From anj at zurich.ibm.com Fri Dec 2 15:01:22 2011 From: anj at zurich.ibm.com (Anja Lehmann) Date: Fri, 02 Dec 2011 15:01:22 +0100 Subject: [Fiware-security] FI-WARE - CSP Event In-Reply-To: <1281_1322656848_4ED62450_1281_11576_1_eef88f04-a9a8-48db-83ee-27b03f0bc451@THSONEA01HUB06P.one.grp> References: <2343_1322645947_4ED5F9BB_2343_11097_1_35b8a84f-5627-4d3b-ae0a-641fca36e116@THSONEA01HUB04P.one.grp> <76BD4E6231F77947B6885C75E5214FA50665B053@INTMAIL01.es.int.atosorigin.com> <2343_1322647693_4ED6008D_2343_12692_1_4736ed13-ea1f-4a2e-aaba-21b2fc79f9d4@THSONEA01HUB04P.one.grp> <71C0C7C7A712EE4CA636EDFD663B4E270368143E6B@DEWDFECCR09.wdf.sap.corp> <1281_1322656848_4ED62450_1281_11576_1_eef88f04-a9a8-48db-83ee-27b03f0bc451@THSONEA01HUB06P.one.grp> Message-ID: <4ED8DA32.4060705@zurich.ibm.com> Hi Pascal, thanks for the hint, IBM also plans to be present at this forum. We actually even plan to submit a proposal for a tutorial about privacy-enhanced credentials. This would already include the recent work & development in the FI-Ware and ABC4trust projects. We think a tutorial might be a better way to present and promote those concepts and new features, since a workshop would probably be broader and also invite presentations from "external" people. ciao, anja Am 11/30/2011 1:40 PM, schrieb BISSON Pascal: > *De :*DI CERBO, Francesco [mailto:francesco.di.cerbo at sap.com] > *Envoy? :* mercredi 30 novembre 2011 13:19 > *? :* BISSON Pascal; Pedro Soria Rodriguez; fiware-security at lists.fi-ware.eu > *Cc :* LELEU Philippe; SIEUX Corinne > *Objet :* RE: [Fiware-security] FI-WARE - CSP Event > > Hi Pascal, > > On my side I cannot yet confirm our participation, I forwarded the > request to Slim, who is now not available, and we will come back to you > as soon as possible. > > Best regards, > > Francesco > > *From:*fiware-security-bounces at lists.fi-ware.eu > [mailto:fiware-security-bounces at lists.fi-ware.eu] *On Behalf Of *BISSON > Pascal > *Sent:* mercredi 30 novembre 2011 11:08 > *To:* Pedro Soria Rodriguez; fiware-security at lists.fi-ware.eu > *Cc:* LELEU Philippe; SIEUX Corinne > *Subject:* Re: [Fiware-security] FI-WARE - CSP Event > > Hi Pedro, > > I support but would like to hear from the others also the delegation > that would be ours there. BTW do you plan to be there ? > > Regards, > > Pascal > > *De :*Pedro Soria Rodriguez [mailto:pedro.soria at atosresearch.eu] > *Envoy? :* mercredi 30 novembre 2011 10:43 > *? :* BISSON Pascal; fiware-security at lists.fi-ware.eu > *Cc :* LELEU Philippe; SIEUX Corinne > *Objet :* RE: [Fiware-security] FI-WARE - CSP Event > > I think it would be good to submit a FI-WARE security workshop proposal > for the event. > > -- > Pedro Soria-Rodriguez > Head of Sector > Atos Research & Innovation > Albarrac?n, 25 > 28037 Madrid, Spain > > Email: pedro.soria at atosresearch.eu > > *From:*fiware-security-bounces at lists.fi-ware.eu > [mailto:fiware-security-bounces at lists.fi-ware.eu] *On Behalf Of *BISSON > Pascal > *Sent:* Wednesday, November 30, 2011 10:39 > *To:* fiware-security at lists.fi-ware.eu > *Cc:* LELEU Philippe; SIEUX Corinne > *Subject:* [Fiware-security] FI-WARE - CSP Event > > Dear All, > > If not already known, let me inform you of the following event relevant > for FI-WARE to be represented (especially for what concerns T8.1 & T8.2). > > CYBER SECURITY & PRIVACY EU FORUM 2012 > > (CSP EU FORUM) 24th - 25th April, Berlin, Germany > > http://www.cspforum.eu/ > > As such as Thales are planning to make it. In the meantime I?d like to > hear from anyone who had plan to also attend in order to figure the > delegation that would be ours at this event and decide on what to do it > (attendance if not creation of workshop) > > Hearing from you if having plan to attend. > > To be further discussed in any case at next audio. > > Best Regards, > > Pascal > > ------------------------------------------------------------------ > This e-mail and the documents attached are confidential and intended > solely for the addressee; it may also be privileged. If you receive > this e-mail in error, please notify the sender immediately and destroy it. > As its integrity cannot be secured on the Internet, the Atos > group liability cannot be triggered for the message content. Although > the sender endeavours to maintain a computer virus-free network, > the sender does not warrant that this transmission is virus-free and > will not be liable for any damages resulting from any virus transmitted. > > Este mensaje y los ficheros adjuntos pueden contener informacion > confidencial > destinada solamente a la(s) persona(s) mencionadas anteriormente > pueden estar protegidos por secreto profesional. > Si usted recibe este correo electronico por error, gracias por informar > inmediatamente al remitente y destruir el mensaje. > Al no estar asegurada la integridad de este mensaje sobre la red, Atos > no se hace responsable por su contenido. Su contenido no constituye ningun > compromiso para el grupo Atos, salvo ratificacion escrita por ambas partes. > Aunque se esfuerza al maximo por mantener su red libre de virus, el emisor > no puede garantizar nada al respecto y no sera responsable de cualesquiera > danos que puedan resultar de una transmision de virus. > ------------------------------------------------------------------ > > > > _______________________________________________ > Fiware-security mailing list > Fiware-security at lists.fi-ware.eu > http://lists.fi-ware.eu/listinfo/fiware-security -- Dr. Anja Lehmann IBM Research Zurich zurich.ibm.com/~anj tel: +41 44 724 8351 fax: +41 44 724 8953 From pascal.bisson at thalesgroup.com Mon Dec 5 10:56:41 2011 From: pascal.bisson at thalesgroup.com (BISSON Pascal) Date: Mon, 5 Dec 2011 10:56:41 +0100 Subject: [Fiware-security] FI-WARE - Security Message-ID: <16324_1323079007_4EDC955F_16324_15344_1_2dfe7108-c6f6-4e15-872e-9653b4ad8524@THSONEA01HUB01P.one.grp> Dear All, This just to confirm our next audio conf of Friday 9/12 (10am-12am). At this audio conf we will address the following items: 1. Report on Sprint 1 outcomes per task and per GE (please task leaders prepare and distribute prior to our audio conf a short textual report on Sprint1. To be reviewed at our audio and them uploaded on the WP8 internal repository), a. Also update the status of work items you had for sprint 1 accordingly (closed vs still under execution) 2. Report per task and per GE work items and user stories planned to be addressing during the Second sprint (December). Once more I need here from each of the task leads a short textual description of what a. Bear in mind Sprint 2 items should somehow also reflect things we are now engaged in (i.e. Architecture spec., Open Calls, ...) 3. Report on progress regarding tickets issued and by the UC and which have been assigned. 4. M9 Deliverable - Architecture Specifications (will discuss our approach to it) 5. Open Calls a. Need here a short but sound textual description for each of the items which have been proposed (in order to have them reviewed and further discussed) b. Count here on each of the Task leads/GE Owners topics proposers to come once more with such a textual description at our meeting (...) 