From jsalvachua at dit.upm.es Mon Mar 4 13:09:51 2013 From: jsalvachua at dit.upm.es (=?iso-8859-1?Q?Joaqu=EDn_Salvach=FAa?=) Date: Mon, 4 Mar 2013 13:09:51 +0100 Subject: [Fiware-api-cross] Slides for today audiconf. about Oauth2 security into the Fi-ware cloud Message-ID: <66A275D6-EDDA-4781-8552-7EDEC728D41C@dit.upm.es> Hello, Here i include the slides we will use in todays audio conference. Best regards Joaqu?n Salvach?a ------------------------------------------------------------------------ Joaquin Salvachua tel: +34 91 549 57 00 x.3026 Associated Professor +34 91 549 57 62 x.3026 dpt. Telematica E.T.S.I. Telecomunicacion Ciudad Universitaria S/N fax: +34 91 336 73 33 E-28040 MADRID SPAIN mailto:joaquin.salvachua at upm.es // http://www.dit.upm.es/~jsr -------------------------------------------------------------------------- -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: FI-WARE Security 13-02-25.pptx Type: application/vnd.openxmlformats-officedocument.presentationml.presentation Size: 133614 bytes Desc: not available URL: -------------- next part -------------- An HTML attachment was scrubbed... URL: From jhierro at tid.es Tue Mar 5 08:18:17 2013 From: jhierro at tid.es (Juanjo Hierro) Date: Tue, 05 Mar 2013 08:18:17 +0100 Subject: [Fiware-api-cross] Slides from presentation of the UPM team yesterday Message-ID: <51359C39.3060508@tid.es> Hi all, I have uploaded the slides of the presentation made yesterday by the UPM team. I just updated the slides where the final proposed architecture was outlined to add the box that illustrates how the PEP component is implemented as combination of the Keystone middleware and a new proxy. The slides can be downloaded from: https://forge.fi-ware.eu/docman/view.php/27/1899/FI-WARE+Security+13-02-25.pptx I remind you that the description of the APIs exported by the XACML component by Thales can also be located in the same folder: https://forge.fi-ware.eu/docman/view.php/27/1874/Thales_Authorization_Server_User_Guide_v0.2.pdf It was agreed that the proposed architecture is the one to be applied in the FI-WARE Cloud Architecture and for any application backend component to be deployed on the FI-WARE Cloud. It was also agreed that the best place where generation of auditing/monitoring CDRs can take place is the XACML PDP component provided by Thales (Access Control GE). However, we also agreed that this will be explored for the 3rd release of FI-WARE so the UPM will implement it in the proxy between the keystone middleware and the XACML PDP component for the FI-WARE Second Release. There was an AP on the UPM team to refine the presentation as to document separately: a) the sequence diagrams matching interactions with OpenStack components (from the IaaS SM or the Cloud Cloud portal) b) the sequence diagrams matching interaction with any other FI-WARE GE or APIs exported by FI-WARE Applications. For components deployed outside the Cloud backend boundaries, i.e., components deployed on the IoT gateway, we have to find out how the OAuth 2.0 schema will be implemented. Can someone from the Security team or the IoT team ellaborate on initial ideas on how this could be implemented ? It would be nice to initiate the discussion in this mailing list. Best regards, -- Juanjo ------------- Product Development and Innovation (PDI) - Telefonica Digital website: www.tid.es email: jhierro at tid.es twitter: twitter.com/JuanjoHierro FI-WARE (European Future Internet Core Platform) Coordinator and Chief Architect You can follow FI-WARE at: website: http://www.fi-ware.eu facebook: http://www.facebook.com/pages/FI-WARE/251366491587242 twitter: http://twitter.com/FIware linkedIn: http://www.linkedin.com/groups/FIWARE-4239932 ________________________________ Este mensaje se dirige exclusivamente a su destinatario. Puede consultar nuestra pol?tica de env?o y recepci?n de correo electr?nico en el enlace situado m?s abajo. This message is intended exclusively for its addressee. We only send and receive email on the basis of the terms set out at: http://www.tid.es/ES/PAGINAS/disclaimer.aspx -------------- next part -------------- An HTML attachment was scrubbed... URL: