DG XIII Directorate B have published, and begun distributing, "Green
Book on the Security of Information Systems."
It seeks to begin to formulate a CEC-wide action plan for the
socio-economic planning of the area of IT and Telecomms security, and
to consult and generate appropriate consensus. This action follows on from
the 1992 Council Directive in this area.
The document uses a strategic and non-technical presentation.
Non-the-less, it succeeds in its aim of presenting a practical
understanding of the current issues and measures pertinent to the
large-scale deployment of technology used for protecting information of
unclassified/restricted sensitivity.
I am unclear who has written the document, and the identities behind
some of the bodies referred to. However, the document seems to be
widely distributed in paper form. I am unable to find any reference to
PEM, but many of the named experts are fully familar with this
scalable, assured MHS technology. (PGP does get an explicit reference
as being indicative of emerging "bottom-up solutions" being practiced
over the Internet.)
It may be possible to petition Roland Huber on
rh(_at_)postman(_dot_)dg13(_dot_)ce(_dot_)be,
Compuserve 100013.1437, to obtain digital-form copy, copy, or other
information. Input is also requested to assist the consensus process.
Peter.