6. WP8 Meeting (set the date of next Physical meeting) 7. Other topics (M12 deliverables, ...) Counting on you all to be present at our audio conf on Friday being said we have important topics to be discussed there. Don't forget to also perform preparatory actions requested to make our audio conf effective/efficient. Thanks in advance and talk with you there. Best Regards, Pascal -------------- next part -------------- An HTML attachment was scrubbed... URL: From pascal.bisson at thalesgroup.com Tue Dec 6 07:03:35 2011 From: pascal.bisson at thalesgroup.com (BISSON Pascal) Date: Tue, 6 Dec 2011 07:03:35 +0100 Subject: [Fiware-security] FI-WARE - CSP Event In-Reply-To: <4ED8DA32.4060705@zurich.ibm.com> References: <2343_1322645947_4ED5F9BB_2343_11097_1_35b8a84f-5627-4d3b-ae0a-641fca36e116@THSONEA01HUB04P.one.grp> <76BD4E6231F77947B6885C75E5214FA50665B053@INTMAIL01.es.int.atosorigin.com> <2343_1322647693_4ED6008D_2343_12692_1_4736ed13-ea1f-4a2e-aaba-21b2fc79f9d4@THSONEA01HUB04P.one.grp> <71C0C7C7A712EE4CA636EDFD663B4E270368143E6B@DEWDFECCR09.wdf.sap.corp> <1281_1322656848_4ED62450_1281_11576_1_eef88f04-a9a8-48db-83ee-27b03f0bc451@THSONEA01HUB06P.one.grp> <4ED8DA32.4060705@zurich.ibm.com> Message-ID: <1000_1323151420_4EDDB03C_1000_15257_1_27c9dc4d-6df2-489f-95d1-4078b1ca85d8@THSONEA01HUB05P.one.grp> Ok Thanks for the notice Anja. Please provide me with the details of this tutorial once settled. This to keep track of it. BR Pascal -----Message d'origine----- De?: Anja Lehmann [mailto:anj at zurich.ibm.com] Envoy??: vendredi 2 d?cembre 2011 15:01 ??: BISSON Pascal Cc?: DI CERBO, Francesco; Pedro Soria Rodriguez; fiware-security at lists.fi-ware.eu; LELEU Philippe; SIEUX Corinne Objet?: Re: [Fiware-security] FI-WARE - CSP Event Hi Pascal, thanks for the hint, IBM also plans to be present at this forum. We actually even plan to submit a proposal for a tutorial about privacy-enhanced credentials. This would already include the recent work & development in the FI-Ware and ABC4trust projects. We think a tutorial might be a better way to present and promote those concepts and new features, since a workshop would probably be broader and also invite presentations from "external" people. ciao, anja Am 11/30/2011 1:40 PM, schrieb BISSON Pascal: > *De :*DI CERBO, Francesco [mailto:francesco.di.cerbo at sap.com] > *Envoy? :* mercredi 30 novembre 2011 13:19 > *? :* BISSON Pascal; Pedro Soria Rodriguez; fiware-security at lists.fi-ware.eu > *Cc :* LELEU Philippe; SIEUX Corinne > *Objet :* RE: [Fiware-security] FI-WARE - CSP Event > > Hi Pascal, > > On my side I cannot yet confirm our participation, I forwarded the > request to Slim, who is now not available, and we will come back to you > as soon as possible. > > Best regards, > > Francesco > > *From:*fiware-security-bounces at lists.fi-ware.eu > [mailto:fiware-security-bounces at lists.fi-ware.eu] *On Behalf Of *BISSON > Pascal > *Sent:* mercredi 30 novembre 2011 11:08 > *To:* Pedro Soria Rodriguez; fiware-security at lists.fi-ware.eu > *Cc:* LELEU Philippe; SIEUX Corinne > *Subject:* Re: [Fiware-security] FI-WARE - CSP Event > > Hi Pedro, > > I support but would like to hear from the others also the delegation > that would be ours there. BTW do you plan to be there ? > > Regards, > > Pascal > > *De :*Pedro Soria Rodriguez [mailto:pedro.soria at atosresearch.eu] > *Envoy? :* mercredi 30 novembre 2011 10:43 > *? :* BISSON Pascal; fiware-security at lists.fi-ware.eu > *Cc :* LELEU Philippe; SIEUX Corinne > *Objet :* RE: [Fiware-security] FI-WARE - CSP Event > > I think it would be good to submit a FI-WARE security workshop proposal > for the event. > > -- > Pedro Soria-Rodriguez > Head of Sector > Atos Research & Innovation > Albarrac?n, 25 > 28037 Madrid, Spain > > Email: pedro.soria at atosresearch.eu > > *From:*fiware-security-bounces at lists.fi-ware.eu > [mailto:fiware-security-bounces at lists.fi-ware.eu] *On Behalf Of *BISSON > Pascal > *Sent:* Wednesday, November 30, 2011 10:39 > *To:* fiware-security at lists.fi-ware.eu > *Cc:* LELEU Philippe; SIEUX Corinne > *Subject:* [Fiware-security] FI-WARE - CSP Event > > Dear All, > > If not already known, let me inform you of the following event relevant > for FI-WARE to be represented (especially for what concerns T8.1 & T8.2). > > CYBER SECURITY & PRIVACY EU FORUM 2012 > > (CSP EU FORUM) 24th - 25th April, Berlin, Germany > > http://www.cspforum.eu/ > > As such as Thales are planning to make it. In the meantime I'd like to > hear from anyone who had plan to also attend in order to figure the > delegation that would be ours at this event and decide on what to do it > (attendance if not creation of workshop) > > Hearing from you if having plan to attend. > > To be further discussed in any case at next audio. > > Best Regards, > > Pascal > > ------------------------------------------------------------------ > This e-mail and the documents attached are confidential and intended > solely for the addressee; it may also be privileged. If you receive > this e-mail in error, please notify the sender immediately and destroy it. > As its integrity cannot be secured on the Internet, the Atos > group liability cannot be triggered for the message content. Although > the sender endeavours to maintain a computer virus-free network, > the sender does not warrant that this transmission is virus-free and > will not be liable for any damages resulting from any virus transmitted. > > Este mensaje y los ficheros adjuntos pueden contener informacion > confidencial > destinada solamente a la(s) persona(s) mencionadas anteriormente > pueden estar protegidos por secreto profesional. > Si usted recibe este correo electronico por error, gracias por informar > inmediatamente al remitente y destruir el mensaje. > Al no estar asegurada la integridad de este mensaje sobre la red, Atos > no se hace responsable por su contenido. Su contenido no constituye ningun > compromiso para el grupo Atos, salvo ratificacion escrita por ambas partes. > Aunque se esfuerza al maximo por mantener su red libre de virus, el emisor > no puede garantizar nada al respecto y no sera responsable de cualesquiera > danos que puedan resultar de una transmision de virus. > ------------------------------------------------------------------ > > > > _______________________________________________ > Fiware-security mailing list > Fiware-security at lists.fi-ware.eu > http://lists.fi-ware.eu/listinfo/fiware-security -- Dr. Anja Lehmann IBM Research Zurich zurich.ibm.com/~anj tel: +41 44 724 8351 fax: +41 44 724 8953 From robert.seidl at nsn.com Tue Dec 6 18:17:51 2011 From: robert.seidl at nsn.com (Seidl, Robert (NSN - DE/Munich)) Date: Tue, 6 Dec 2011 18:17:51 +0100 Subject: [Fiware-security] FI-WARE - Security --> tickets from UC projects In-Reply-To: A<16324_1323079007_4EDC955F_16324_15344_1_2dfe7108-c6f6-4e15-872e-9653b4ad8524@THSONEA01HUB01P.one.grp> References: A<16324_1323079007_4EDC955F_16324_15344_1_2dfe7108-c6f6-4e15-872e-9653b4ad8524@THSONEA01HUB01P.one.grp> Message-ID: <9739B018F0466A4CAB10A9DABBEBF5A6468789@DEMUEXC027.nsn-intra.net> Hi all, based on feedback from Antonio, Francesco and Norbert we provided some comments to the tickets from UC projects. The comments are related to Identity and Privacy. @ Antonio and Francesco: We added some comments to your statements (please have a look at column A and B). @ All others: Please feel free to comment as well. Greetings Robert From: fiware-security-bounces at lists.fi-ware.eu [mailto:fiware-security-bounces at lists.fi-ware.eu] On Behalf Of ext BISSON Pascal Sent: Monday, December 05, 2011 10:57 AM To: fiware-security at lists.fi-ware.eu Subject: [Fiware-security] FI-WARE - Security Dear All, This just to confirm our next audio conf of Friday 9/12 (10am-12am). At this audio conf we will address the following items: Report on Sprint 1 outcomes per task and per GE (please task leaders prepare and distribute prior to our audio conf a short textual report on Sprint1. To be reviewed at our audio and them uploaded on the WP8 internal repository), a. Also update the status of work items you had for sprint 1 accordingly (closed vs still under execution) 2. 2. Report per task and per GE work items and user stories planned to be addressing during the Second sprint (December). Once more I need here from each of the task leads a short textual description of what a. Bear in mind Sprint 2 items should somehow also reflect things we are now engaged in (i.e. Architecture spec., Open Calls, ...) 3. Report on progress regarding tickets issued and by the UC and which have been assigned. 4. M9 Deliverable - Architecture Specifications (will discuss our approach to it) 5. Open Calls a. n lang=EN-US>Need here a short but sound textual description for each of the items which have been proposed (in order to have them reviewed and further discussed) b. Count here on each of the Task leads/GE Owners topics proposers to come once more with such a textual description at our meeting (...) 