How is Information Security Managed in GJXDM and NIEM?
GJXDM and NIEM do not contain elements for enforcing security requirements for information exchanges. Enforcing these requirements necessitates leveraging other standards, which will differ depending on the overall architecture of the exchange. For example, in web services, many exchange security requirements are addressed by the Web Services Security (WS-Security) standard from OASIS, and the Web Services Interoperability Organization (WS-I) Basic Security Profile.
The OASIS LegalXML Court Filing technical committee has addressed many of these information security requirements in its standards development work. This work is recommended as an example of how to leverage open security standards in GJXDM- and NIEM-conformant exchanges.