Informationssäkerhet

• Information technology - Security techniques - Network security - Part 3: Reference networking scenarios - Threats, design techniques and control issues, ISO/IEC 27033-3:2010
• Information technology - Security techniques - Cryptographic algorithms and security mechanisms conformance testing, ISO/IEC 18367
• Information technology - Security techniques - Information security management system implementation guidance, ISO/IEC 27003
• Proposal for a new work item on Code of practice for the protection of personally identifiable information, ISO/IEC N11724
• Information technology - Security techniques - Information security management systems - Overview and vocabulary, ISO/IEC 27000
• Information technology - Security techniques - Network security - Part 1: Guidelines for network security, ISO/IEC 27033-1
• Information technology - Security techniques - Guidelines for information and communications technology disaster recovery services, ISO/IEC 24762
• Information technology - Security techniques - Information security for supplier relationships - Guidelines for security information and event management(SIEM), ISO/IEC 27044
• Information technology - Security techniques - Hash-functions - Part 4: Hash-functions using modular arithmetic - Amendment 1: Object identifiers, ISO/IEC 10118-4:1998/Amd 1
• Information technology - Security techniques - Encryption algorithms - Part 5: Identity-based ciphers, ISO/IEC 18033-5
• Information technology - Security techniques - Blind digital signatures - Part 1: General, ISO/IEC 18370-1
• Information technology - Security techniques - Blind digital signatures - Part 2: Discrete logarithm based mechanisms, ISO/IEC 18370-2
• Information technology - Security techniques - Random bit generation - Amendment 1 - Test vectors for Deterministic Random Bit Generation, ISO/IEC 18031:2011/Amd 1
• Information technology - Security techniques - Requirements for bodies providing audit and certification of information security management systems, ISO/IEC 27006
• Information technology - Security techniques - Information security for supplier relationships - Part 4: Guidelines for security of cloud services, ISO/IEC 27036-4
• New work item proposal for Electronic discovery, ISO/IEC N11955
• Proposal for a new work item on The Use and Application of ISO/IEC 27001 for Sector/Service-Specific Third-Party Accredited Certifications, ISO/IEC 18628
• Information technology — Security techniques — Information security management guidelines based on ISO/IEC 27002 for process control systems specific to the energy industry, ISO/IEC TR 27019
• Information technology - Security techniques - Information security for supplier relationships - Part 5: Guidelines for security of cloud services, ISO/IEC 27036-5
• Information technology - Security techniques - Information security incident management - Part 2: Guidelines for incident response readiness, ISO/IEC 27035-2
• Information technology - Security techniques - Information security incident management - Part 3: Guidelines for incident response operations, ISO/IEC 27035-3
• Information technology - Security techniques - Network security - Part 6: Securing IP network access using wireless, ISO/IEC 27033-6
• Information technology - Software Engineering -Governance of digital forensic risk framework, ISO/IEC 30121
• Information technology - Security techniques - Telebiometric authentication framework using biometric hardware security module, ISO/IEC 17922
• Information technology - Security techniques - Information security for supplier relationships - Part 5: Guidelines for security of cloud services, ISO/IEC N11040
• Information technology - Security techniques - Code of practice for data protection controls for public cloud computing services, ISO/IEC 27018
• Information technology - Security information and event management (SIEM), ISO/IEC N11350
• Information technology - Security techniques - Identity Proofing, ISO/IEC 29003
• Proposal for a new work item on Privacy impact assessment, ISO/IEC N11285
• Information technology - Security techniques - Storage Security, ISO/IEC 27040
• Information technology - Security techniques - Testing methods for the mitigation of non-invasive attack classes against cryptographic modules, ISO/IEC 17825
• Information technology - Security techniques - Information security Management - Guidelines on Information security controls for the use of cloud computing services based on ISO/IEC 27002, ISO/IEC TS 27017
• Information technology - Security techniques - Code of practice for data protection controls for public cloud computing services, ISO/IEC N10550
• Information technology - Security techniques - Telebiometric authentication framework using biometric hardware security module (ITU-T X.bhsm | ISO/IEC xxxxx), ISO/IEC N10549
• Information technology - Security techniques - Text for CDV ballot for IEC 62443-3-3 Ed. 1.0, Security for industrial automation and control systems - Network and system security Part 3-3: System security requirements and security assurance levels, ISO/IEC 62443-3-3
• Text of 2nd Working Draft 30107, Anti-spoofing and liveness detection techniques, ISO/IEC 30107
• Information technology - Guidance on assuring suitability and adequacy of investigation methods, ISO/IEC 27041
• Information technology - Security techniques - Information security incident management - Part 1: Principles of incident management, ISO/IEC 27035-1
• Information technology - Security techniques - Application security - Part 5: Protocols and application security controls data structure, ISO/IEC 27034-5
• Information technology - Security techniques - Application security - Part 6: Security guidance for specific applications, ISO/IEC 27034-6
• Information technology - Security techniques - Investigation principles and processes, ISO/IEC 27043
• Information technology - Security techniques - Guidelines for the analysis and interpretation of digital evidence, ISO/IEC 27042
• Information technology - Security techniques - Detailing software penetration testing under ISO/IEC 15408 and ISO/IEC 18045 vulnerability analysis, ISO/IEC N10294
• Information technology - Security techniques - Test requirements for cryptographic modules, ISO/IEC 24759