6. WP8 Meeting (set the date of next Physical meeting) 7. Other topics (M12 deliverables, ...) Counting on you all to be present at our audio conf on Friday being said we have important topics to be discussed there. Don't forget to also perform preparatory actions requested to make our audio conf effective/efficient. Thanks in advance and talk with you there. Best Regards, Pascal -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: FI-WARE Security tickets_v2.xls Type: application/vnd.ms-excel Size: 82432 bytes Desc: FI-WARE Security tickets_v2.xls URL: From pascal.bisson at thalesgroup.com Wed Dec 7 09:49:54 2011 From: pascal.bisson at thalesgroup.com (BISSON Pascal) Date: Wed, 7 Dec 2011 09:49:54 +0100 Subject: [Fiware-security] TR: [Fiware-wpl] GUIDELINE: FI-WARE Architecture Specifications: proposed solution for some of the pending questions Message-ID: <25441_1323247802_4EDF28BA_25441_11121_1_d9e10546-02a5-4297-b691-155bf6fdd6cd@THSONEA01HUB01P.one.grp> Dear All, I'm forwarding you this email with guidelines I got from Juanjo to create the Architecture deliverable (due by end of January - aka M9 deliverable). Please go through it and if you have any comments, remarks and/or questions please send them to me. Regards, Pascal De : fiware-wpl-bounces at lists.fi-ware.eu [mailto:fiware-wpl-bounces at lists.fi-ware.eu] De la part de Juanjo Hierro Envoy? : mercredi 7 d?cembre 2011 08:55 ? : fiware-wpl at lists.fi-ware.eu; fiware-wpa at lists.fi-ware.eu Objet : [Fiware-wpl] GUIDELINE: FI-WARE Architecture Specifications: proposed solution for some of the pending questions Hi all, On Nov 30th, I sent a detailed email describing how I think we should approach development of the next major deliverable, i.e., the deliverable on FI-WARE Architecture Specifications. I hope that all of you had already read carefully its contents so that we all are on the same page. There were two questions that were pending to solve before starting the actual writing of the deliverable on the Wiki. I elaborate on the proposed approach for both of them here. 1. Conventions for figures to include in Architecture Specifications In order to get an harmonized set of specifications a convention for figures describing aspects of the Functional Architecture linked to a GE has to be adopted. After some analysis, Thomas and me have decided to propose following FMC conventions for "Block Diagrams - Compositional Structures" defined in [1]. Note that the adoption of FMC conventions is limited to these Block Diagrams. Rest is not mandatory at all (nor indeed needed for this deliverable). Unless we hear about any objection, this will be the adopted recommendation you should forward to your teams. The gallery of basic elements used in FMC Block Diagrams is pretty simple, so I'm sure you could use any of your favorite editing tools for creating Architecture Description Diagrams, even powerpoint. For those who may not want to use powerpoint but a drawing tool that is better tailored to draw Diagrams, we may recommend yED (see [2]) 2. Uploading contents on the Wiki As already explained in one of my previous mails in response to a question made by Torsten, we will definitively go for developing contents of this deliverable on the Wiki. Therefore, one of the questions we should answer first is where on the Wiki. Here you are a list of points that describe the approach I suggest we should follow: * A new entry on the main home page of the FI-WARE Wiki will be created titled "FI-WARE Architecture". This will lead to a Wiki page were we will provide: * a short introduction of the goal of the Architecture Specifications * links to specific Wiki pages, one per chapter of FI-WARE. Each of these Wiki pages will be structured so that it includes an Introduction section (we will decide what comes here later) and a section per GE who should follow the structure we described in the email I sent on Nov 30 (note that the CORBA Event Service example I provided would map to the concept of a single GE in FI-WARE like the Pub/Sub Broker GE) * a link to a Wiki page to be titled "Bringing all pieces together", were we will elaborate on the description of how the different chapters will connect together from an architectural point of view, serving example (but generic) use case scenarios. * We should include a section titled "Open Specifications" at each of the GE sections we have under the "Materializing the FI-WARE Vision" part of the Wiki. This section will contain a bullet list of two items, each one linking to a Wiki page. The first one will be titled "Architecture Specification" and the second one will be titled "Detailed Interface Specifications". The first one will be a direct link to the section dedicated to the GE under the "FI-WARE Architecture" part of the Wiki described in the point above (note this will allow to navigate to concrete GE Architecture Specifications from the "Materializing the FI-WARE Vision" part of the Wiki, but that is precisely something we want to achieve). The second one will be where the detailed description of what remains regarding the complete set of Open Specifications linked to a GE, that is, the detailed description (signature and behaviour description of provided APIs, definition of protocols, non-functional mandatory features, etc) of interfaces introduced in the Architecture Specification. A draft of the guidelines, based on the above descriptive text, will be made soon available on the FI-WARE Project Handbook available on the Wiki. Please don't hesitate to make any question or formulate any doubt so that answers can help to enrich the guidelines. Please share this email with members of your team. Cheers, -- Juanjo References: [1] - http://www.fmc-modeling.org/notation_reference [2] - http://www.yworks.com/en/products_yed_about.html ________________________________ Este mensaje se dirige exclusivamente a su destinatario. Puede consultar nuestra pol?tica de env?o y recepci?n de correo electr?nico en el enlace situado m?s abajo. This message is intended exclusively for its addressee. We only send and receive email on the basis of the terms set out at. http://www.tid.es/ES/PAGINAS/disclaimer.aspx -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- An embedded and charset-unspecified text was scrubbed... Name: ATT00001.txt URL: From pascal.bisson at thalesgroup.com Wed Dec 7 17:05:05 2011 From: pascal.bisson at thalesgroup.com (BISSON Pascal) Date: Wed, 7 Dec 2011 17:05:05 +0100 Subject: [Fiware-security] TR: FI-WARE - Call for virtual meeting between WP8 and WP6 Message-ID: <1346_1323273908_4EDF8EB4_1346_5272_1_3efa56b4-b56c-4b2c-bbad-af7d8cd1d416@THSONEA01HUB03P.one.grp> FYI. Another thing to be discussed at our audio conf planned this Friday. @Robert could you please start working on the response from your side as it can only help to prepare our answer on behalf Security WP. Despite the fact I was not expecting for this type of answer when issuing my invitation to WP6 to interact with them this also relates to one of my previous demands (still pending) directed towards each of Security GE owners to come up with a initial description of the APIs that would accompany its GE(s). It seems that time has come to work hard on this. In any case and as I nsaid to further discussed at our next audio. Regards, Pascal De : CARLOS RALLI UCENDO [mailto:ralli at tid.es] Envoy? : mercredi 7 d?cembre 2011 16:34 ? : BISSON Pascal Cc : JUAN JOSE HIERRO SUREDA; GIDOIN Daniel Objet : Re: FI-WARE - Call for virtual meeting between WP8 and WP6 Dear Pascal, A cross-WP workshop involving WP6 & WP8 turns to be a desirable step in our roadmap. However, based on the information shared and discussed in our previous meeting, there is still a significant lack of details on security GEs that may jeopardize a fruitful meeting. Particularly, in the context of Security GEs, we expect much more detailed practical descriptions of ID management & access control APIs/interfaces. This information should be formatted in a way so that all other WPs (WP6 too) can more precisely figure out the whole ID and access control model as well as how to use the related APIs in practice. Is it ok if you prepare some slides/material in the Wiki on this regard and let us know? We would be pleased to organize WP6-WP8 meeting afterwards. Thanks in advance for your input, Best regards, -- ------------------------------------------------------- Carlos Ralli Ucendo (ralli at tid.es) Cell: +34696923588 Telef?nica I+D SAU Madrid, Spain ------------------------------------------------------- El 06/12/2011, a las 07:01, BISSON Pascal escribi?: Dear Carlos, Dear Juanjo, This mail just to call for a virtual meeting meeting between WP8 and WP6 on security GEs we defined and security issues you identified. This meeting can be seen as a follow up of the meeting WP8 had with other ATs to present its GEs. The objective of this second meeting would be to further discuss and align from both sides