Hi all, I have uploaded the slides of the presentation made yesterday by the UPM team. I just updated the slides where the final proposed architecture was outlined to add the box that illustrates how the PEP component is implemented as combination of the Keystone middleware and a new proxy. The slides can be downloaded from: https://forge.fi-ware.eu/docman/view.php/27/1899/FI-WARE+Security+13-02-25.pptx I remind you that the description of the APIs exported by the XACML component by Thales can also be located in the same folder: https://forge.fi-ware.eu/docman/view.php/27/1874/Thales_Authorization_Server_User_Guide_v0.2.pdf It was agreed that the proposed architecture is the one to be applied in the FI-WARE Cloud Architecture and for any application backend component to be deployed on the FI-WARE Cloud. It was also agreed that the best place where generation of auditing/monitoring CDRs can take place is the XACML PDP component provided by Thales (Access Control GE). However, we also agreed that this will be explored for the 3rd release of FI-WARE so the UPM will implement it in the proxy between the keystone middleware and the XACML PDP component for the FI-WARE Second Release. There was an AP on the UPM team to refine the presentation as to document separately: a) the sequence diagrams matching interactions with OpenStack components (from the IaaS SM or the Cloud Cloud portal) b) the sequence diagrams matching interaction with any other FI-WARE GE or APIs exported by FI-WARE Applications. For components deployed outside the Cloud backend boundaries, i.e., components deployed on the IoT gateway, we have to find out how the OAuth 2.0 schema will be implemented. Can someone from the Security team or the IoT team ellaborate on initial ideas on how this could be implemented ? It would be nice to initiate the discussion in this mailing list. Best regards, -- Juanjo ------------- Product Development and Innovation (PDI) - Telefonica Digital website: www.tid.es<http://www.tid.es> email: jhierro at tid.es<mailto:jhierro at tid.es> twitter: twitter.com/JuanjoHierro FI-WARE (European Future Internet Core Platform) Coordinator and Chief Architect You can follow FI-WARE at: website: http://www.fi-ware.eu facebook: http://www.facebook.com/pages/FI-WARE/251366491587242 twitter: http://twitter.com/FIware linkedIn: http://www.linkedin.com/groups/FIWARE-4239932 ________________________________ Este mensaje se dirige exclusivamente a su destinatario. Puede consultar nuestra política de envío y recepción de correo electrónico en el enlace situado más abajo. This message is intended exclusively for its addressee. We only send and receive email on the basis of the terms set out at: http://www.tid.es/ES/PAGINAS/disclaimer.aspx -------------- next part -------------- An HTML attachment was scrubbed... URL: <https://lists.fiware.org/private/fiware-api-cross/attachments/20130305/1122e020/attachment.html>
You can get more information about our cookies and privacy policies clicking on the following links: Privacy policy Cookies policy