You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@activemq.apache.org by TrainTime <zz...@gmail.com> on 2011/07/07 22:13:08 UTC
Apache ActiveMQ Security and Government Systems
Hi all,
I've been using activeMQ in a few projects now, and it works great! But now
I am looking at a project where the product might need to be integrated into
government systems. I've been looking into whether or not ActiveMQ meets
the Database Security Technical Implementation Guide (STIG) from Defense
Information Systems Agency
(DISA)(http://www.appsecinc.com/solutions/disa-stig/index.shtml), but I have
been having issues getting a straight answer.
I looked at the national security vulnerability
database(http://web.nvd.nist.gov/view/vuln/search-results?cpe=cpe%3A%2Fa%3Aapache%3Ahttp_server%3A2.0&page_num=0&cid=5),
as well as other places around the web in order to find more information
about activeMQ security. And as far as I can tell, all (known)major
security bugs have been resolved as of 5.5. But I haven't been able to find
a straight answer about whether it meets all the necessary criteria and is
able to be used in government systems.
So my question is, does anyone know if activeMQ can be used in government
systems? And/or do you know of any resources which give this information?
Any help would be greatly appreciated! Thanks.
--
View this message in context: http://activemq.2283324.n4.nabble.com/Apache-ActiveMQ-Security-and-Government-Systems-tp3652474p3652474.html
Sent from the ActiveMQ - User mailing list archive at Nabble.com.
Re: Apache ActiveMQ Security and Government Systems
Posted by Johan Edstrom <se...@gmail.com>.
http://rajdavies.blogspot.com/2011/06/activemq-is-ready-for-prime-time.html
On Jul 7, 2011, at 2:13 PM, TrainTime wrote:
> Hi all,
>
> I've been using activeMQ in a few projects now, and it works great! But now
> I am looking at a project where the product might need to be integrated into
> government systems. I've been looking into whether or not ActiveMQ meets
> the Database Security Technical Implementation Guide (STIG) from Defense
> Information Systems Agency
> (DISA)(http://www.appsecinc.com/solutions/disa-stig/index.shtml), but I have
> been having issues getting a straight answer.
>
> I looked at the national security vulnerability
> database(http://web.nvd.nist.gov/view/vuln/search-results?cpe=cpe%3A%2Fa%3Aapache%3Ahttp_server%3A2.0&page_num=0&cid=5),
> as well as other places around the web in order to find more information
> about activeMQ security. And as far as I can tell, all (known)major
> security bugs have been resolved as of 5.5. But I haven't been able to find
> a straight answer about whether it meets all the necessary criteria and is
> able to be used in government systems.
>
> So my question is, does anyone know if activeMQ can be used in government
> systems? And/or do you know of any resources which give this information?
> Any help would be greatly appreciated! Thanks.
>
> --
> View this message in context: http://activemq.2283324.n4.nabble.com/Apache-ActiveMQ-Security-and-Government-Systems-tp3652474p3652474.html
> Sent from the ActiveMQ - User mailing list archive at Nabble.com.
Re: Apache ActiveMQ Security and Government Systems
Posted by da...@ontrenet.com.
Why not ask DISA if its been accredited already? They will have a list...
> Hi all,
>
> I've been using activeMQ in a few projects now, and it works great! But
> now
> I am looking at a project where the product might need to be integrated
> into
> government systems. I've been looking into whether or not ActiveMQ meets
> the Database Security Technical Implementation Guide (STIG) from Defense
> Information Systems Agency
> (DISA)(http://www.appsecinc.com/solutions/disa-stig/index.shtml), but I
> have
> been having issues getting a straight answer.
>
> I looked at the national security vulnerability
> database(http://web.nvd.nist.gov/view/vuln/search-results?cpe=cpe%3A%2Fa%3Aapache%3Ahttp_server%3A2.0&page_num=0&cid=5),
> as well as other places around the web in order to find more information
> about activeMQ security. And as far as I can tell, all (known)major
> security bugs have been resolved as of 5.5. But I haven't been able to
> find
> a straight answer about whether it meets all the necessary criteria and is
> able to be used in government systems.
>
> So my question is, does anyone know if activeMQ can be used in government
> systems? And/or do you know of any resources which give this information?
> Any help would be greatly appreciated! Thanks.
>
> --
> View this message in context:
> http://activemq.2283324.n4.nabble.com/Apache-ActiveMQ-Security-and-Government-Systems-tp3652474p3652474.html
> Sent from the ActiveMQ - User mailing list archive at Nabble.com.
>