on security concerns related to Data/context Mgt Chapter (aka WP6) and how WP8 through GEs defined could help. Could you please provide me with your availability dates for such a meeting to take place asap. Many thanks in advance. Best Regards, Pascal ________________________________ Este mensaje se dirige exclusivamente a su destinatario. Puede consultar nuestra pol?tica de env?o y recepci?n de correo electr?nico en el enlace situado m?s abajo. This message is intended exclusively for its addressee. We only send and receive email on the basis of the terms set out at. http://www.tid.es/ES/PAGINAS/disclaimer.aspx -------------- next part -------------- An HTML attachment was scrubbed... URL: From francesco.di.cerbo at sap.com Thu Dec 8 11:52:59 2011 From: francesco.di.cerbo at sap.com (DI CERBO, Francesco) Date: Thu, 8 Dec 2011 11:52:59 +0100 Subject: [Fiware-security] FI-WARE - CSP Event In-Reply-To: <8E18929A6C79354FB4BD9BD4636DCB0623730F@INTMAIL03.es.int.atosorigin.com> References: <2343_1322645947_4ED5F9BB_2343_11097_1_35b8a84f-5627-4d3b-ae0a-641fca36e116@THSONEA01HUB04P.one.grp> <76BD4E6231F77947B6885C75E5214FA50665B053@INTMAIL01.es.int.atosorigin.com> <2343_1322647693_4ED6008D_2343_12692_1_4736ed13-ea1f-4a2e-aaba-21b2fc79f9d4@THSONEA01HUB04P.one.grp> <76BD4E6231F77947B6885C75E5214FA50665B0EC@INTMAIL01.es.int.atosorigin.com> <8E18929A6C79354FB4BD9BD4636DCB0623730F@INTMAIL03.es.int.atosorigin.com> Message-ID: <71C0C7C7A712EE4CA636EDFD663B4E27036868B6F1@DEWDFECCR09.wdf.sap.corp> Hello all, On our side, I confirm that someone from SAP shall be at the conference, and that we find a good idea to propose a workshop there. Best regards, Francesco From: fiware-security-bounces at lists.fi-ware.eu [mailto:fiware-security-bounces at lists.fi-ware.eu] On Behalf Of Antonio Garcia Vazquez Sent: mercredi 30 novembre 2011 20:17 To: Pedro Soria Rodriguez; BISSON Pascal; fiware-security at lists.fi-ware.eu Cc: LELEU Philippe; SIEUX Corinne Subject: Re: [Fiware-security] FI-WARE - CSP Event Pascal, Taking into account that the proposal workshop will take place by April next year and the fact that (at least) we?ll have already submitted the results from release one. I think that the information we have in the Wiki & Forge trackers could be an starting point to fill the required submission form (see attached). So the Workshop would probably present all or the most interesting results from: - Monitoring: Atactk Paths & topological vulnerabilities analysis and Nessus scanner defined Normalization strategies. - Data Control (GE): PLL engine & IDMix ? analysis of the anonymous credential-based access control. - Optional Enablers: Analysis of how we are going to deploy the DBAnonymization, Service serialization, Secure Storage and Morphus assets as services & API?s to be developed. - Context based - USDL-SEC: First draft USDL-SEC specifications - Some demo from the services we will be developing if possible. Finally we must also keep in mind that the submissions is on 9th December 2011. Best Regards ************************************ * Antonio Garc?a-V?zquez * * (+34) 91 214 9384 * * antonio.garcia at atosresearch.eu * ************************************ From: fiware-security-bounces at lists.fi-ware.eu [mailto:fiware-security-bounces at lists.fi-ware.eu] On Behalf Of Pedro Soria Rodriguez Sent: mi?rcoles, 30 de noviembre de 2011 11:34 To: BISSON Pascal; fiware-security at lists.fi-ware.eu Cc: LELEU Philippe; SIEUX Corinne Subject: Re: [Fiware-security] FI-WARE - CSP Event Sure, let?s hear the opinion of WP8 partners; I stated ours. I am not sure whether I will attend personally the CSP just yet. Atos will probably submit other workshop proposals to CSP Forum. -- Pedro Soria-Rodriguez Head of Sector Atos Research & Innovation Albarrac?n, 25 28037 Madrid, Spain Email: pedro.soria at atosresearch.eu From: BISSON Pascal [mailto:pascal.bisson at thalesgroup.com] Sent: Wednesday, November 30, 2011 11:08 To: Pedro Soria Rodriguez; fiware-security at lists.fi-ware.eu Cc: LELEU Philippe; SIEUX Corinne Subject: RE: [Fiware-security] FI-WARE - CSP Event Hi Pedro, I support but would like to hear from the others also the delegation that would be ours there. BTW do you plan to be there ? Regards, Pascal De : Pedro Soria Rodriguez [mailto:pedro.soria at atosresearch.eu] Envoy? : mercredi 30 novembre 2011 10:43 ? : BISSON Pascal; fiware-security at lists.fi-ware.eu Cc : LELEU Philippe; SIEUX Corinne Objet : RE: [Fiware-security] FI-WARE - CSP Event I think it would be good to submit a FI-WARE security workshop proposal for the event. -- Pedro Soria-Rodriguez Head of Sector Atos Research & Innovation Albarrac?n, 25 28037 Madrid, Spain Email: pedro.soria at atosresearch.eu From: fiware-security-bounces at lists.fi-ware.eu [mailto:fiware-security-bounces at lists.fi-ware.eu] On Behalf Of BISSON Pascal Sent: Wednesday, November 30, 2011 10:39 To: fiware-security at lists.fi-ware.eu Cc: LELEU Philippe; SIEUX Corinne Subject: [Fiware-security] FI-WARE - CSP Event Dear All, If not already known, let me inform you of the following event relevant for FI-WARE to be represented (especially for what concerns T8.1 & T8.2). CYBER SECURITY & PRIVACY EU FORUM 2012 (CSP EU FORUM) 24th - 25th April, Berlin, Germany http://www.cspforum.eu/ As such as Thales are planning to make it. In the meantime I?d like to hear from anyone who had plan to also attend in order to figure the delegation that would be ours at this event and decide on what to do it (attendance if not creation of workshop) Hearing from you if having plan to attend. To be further discussed in any case at next audio. Best Regards, Pascal ------------------------------------------------------------------ This e-mail and the documents attached are confidential and intended solely for the addressee; it may also be privileged. If you receive this e-mail in error, please notify the sender immediately and destroy it. As its integrity cannot be secured on the Internet, the Atos group liability cannot be triggered for the message content. Although the sender endeavours to maintain a computer virus-free network, the sender does not warrant that this transmission is virus-free and will not be liable for any damages resulting from any virus transmitted. Este mensaje y los ficheros adjuntos pueden contener informacion confidencial destinada solamente a la(s) persona(s) mencionadas anteriormente pueden estar protegidos por secreto profesional. Si usted recibe este correo electronico por error, gracias por informar inmediatamente al remitente y destruir el mensaje. Al no estar asegurada la integridad de este mensaje sobre la red, Atos no se hace responsable por su contenido. Su contenido no constituye ningun compromiso para el grupo Atos, salvo ratificacion escrita por ambas partes. Aunque se esfuerza al maximo por mantener su red libre de virus, el emisor no puede garantizar nada al respecto y no sera responsable de cualesquiera danos que puedan resultar de una transmision de virus. ------------------------------------------------------------------ ------------------------------------------------------------------ This e-mail and the documents attached are confidential and intended solely for the addressee; it may also be privileged. If you receive this e-mail in error, please notify the sender immediately and destroy it. As its integrity cannot be secured on the Internet, the Atos group liability cannot be triggered for the message content. Although the sender endeavours to maintain a computer virus-free network, the sender does not warrant that this transmission is virus-free and will not be liable for any damages resulting from any virus transmitted. Este mensaje y los ficheros adjuntos pueden contener informacion confidencial destinada solamente a la(s) persona(s) mencionadas anteriormente pueden estar protegidos por secreto profesional. Si usted recibe este correo electronico por error, gracias por informar inmediatamente al remitente y destruir el mensaje. Al no estar asegurada la integridad de este mensaje sobre la red, Atos no se hace responsable por su contenido. Su contenido no constituye ningun compromiso para el grupo Atos, salvo ratificacion escrita por ambas partes. Aunque se esfuerza al maximo por mantener su red libre de virus, el emisor no puede garantizar nada al respecto y no sera responsable de cualesquiera danos que