Dear Pascal and Daniel, As already commented in my previous mail, one of the issues that were discussed during the last FI-PPP Architecture Board was the issue about access control to APIs exported by FI-WARE GEs deployed on the FI-WARE Testbed. As per know, we are simply applying a filtering on IP addresses that can access to APIs exported by FI-WARE GEs. However, this is not suitable for scenarios where the IP address from which access will be requested in advance (e.g, access from mobile smartphones). A more smart/flexible approach should be feasible relying on the Identity Management GE that should enable filtering not based on the IP addresses but the authenticated entity on behalf requests to APIs are issued. We need to establish a recommendation about how the Use Case projects should design their architecture of their PoC in order to implement an authenticated and single sign-on access architecture to APIs based on the Identity Management GEs. Such recommendation may help to enrich documentation of the FI-WARE Reference Architecture. I believe that this, far to be a problem, is an opportunity to push usage of Identity Management GEs by Use Case Projects. I would like to setup a internal confcall at which I would kindly request the Security Chapter to present what they would propose on the matter, so that we can discuss what finally propose (maybe there are several formulas, so it would be worth to elaborate on each of them). Following is a doodle that I have setup so that Pascal, Daniel and whoever they believe should attend from the Security chapter may record their availability. Tomorrow at 12:00 CET I would announce the final date/time: http://www.doodle.com/msbhwgkubiwwcdnv This internal confcall is not mandatory for all WPAs but, of course, they are more than welcome to attend. It is highly recommended that people from the Security chapter attend. Cheers, -- Juanjo ------------- Product Development and Innovation (PDI) - Telefonica Digital website: www.tid.es email: jhierro at tid.es twitter: twitter.com/JuanjoHierro FI-WARE (European Future Internet Core Platform) Chief Architect You can follow FI-WARE at: website: http://www.fi-ware.eu facebook: http://www.facebook.com/pages/FI-WARE/251366491587242 twitter: http://twitter.com/FIware linkedIn: http://www.linkedin.com/groups/FIWARE-4239932 ________________________________ Este mensaje se dirige exclusivamente a su destinatario. Puede consultar nuestra política de envío y recepción de correo electrónico en el enlace situado más abajo. This message is intended exclusively for its addressee. We only send and receive email on the basis of the terms set out at: http://www.tid.es/ES/PAGINAS/disclaimer.aspx -------------- next part -------------- An HTML attachment was scrubbed... URL: <https://lists.fiware.org/private/fiware-wpa/attachments/20120917/62beea9b/attachment.html>
You can get more information about our cookies and privacy policies clicking on the following links: Privacy policy Cookies policy