• Information technology - Security techniques - Vulnerability handling processes, ISO/IEC 30111
• Information technology - Security techniques - Selection, deployment and operations of intrusion detection and prevention systems (IDPS), ISO/IEC 27039
• Information technology - Security techniques - A framework for identity management - Part 2: Reference architecture and requirements, ISO/IEC 24760-2
• Information technology — Security techniques — A framework for identity management — Part 3: Practice, ISO/IEC 24760-3
• Information technology - Security techniques - Investigation principles and processes, SC27N9933
• New Work Item Proposal on “Testing methods for the mitigation of non-invasive attack classes against cryptographic modules”, ISO/IEC N9598
• Information technology - Security techniques - Security for industrial process measurement and control - Network and system security - Part 2-4: Certification of IACS supplier security policies and practices (IEC 65/48/NP), ISO/IEC N9641
• New Work Item Proposal on Testing methods for the mitigation of non-invasive attack classes against cryptographic modules, ISO/IEC N9598 NWI
• Proposal for a New Work Item on Guidelines on Information security controls for the use of cloud computing services based on ISO/IEC 27002, ISO/IEC N10029 NWIP
• Information technology - Security techniques - Information security for supplier relationships - Part 2: Common requirements, ISO/IEC 27036-2
• Information technology - Security techniques - Information security for supplier relationships - Part 1: Overview and concepts, ISO/IEC 27036-1
• Information technology - Security techniques - Specification for digital redaction, ISO/IEC 27038
• Information Technology - Security techniques - Encryption algorithms - Part 3: Block ciphers - Amendment 1: Russian Block Cipher GOST, ISO/IEC 18033-3/AMD1
• Information technology - Security techniques - Information security for supplier relationships - Part 3: Guidelines for ICT supply chain security, ISO/IEC 27036-3
• Information technology - Security techniques - Physical security attacks, mitigation techniques and security requirements, ISO/IEC 30104
• Information technology - Security techniques - Information security management - Organizational economics, ISO/IEC TR 27016
• Information technology - Security techniques - Digital signatures with appendix - Part 3: Discrete logarithm based mechanisms - Amendment 2 , ISO/IEC 14888-3:2006
• Proposal for a New Work Item on anti-spoofing and liveness detection techniques, SC 27 N9412
• New Work Item Proposal on Storage security, SC27 N9444
• Information technology - Security techniques - Vulnerability handling processes, ISO/IEC N9375
• Information technology - Security techniques - Anonymous entity authentication - Part 1: General, ISO/IEC 20009-1
• Information technology - Security techniques - Anonymous entity authentication - Part 2: Mechanisms based on signatures using a group public key, ISO/IEC 20009-2
• Information technology - Security techniques - Anonymous digital signature - Part 2: Mechanisms using a group public key, ISO/IEC 20008-2
• Information security management - Organizational economincs , ISO/IEC N8721
• Information Technology - Security Techniques - Physical Security Attacks, Mitigation Techniques and Security Requirements , ISO/IEC TR N8795
• Information technology - Security techniques - Lightweight cryptography - Part 4: Mechanisms using asymmetric techniques, ISO/IEC 29192-4
• Proposal for a new work item on Specification for digital redaction, SC27 7939
• New Work Item Proposal on "Secure software development and evaluation under ISO/IEC 15408 and ISO/IEC 18405, ISO/IEC SC27 N8130
• Anonymous entity authentication, SC27 N8207
• Information technology - Security techniques - Anonymous digital signatures - Part 1: General, ISO/IEC 20008-1
• Information technology - Security techniques - Application security - Part 2: Organization normative framework, ISO/IEC 27034-2
• WG 2 Road Map, SC 27 N 6714
• Information technology - Security techniques - Encryption algorithms - Part 1: General AMENDMENT 1, ISO/IEC 18033-1:2005/Amd 1
• Information technology - Security techniques - Code of practice for information security controls, ISO/IEC 27002
• Information technology - Security techniques - Information security management systems - Requirements, ISO/IEC 27001
• Information technology - Security techniques - Network security - Part 4: Securing communications between networks using security gateways, ISO/IEC 27033-4
• Information technology - Security techniques - Network security - Part 5: Securing communications across networks using Virtual Private Network (VPNs), ISO/IEC 27033-5
• Information technology - Security techniques - Guidelines for security of outsourcing , ISO/IEC 27036
• Information technology - Security techniques - Entity authentication - Part 2: Mechanisms using symmetric encipherment algoritms - Cor 1, ISO/IEC 9798-2:2008/Cor 1
• Information technology - Security techniques - Governance of information security, ISO/IEC 27014
• Information technology - Security techniques - Secure system engineering principles and techniques, ISO/IEC 29193
• Information technology - Security techniques - A privacy Capability Maturity Model, ISO/IEC 29190
• Information technology - Security techniques - ISM guidelines for e-government services, ISO/IEC 27012
• Information technology - Security techniques - Lightweight cryptography, ISO/IEC 29192
• Information technology - Security techniques - A framework for access management, ISO/IEC 29146
• Information technology - Security techniques - Responsible vulnerability disclosure, ISO/IEC 29147
• Information technology - Security techniques - Entity authentication assurance, ISO/IEC 29115
• Information technology - Security techniques - Privacy reference architecture, ISO/IEC 29101
• WG 1 SD 1 Road Map, ISO/IEC
• Information technology - Security techniques - A framework for identity management, ISO/IEC 24760
• Information technology - International security, trust, and privacy framework, ISO/IEC 20886
• Information technology - Security techniques - Message authentication codes (MACs) - Part 1: Mechanisms using a block cipher , ISO/IEC 9797-1