puedan resultar de una transmision de virus. ------------------------------------------------------------------ ------------------------------------------------------------------ This e-mail and the documents attached are confidential and intended solely for the addressee; it may also be privileged. If you receive this e-mail in error, please notify the sender immediately and destroy it. As its integrity cannot be secured on the Internet, the Atos group liability cannot be triggered for the message content. Although the sender endeavours to maintain a computer virus-free network, the sender does not warrant that this transmission is virus-free and will not be liable for any damages resulting from any virus transmitted. Este mensaje y los ficheros adjuntos pueden contener informacion confidencial destinada solamente a la(s) persona(s) mencionadas anteriormente pueden estar protegidos por secreto profesional. Si usted recibe este correo electronico por error, gracias por informar inmediatamente al remitente y destruir el mensaje. Al no estar asegurada la integridad de este mensaje sobre la red, Atos no se hace responsable por su contenido. Su contenido no constituye ningun compromiso para el grupo Atos, salvo ratificacion escrita por ambas partes. Aunque se esfuerza al maximo por mantener su red libre de virus, el emisor no puede garantizar nada al respecto y no sera responsable de cualesquiera danos que puedan resultar de una transmision de virus. ------------------------------------------------------------------ -------------- next part -------------- An HTML attachment was scrubbed... URL: From robert.seidl at nsn.com Thu Dec 8 11:58:06 2011 From: robert.seidl at nsn.com (Seidl, Robert (NSN - DE/Munich)) Date: Thu, 8 Dec 2011 11:58:06 +0100 Subject: [Fiware-security] FI-WARE - Call for virtual meeting between WP8 and WP6 In-Reply-To: <1346_1323273908_4EDF8EB4_1346_5272_1_3efa56b4-b56c-4b2c-bbad-af7d8cd1d416@THSONEA01HUB03P.one.grp> References: <1346_1323273908_4EDF8EB4_1346_5272_1_3efa56b4-b56c-4b2c-bbad-af7d8cd1d416@THSONEA01HUB03P.one.grp> Message-ID: <9739B018F0466A4CAB10A9DABBEBF5A6468E27@DEMUEXC027.nsn-intra.net> Hi Pascal, according to what we have agreed during our meeting in Nice we can provide this information end of January (at least for IDM enabler). API definition will follow later (end of April). Please refer to the slides for more details (I copied here the essential info). * 1st minor release (end of January) * Focus on Identity Generic Enabler * Consolidate the specifications related to the design of the Protocols and Interfaces between the PPL engine and the Credential Based AC/Idmix Service * Design of the Protocols and Interfaces between the PPL engine and the Credential Based AC/Idemix Service * Design of the interface and protocol between IDM and Idemix * First sprint ending by Nov 30th * Definition of functionalities and use cases for EPICs * Concentrate on the Identity Management Generic Enabler * 2nd Minor release (ending April 30th) * api definition related to the Identity Management Generic Enabler * Development of the Protocols and Interfaces between the PPL engine and the Credential Based AC/Idmix Service * First steps towards integration related to the Privacy Generic Enabler Greetings Robert From: ext BISSON Pascal [mailto:pascal.bisson at thalesgroup.com] Sent: Wednesday, December 07, 2011 5:05 PM To: fiware-security at lists.fi-ware.eu Cc: BISSON Pascal; GIDOIN Daniel; Michael Osborne; TRABELSI, Slim; Antonio Garcia Vazquez; Seidl, Robert (NSN - DE/Munich) Subject: TR: FI-WARE - Call for virtual meeting between WP8 and WP6 FYI. Another thing to be discussed at our audio conf planned this Friday. @Robert could you please start working on the response from your side as it can only help to prepare our answer on behalf Security WP. Despite the fact I was not expecting for this type of answer when issuing my invitation to WP6 to interact with them this also relates to one of my previous demands (still pending) directed towards each of Security GE owners to come up with a initial description of the APIs that would accompany its GE(s). It seems that time has come to work hard on this. In any case and as I nsaid to further discussed at our next audio. Regards, Pascal De : CARLOS RALLI UCENDO [mailto:ralli at tid.es] Envoy? : mercredi 7 d?cembre 2011 16:34 ? : BISSON Pascal Cc : JUAN JOSE HIERRO SUREDA; GIDOIN Daniel Objet : Re: FI-WARE - Call for virtual meeting between WP8 and WP6 Dear Pascal, A cross-WP workshop involving WP6 & WP8 turns to be a desirable step in our roadmap. However, based on the information shared and discussed in our previous meeting, there is still a significant lack of details on security GEs that may jeopardize a fruitful meeting. Particularly, in the context of Security GEs, we expect much more detailed practical descriptions of ID management & access control APIs/interfaces. This information should be formatted in a way so that all other WPs (WP6 too) can more precisely figure out the whole ID and access control model as well as how to use the related APIs in practice. Is it ok if you prepare some slides/material in the Wiki on this regard and let us know? We would be pleased to organize WP6-WP8 meeting afterwards. Thanks in advance for your input, Best regards, -- ------------------------------------------------------- Carlos Ralli Ucendo (ralli at tid.es) Cell: +34696923588 Telef?nica I+D SAU Madrid, Spain ------------------------------------------------------- El 06/12/2011, a las 07:01, BISSON Pascal escribi?: Dear Carlos, Dear Juanjo, This mail just to call for a virtual meeting meeting between WP8 and WP6 on security GEs we defined and security issues you identified. This meeting can be seen as a follow up of the meeting WP8 had with other ATs to present its GEs. The objective of this second meeting would be to further discuss and align from both sides on security concerns related to Data/context Mgt Chapter (aka WP6) and how WP8 through GEs defined could help. Could you please provide me with your availability dates for such a meeting to take place asap. Many thanks in advance. Best Regards, Pascal ________________________________ Este mensaje se dirige exclusivamente a su destinatario. Puede consultar nuestra pol?tica de env?o y recepci?n de correo electr?nico en el enlace situado m?s abajo. This message is intended exclusively for its addressee. We only send and receive email on the basis of the terms set out at. http://www.tid.es/ES/PAGINAS/disclaimer.aspx -------------- next part -------------- An HTML attachment was scrubbed... URL: From pedro.soria at atosresearch.eu Thu Dec 8 13:41:04 2011 From: pedro.soria at atosresearch.eu (Pedro Soria Rodriguez) Date: Thu, 8 Dec 2011 13:41:04 +0100 Subject: [Fiware-security] FI-WARE - CSP Event In-Reply-To: <71C0C7C7A712EE4CA636EDFD663B4E27036868B6F1@DEWDFECCR09.wdf.sap.corp> References: <2343_1322645947_4ED5F9BB_2343_11097_1_35b8a84f-5627-4d3b-ae0a-641fca36e116@THSONEA01HUB04P.one.grp> <76BD4E6231F77947B6885C75E5214FA50665B053@INTMAIL01.es.int.atosorigin.com> <2343_1322647693_4ED6008D_2343_12692_1_4736ed13-ea1f-4a2e-aaba-21b2fc79f9d4@THSONEA01HUB04P.one.grp> <76BD4E6231F77947B6885C75E5214FA50665B0EC@INTMAIL01.es.int.atosorigin.com> <8E18929A6C79354FB4BD9BD4636DCB0623730F@INTMAIL03.es.int.atosorigin.com> <71C0C7C7A712EE4CA636EDFD663B4E27036868B6F1@DEWDFECCR09.wdf.sap.corp> Message-ID: <76BD4E6231F77947B6885C75E5214FA5066DB65D@INTMAIL01.es.int.atosorigin.com> The deadline is tomorrow to submit a proposal for the CSP event. Pascal, will you submit a proposal on behalf of Fi-ware? -- Pedro Soria-Rodriguez Head of Sector Atos Research & Innovation Albarrac?n, 25 28037 Madrid, Spain Email: pedro.soria at atosresearch.eu From: DI CERBO, Francesco [mailto:francesco.di.cerbo at sap.com] Sent: Thursday, December 08, 2011 11:53 To: Antonio Garcia Vazquez; Pedro Soria Rodriguez; BISSON Pascal; fiware-security at lists.fi-ware.eu Cc: LELEU Philippe; SIEUX Corinne Subject: RE: [Fiware-security] FI-WARE - CSP Event Hello all, On our side, I confirm that someone from SAP shall be at the conference, and that we find a good idea to propose a workshop there. Best regards, Francesco From: fiware-security-bounces at lists.fi-ware.eu [mailto:fiware-security-bounces at lists.fi-ware.eu] On Behalf Of Antonio Garcia Vazquez Sent: mercredi 30 novembre 2011 20:17 