by the COSO, COBIT, ISO 17,799, the accounting firms proposal and various government standards. There are emerging standards establishment techniques that eclipse the traditional de jure standards “set” by government to standards “developed” by consortia composed of industry, NGO and government agency representatives, usually from all over the world. Restrictions on the deployment of standards is an overriding contemporary problem in all industries but has encountered difficulties due to the constraints of antitrust and intellectual property law (IP). Security policies are particularly important because security is simultaneously better protected with secrecy but better strengthened nationwide and worldwide with ubiquity and that ubiquity is difficult to deploy without open and widespread deployment. Standards in nearly every realm have embedded technologies protectable as intellectual property. Particularly in the U.S. where both software and business methods are patentable as processes and protectable as trade secrets, there are challenges in developing security standards in an optimal way. This paper explores these issues with a view to an optimal integration of security standards.