• SIS/TK 318/AG 1 · Strategi
• SIS/TK 318/AG 11 · LIS
• SIS/TK 318/AG 12 · Mätning
• SIS/TK 318/AG 13 · Risk och revision
• SIS/TK 318/AG 2 · Marknad
• SIS/TK 318/AG 21 · Kryptografi
• SIS/TK 318/AG 3 · Tolkning
• SIS/TK 318/AG 31 · Kravställning och verifiering
• SIS/TK 318/AG 4 · Terminologi
• SIS/TK 318/AG 41 · Säkerhetsåtgärder och tjänster
• SIS/TK 318/AG 42 · Bevishantering
• SIS/TK 318/AG 5 · Kompetenskrav
• SIS/TK 318/AG 51 · Integritetsskydd och ID-hantering
• SIS/TK 318/AG 6 · Effektivare informationssäkerhetsarbete
• SIS/TK 318/AG 61 · Skydd mot bedrägerier
• SIS/TK 318/AG Cloud · Cloud

• ActQ AB, Stockholm
• Amentor AB, GÖTEBORG
• Amentor AB, STOCKHOLM
• Apotekens Service AB, STOCKHOLM
• BDO Mälardalen AB, STOCKHOLM
• Certezza AB, STOCKHOLM
• Combitech AB, VÄXJÖ
• CSC Sverige AB, LINKÖPING
• Det Norske Veritas Certification AB, SOLNA
• Ekelöw Infosecurity AB, STOCKHOLM
• E-Legitimationsnämnden, SOLNA
• Ernst & Young AB, STOCKHOLM
• Folksam Ömsesidig Sakförsäkring, STOCKHOLM
• Försvarets Materielverk FMV, Stockholm
• Försvarets Radioanstalt FRA, BROMMA
• Försvarsmakten HKV, STOCKHOLM
• Högskolan i Skövde, SKÖVDE
• Intertek Certification AB, KISTA
• Karlstads universitet, KARLSTAD
• LGY Konsult AB, TÄBY
• Logica Sverige AB, SUNDSVALL
• Logica Sverige Infrastructure Management AB, Stockholm
• Lüning Consulting AB, UPPSALA
• Länsförsäkringar AB, STOCKHOLM
• Martin Yale Nordic AB, SOLLENTUNA
• Microsoft AB, KISTA
• Myndigheten För Samhällsskydd och Beredskap (MSB), STOCKHOLM
• Omegapoint AB, STOCKHOLM
• Post- och telestyrelsen (PTS), Stockholm
• Rikspolisstyrelsen RPS, Stockholm
• Rote Consulting AB, STOCKHOLM
• Safeside Solutions AB, SOLNA
• Simovits Consulting AB, STOCKHOLM
• Socialstyrelsen, STOCKHOLM
• Stiftelsen för Internetinfrastruktur, STOCKHOLM
• Styrelsen för ackreditering & teknisk kontroll Swedac, BORÅS
• Stöttepelarna AB, SKÅ
• Svenska Bankföreningen, Stockholm
• Svenskt Näringsliv Service AB, STOCKHOLM
• Sveriges Television AB, SVT, STOCKHOLM
• Telefonaktiebolaget L M Ericsson, STOCKHOLM
• Tieto Sweden AB, GÖTEBORG
• Trafikverket Investering, ÖREBRO
• Trafikverket, BORLÄNGE
• Uppsec, UPPSALA
• Vattenfall AB, STOCKHOLM
• Veriscan Security AB, KARLSTAD
• Visente Information Security AB, SIGTUNA
• YIT Sverige AB, SOLNA
• ÅF-Technology AB, GÖTEBORG
• ÅF-Technology AB, UPPSALA
• Örebro Universitet, akademin för naturvetenskap & teknik, ÖREBRO

• ISO/IEC JTC 1/SC 27, IT Security techniques
• ISO/IEC/JTC 1/SC 27, IT Security techniques
• ISO/IEC/JTC 1/SC 27/WG 3, Security evaluation criteria

• TK 318 årskalendarium 2013.pdf

Arbetet styrs och finansieras av de organisationer som deltar i kommittén. Projektavgiften beror på arbetsform och omfattning, samt antal deltagare.