To: Pedro Soria Rodriguez; BISSON Pascal; fiware-security at lists.fi-ware.eu Cc: LELEU Philippe; SIEUX Corinne Subject: Re: [Fiware-security] FI-WARE - CSP Event Pascal, Taking into account that the proposal workshop will take place by April next year and the fact that (at least) we?ll have already submitted the results from release one. I think that the information we have in the Wiki & Forge trackers could be an starting point to fill the required submission form (see attached). So the Workshop would probably present all or the most interesting results from: - Monitoring: Atactk Paths & topological vulnerabilities analysis and Nessus scanner defined Normalization strategies. - Data Control (GE): PLL engine & IDMix ? analysis of the anonymous credential-based access control. - Optional Enablers: Analysis of how we are going to deploy the DBAnonymization, Service serialization, Secure Storage and Morphus assets as services & API?s to be developed. - Context based - USDL-SEC: First draft USDL-SEC specifications - Some demo from the services we will be developing if possible. Finally we must also keep in mind that the submissions is on 9th December 2011. Best Regards ************************************ * Antonio Garc?a-V?zquez * * (+34) 91 214 9384 * * antonio.garcia at atosresearch.eu * ************************************ From: fiware-security-bounces at lists.fi-ware.eu [mailto:fiware-security-bounces at lists.fi-ware.eu] On Behalf Of Pedro Soria Rodriguez Sent: mi?rcoles, 30 de noviembre de 2011 11:34 To: BISSON Pascal; fiware-security at lists.fi-ware.eu Cc: LELEU Philippe; SIEUX Corinne Subject: Re: [Fiware-security] FI-WARE - CSP Event Sure, let?s hear the opinion of WP8 partners; I stated ours. I am not sure whether I will attend personally the CSP just yet. Atos will probably submit other workshop proposals to CSP Forum. -- Pedro Soria-Rodriguez Head of Sector Atos Research & Innovation Albarrac?n, 25 28037 Madrid, Spain Email: pedro.soria at atosresearch.eu From: BISSON Pascal [mailto:pascal.bisson at thalesgroup.com] Sent: Wednesday, November 30, 2011 11:08 To: Pedro Soria Rodriguez; fiware-security at lists.fi-ware.eu Cc: LELEU Philippe; SIEUX Corinne Subject: RE: [Fiware-security] FI-WARE - CSP Event Hi Pedro, I support but would like to hear from the others also the delegation that would be ours there. BTW do you plan to be there ? Regards, Pascal De : Pedro Soria Rodriguez [mailto:pedro.soria at atosresearch.eu] Envoy? : mercredi 30 novembre 2011 10:43 ? : BISSON Pascal; fiware-security at lists.fi-ware.eu Cc : LELEU Philippe; SIEUX Corinne Objet : RE: [Fiware-security] FI-WARE - CSP Event I think it would be good to submit a FI-WARE security workshop proposal for the event. -- Pedro Soria-Rodriguez Head of Sector Atos Research & Innovation Albarrac?n, 25 28037 Madrid, Spain Email: pedro.soria at atosresearch.eu From: fiware-security-bounces at lists.fi-ware.eu [mailto:fiware-security-bounces at lists.fi-ware.eu] On Behalf Of BISSON Pascal Sent: Wednesday, November 30, 2011 10:39 To: fiware-security at lists.fi-ware.eu Cc: LELEU Philippe; SIEUX Corinne Subject: [Fiware-security] FI-WARE - CSP Event Dear All, If not already known, let me inform you of the following event relevant for FI-WARE to be represented (especially for what concerns T8.1 & T8.2). CYBER SECURITY & PRIVACY EU FORUM 2012 (CSP EU FORUM) 24th - 25th April, Berlin, Germany http://www.cspforum.eu/ As such as Thales are planning to make it. In the meantime I?d like to hear from anyone who had plan to also attend in order to figure the delegation that would be ours at this event and decide on what to do it (attendance if not creation of workshop) Hearing from you if having plan to attend. To be further discussed in any case at next audio. Best Regards, Pascal ------------------------------------------------------------------ This e-mail and the documents attached are confidential and intended solely for the addressee; it may also be privileged. If you receive this e-mail in error, please notify the sender immediately and destroy it. As its integrity cannot be secured on the Internet, the Atos group liability cannot be triggered for the message content. Although the sender endeavours to maintain a computer virus-free network, the sender does not warrant that this transmission is virus-free and will not be liable for any damages resulting from any virus transmitted. Este mensaje y los ficheros adjuntos pueden contener informacion confidencial destinada solamente a la(s) persona(s) mencionadas anteriormente pueden estar protegidos por secreto profesional. Si usted recibe este correo electronico por error, gracias por informar inmediatamente al remitente y destruir el mensaje. Al no estar asegurada la integridad de este mensaje sobre la red, Atos no se hace responsable por su contenido. Su contenido no constituye ningun compromiso para el grupo Atos, salvo ratificacion escrita por ambas partes. Aunque se esfuerza al maximo por mantener su red libre de virus, el emisor no puede garantizar nada al respecto y no sera responsable de cualesquiera danos que puedan resultar de una transmision de virus. ------------------------------------------------------------------ ------------------------------------------------------------------ This e-mail and the documents attached are confidential and intended solely for the addressee; it may also be privileged. If you receive this e-mail in error, please notify the sender immediately and destroy it. As its integrity cannot be secured on the Internet, the Atos group liability cannot be triggered for the message content. Although the sender endeavours to maintain a computer virus-free network, the sender does not warrant that this transmission is virus-free and will not be liable for any damages resulting from any virus transmitted. Este mensaje y los ficheros adjuntos pueden contener informacion confidencial destinada solamente a la(s) persona(s) mencionadas anteriormente pueden estar protegidos por secreto profesional. Si usted recibe este correo electronico por error, gracias por informar inmediatamente al remitente y destruir el mensaje. Al no estar asegurada la integridad de este mensaje sobre la red, Atos no se hace responsable por su contenido. Su contenido no constituye ningun compromiso para el grupo Atos, salvo ratificacion escrita por ambas partes. Aunque se esfuerza al maximo por mantener su red libre de virus, el emisor no puede garantizar nada al respecto y no sera responsable de cualesquiera danos que puedan resultar de una transmision de virus. ------------------------------------------------------------------ ------------------------------------------------------------------ This e-mail and the documents attached are confidential and intended solely for the addressee; it may also be privileged. If you receive this e-mail in error, please notify the sender immediately and destroy it. As its integrity cannot be secured on the Internet, the Atos group liability cannot be triggered for the message content. Although the sender endeavours to maintain a computer virus-free network, the sender does not warrant that this transmission is virus-free and will not be liable for any damages resulting from any virus transmitted. Este mensaje y los ficheros adjuntos pueden contener informacion confidencial destinada solamente a la(s) persona(s) mencionadas anteriormente pueden estar protegidos por secreto profesional. Si usted recibe este correo electronico por error, gracias por informar inmediatamente al remitente y destruir el mensaje. Al no estar asegurada la integridad de este mensaje sobre la red, Atos no se hace responsable por su contenido. Su contenido no constituye ningun compromiso para el grupo Atos, salvo ratificacion escrita por ambas partes. Aunque se esfuerza al maximo por mantener su red libre de virus, el emisor no puede garantizar nada al respecto y no sera responsable de cualesquiera danos que puedan resultar de una transmision de virus. ------------------------------------------------------------------ -------------- next part -------------- An HTML attachment was scrubbed... URL: From francesco.di.cerbo at sap.com Thu Dec 8 17:51:01 2011 From: francesco.di.cerbo at sap.com (DI CERBO, Francesco) Date: Thu, 8 Dec 2011 17:51:01 +0100 Subject: [Fiware-security] FI-WARE - Security --> tickets from UC projects In-Reply-To: <9739B018F0466A4CAB10A9DABBEBF5A6468789@DEMUEXC027.nsn-intra.net> References: A<16324_1323079007_4EDC955F_16324_15344_1_2dfe7108-c6f6-4e15-872e-9653b4ad8524@THSONEA01HUB01P.one.grp> <9739B018F0466A4CAB10A9DABBEBF5A6468789@DEMUEXC027.nsn-intra.net> Message-ID: <71C0C7C7A712EE4CA636EDFD663B4E27036868BCE8@DEWDFECCR09.wdf.sap.corp> Hi Robert, and all Please find the attached spreadsheet with updated comments. Indeed I made a mistake, I misunderstood an epic content, thanks Robert for clarifying it. However, it is not yet clear to me who and how shall perform the integration effort, to fill the gaps and fulfill completely the tickets. Tomorrow I would ask this question in our CC. Another point, @Antonio: I do not think DBAnonymizer can be of use for the ticket you commented, I put in the document a brief explanatory note. Best regards, Francesco From: Seidl, Robert (NSN - DE/Munich) [mailto:robert.seidl at nsn.com] Sent: mardi 6 d?cembre 2011 18:18 To: ext BISSON Pascal; fiware-security at lists.fi-ware.eu Cc: Antonio Garcia Vazquez; DI CERBO, Francesco; Goetze, Norbert (NSN - DE/Munich) Subject: RE: [Fiware-security] FI-WARE - Security --> tickets from UC projects Hi all, based on feedback from Antonio, Francesco and Norbert we provided some comments to the tickets from UC projects. The comments are related to Identity and Privacy. @ Antonio and Francesco: We added some comments to your statements (please have a look at column A and B). @ All others: Please feel free to comment as well. Greetings Robert From: fiware-security-bounces at lists.fi-ware.eu [mailto:fiware-security-bounces at lists.fi-ware.eu] On Behalf Of ext BISSON Pascal Sent: Monday, December 05, 2011 10:57 AM To: fiware-security at lists.fi-ware.eu Subject: [Fiware-security] FI-WARE - Security Dear All, This just to confirm our next audio conf of Friday 9/12 (10am-12am). At this audio conf we will address the following items: Report on Sprint 1 outcomes per task and per GE (please task leaders prepare and distribute prior to our audio conf a short textual report on Sprint1. To be reviewed at our audio and them uploaded on the WP8 internal repository), a. Also update the status of work items you had for sprint 1 accordingly (closed vs still under execution) 2. 2. Report per task and per GE work items and user stories planned to be addressing during the Second sprint (December). Once more I need here from each of the task leads a short textual description of what a. Bear in mind Sprint 2 items should somehow also reflect things we are now engaged in (i.e. Architecture spec., Open Calls, ...) 3. Report on progress regarding tickets issued and by the UC and which have been assigned. 4. M9 Deliverable - Architecture Specifications (will discuss our approach to it) 5. Open Calls a. n lang=EN-US>Need here a short but sound textual description for each of the items which have been proposed (in order to have them reviewed and further discussed) b. Count here on each of the Task leads/GE Owners topics proposers to come once more with such a textual description at our meeting (...) 6. WP8 Meeting (set the date of next Physical meeting) 7. Other topics (M12 deliverables, ...) Counting on you all to be present at our audio conf on Friday being said we have important topics to be discussed there. Don't forget to also perform preparatory actions requested to make our audio conf effective/efficient. Thanks in advance and talk with you there. Best Regards, Pascal -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: FI-WARE Security tickets_SAP_v2.xls Type: application/vnd.ms-excel Size: 95232 bytes Desc: FI-WARE Security tickets_SAP_v2.xls URL: From xavier.aghina at orange.com Fri Dec 9 09:51:00 2011 From: xavier.aghina at orange.com (xavier.aghina at orange.com) Date: Fri, 9 Dec 2011 09:51:00 +0100 Subject: [Fiware-security] audio conf to day Message-ID: Hello everyone, I have a last minute difficulty to attend the call this morning, I'm sorry, I would synchronisation with Daniel Gidoin on current topics. Good cheer. Xavier Aghina FT/OLNC/RD/MAPS/STT/NDS Ing?nieur de Recherche en S?curit? t?l. 01 45 29 81 59 xavier.aghina at orange.com -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: image001.gif Type: image/gif Size: 1264 bytes Desc: image001.gif URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: image002.gif Type: image/gif Size: 1081 bytes Desc: image002.gif URL: From mcp at tid.es Fri Dec 9 11:51:48 2011 From: mcp at tid.es (Miguel Carrillo) Date: Fri, 09 Dec 2011 11:51:48 +0100 Subject: [Fiware-security] FI-WARE - CSP Event In-Reply-To: <76BD4E6231F77947B6885C75E5214FA5066DB65D@INTMAIL01.es.int.atosorigin.com> References: <2343_1322645947_4ED5F9BB_2343_11097_1_35b8a84f-5627-4d3b-ae0a-641fca36e116@THSONEA01HUB04P.one.grp> <76BD4E6231F77947B6885C75E5214FA50665B053@INTMAIL01.es.int.atosorigin.com> <2343_1322647693_4ED6008D_2343_12692_1_4736ed13-ea1f-4a2e-aaba-21b2fc79f9d4@THSONEA01HUB04P.one.grp> <76BD4E6231F77947B6885C75E5214FA50665B0EC@INTMAIL01.es.int.atosorigin.com> <8E18929A6C79354FB4BD9BD4636DCB0623730F@INTMAIL03.es.int.atosorigin.com> <71C0C7C7A712EE4CA636EDFD663B4E27036868B6F1@DEWDFECCR09.wdf.sap.corp> <76BD4E6231F77947B6885C75E5214FA5066DB65D@INTMAIL01.es.int.atosorigin.com> Message-ID: <4EE1E844.2060909@tid.es> Dear all, Once this is settled, if there's finally an action, please do not forget to reflect this on the appropriate section here: https://forge.fi-ware.eu/plugins/mediawiki/wiki/fiware/index.php/Communication,_Collaboration_and_Dissemination Thanks Miguel El 08/12/2011 13:41, Pedro Soria Rodriguez escribi?: The deadline is tomorrow to submit a proposal for the CSP event. Pascal, will you submit a proposal on behalf of Fi-ware? -- Pedro Soria-Rodriguez Head of Sector Atos Research & Innovation Albarrac?n, 25 28037 Madrid, Spain Email: pedro.soria at atosresearch.eu From: DI CERBO, Francesco [mailto:francesco.di.cerbo at sap.com] Sent: Thursday, December 08, 2011 11:53 To: Antonio Garcia Vazquez; Pedro Soria Rodriguez; BISSON Pascal; fiware-security at lists.fi-ware.eu Cc: LELEU Philippe; SIEUX Corinne Subject: RE: [Fiware-security] FI-WARE - CSP Event Hello all, On our side, I confirm that someone from SAP shall be at the conference, and that we find a good idea to propose a workshop there. Best regards, Francesco From: fiware-security-bounces at lists.fi-ware.eu [mailto:fiware-security-bounces at lists.fi-ware.eu] On Behalf Of Antonio Garcia Vazquez Sent: mercredi 30 novembre 2011 20:17 To: Pedro Soria Rodriguez; BISSON Pascal; fiware-security at lists.fi-ware.eu Cc: LELEU Philippe; SIEUX Corinne Subject: Re: [Fiware-security] FI-WARE - CSP Event Pascal, Taking into account that the proposal workshop will take place by April next year and the fact that (at least) we?ll have already submitted the results from release one. I think that the information we have in the Wiki & Forge trackers could be an starting point to fill the required submission form (see attached). So the Workshop would probably present all or the most interesting results from: - Monitoring: Atactk Paths & topological vulnerabilities analysis and Nessus scanner defined Normalization strategies. - Data Control (GE): PLL engine & IDMix ? analysis of the anonymous credential-based access control. - Optional Enablers: Analysis of how we are going to deploy the DBAnonymization, Service serialization, Secure Storage and Morphus assets as services & API?s to be developed. - Context based - USDL-SEC: First draft USDL-SEC specifications - Some demo from the services we will be developing if possible. Finally we must also keep in mind that the submissions is on 9th December 2011. Best Regards ************************************ * Antonio Garc?a-V?zquez * * (+34) 91 214 9384 * * antonio.garcia at atosresearch.eu * ************************************ From: fiware-security-bounces at lists.fi-ware.eu [mailto:fiware-security-bounces at lists.fi-ware.eu] On Behalf Of Pedro Soria Rodriguez Sent: mi?rcoles, 30 de noviembre de 2011 11:34 To: BISSON Pascal; fiware-security at lists.fi-ware.eu Cc: LELEU Philippe; SIEUX Corinne Subject: Re: [Fiware-security] FI-WARE - CSP Event Sure, let?s hear the opinion of WP8 partners; I stated ours. I am not sure whether I will attend personally the CSP just yet. Atos will probably submit other workshop proposals to CSP Forum. -- Pedro Soria-Rodriguez Head of Sector Atos Research & Innovation Albarrac?n, 25 28037 Madrid, Spain Email: pedro.soria at atosresearch.eu From: BISSON Pascal [mailto:pascal.bisson at thalesgroup.com] Sent: Wednesday, November 30, 2011 11:08 To: Pedro Soria Rodriguez; fiware-security at lists.fi-ware.eu Cc: LELEU Philippe; SIEUX Corinne Subject: RE: [Fiware-security] FI-WARE - CSP Event Hi Pedro, I support but would like to hear from the others also the delegation that would be ours there. BTW do you plan to be there ? Regards, Pascal De : Pedro Soria Rodriguez [mailto:pedro.soria at atosresearch.eu] Envoy? : mercredi 30 novembre 2011 10:43 ? : BISSON Pascal; fiware-security at lists.fi-ware.eu Cc : LELEU Philippe; SIEUX Corinne Objet : RE: [Fiware-security] FI-WARE - CSP Event I think it would be good to submit a FI-WARE security workshop proposal for the event. -- Pedro Soria-Rodriguez Head of Sector Atos Research & Innovation Albarrac?n, 25 28037 Madrid, Spain Email: pedro.soria at atosresearch.eu From: fiware-security-bounces at lists.fi-ware.eu [mailto:fiware-security-bounces at lists.fi-ware.eu] On Behalf Of BISSON Pascal Sent: Wednesday, November 30, 2011 10:39 To: fiware-security at lists.fi-ware.eu Cc: LELEU Philippe; SIEUX Corinne Subject: [Fiware-security] FI-WARE - CSP Event Dear All, If not already known, let me inform you of the following event relevant for FI-WARE to be represented (especially for what concerns T8.1 & T8.2). CYBER SECURITY & PRIVACY EU FORUM 2012 (CSP EU FORUM) 24th - 25th April, Berlin, Germany http://www.cspforum.eu/ As such as Thales are planning to make it. In the meantime I?d like to hear from anyone who had plan to also attend in order to figure the delegation that would be ours at this event and decide on what to do it (attendance if not creation of workshop) Hearing from you if having plan to attend. To be further discussed in any case at next audio. Best Regards, Pascal ------------------------------------------------------------------ This e-mail and the documents attached are confidential and intended solely for the addressee; it may also be privileged. If you receive this e-mail in error, please notify the sender immediately and destroy it. As its integrity cannot be secured on the Internet, the Atos group liability cannot be triggered for the message content. Although the sender endeavours to maintain a computer virus-free network, the sender does not warrant that this transmission is virus-free and will not be liable for any damages resulting from any virus transmitted. Este mensaje y los ficheros adjuntos pueden contener informacion confidencial destinada solamente a la(s) persona(s) mencionadas anteriormente pueden estar protegidos por secreto profesional. Si usted recibe este correo electronico por error, gracias por informar inmediatamente al remitente y destruir el mensaje. Al no estar asegurada la integridad de este mensaje sobre la red, Atos no se hace responsable por su contenido. Su contenido no constituye ningun compromiso para el grupo Atos, salvo ratificacion escrita por ambas partes. Aunque se esfuerza al maximo por mantener su red libre de virus, el emisor no puede garantizar nada al respecto y no sera responsable de cualesquiera danos que puedan resultar de una transmision de virus. ------------------------------------------------------------------ ------------------------------------------------------------------ This e-mail and the documents attached are confidential and intended solely for the addressee; it may also be privileged. If you receive this e-mail in error, please notify the sender immediately and destroy it. As its integrity cannot be secured on the Internet, the Atos group liability cannot be triggered for the message content. Although the sender endeavours to maintain a computer virus-free network, the sender does not warrant that this transmission is virus-free and will not be liable for any damages resulting from any virus transmitted. Este mensaje y los ficheros adjuntos pueden contener informacion confidencial destinada solamente a la(s) persona(s) mencionadas anteriormente pueden estar protegidos por secreto profesional. Si usted recibe este correo electronico por error, gracias por informar inmediatamente al remitente y destruir el mensaje. Al no estar asegurada la integridad de este mensaje sobre la red, Atos no se hace responsable por su contenido. Su contenido no constituye ningun compromiso para el grupo Atos, salvo ratificacion escrita por ambas partes. Aunque se esfuerza al maximo por mantener su red libre de virus, el emisor no puede garantizar nada al respecto y no sera responsable de cualesquiera danos que puedan resultar de una transmision de virus. ------------------------------------------------------------------ ------------------------------------------------------------------ This e-mail and the documents attached are confidential and intended solely for the addressee; it may also be privileged. If you receive this e-mail in error, please notify the sender immediately and destroy it. As its integrity cannot be secured on the Internet, the Atos group liability cannot be triggered for the message content. Although the sender endeavours to maintain a computer virus-free network, the sender does not warrant that this transmission is virus-free and will not be liable for any damages resulting from any virus transmitted. Este mensaje y los ficheros adjuntos pueden contener informacion confidencial destinada solamente a la(s) persona(s) mencionadas anteriormente pueden estar protegidos por secreto profesional. Si usted recibe este correo electronico por error, gracias por informar inmediatamente al remitente y destruir el mensaje. Al no estar asegurada la integridad de este mensaje sobre la red, Atos no se hace responsable por su contenido. Su contenido no constituye ningun compromiso para el grupo Atos, salvo ratificacion escrita por ambas partes. Aunque se esfuerza al maximo por mantener su red libre de virus, el emisor no puede garantizar nada al respecto y no sera responsable de cualesquiera danos que puedan resultar de una transmision de virus. ------------------------------------------------------------------ ------------------------------------------------------------------ This e-mail and the documents attached are confidential and intended solely for the addressee; it may also be privileged. If you receive this e-mail in error, please notify the sender immediately and destroy it. As its integrity cannot be secured on the Internet, the Atos group liability cannot be triggered for the message content. Although the sender endeavours to maintain a computer virus-free network, the sender does not warrant that this transmission is virus-free and will not be liable for any damages resulting from any virus transmitted. Este mensaje y los ficheros adjuntos pueden contener informacion confidencial destinada solamente a la(s) persona(s) mencionadas anteriormente pueden estar protegidos por secreto profesional. Si usted recibe este correo electronico por error, gracias por informar inmediatamente al remitente y destruir el mensaje. Al no estar asegurada la integridad de este mensaje sobre la red, Atos no se hace responsable por su contenido. Su contenido no constituye ningun compromiso para el grupo Atos, salvo ratificacion escrita por ambas partes. Aunque se esfuerza al maximo por mantener su red libre de virus, el emisor no puede garantizar nada al respecto y no sera responsable de cualesquiera danos que puedan resultar de una transmision de virus. ------------------------------------------------------------------ -- ---------------------------------------------------------------------- _/ _/_/ Miguel Carrillo Pacheco _/ _/ _/ _/ Telef?nica Distrito C _/ _/_/_/ _/ _/ Investigaci?n y Edifico Oeste 1, Planta 5 _/ _/ _/ _/ Desarrollo Ronda de la Comunicaci?n S/N _/ _/_/ Madrid 28050 (Spain) Tel: (+34) 91 483 26 77 e-mail: mcp at tid.es ---------------------------------------------------------------------- ________________________________ Este mensaje se dirige exclusivamente a su destinatario. Puede consultar nuestra pol?tica de env?o y recepci?n de correo electr?nico en el enlace situado m?s abajo. This message is intended exclusively for its addressee. We only send and receive email on the basis of the terms set out at. http://www.tid.es/ES/PAGINAS/disclaimer.aspx -------------- next part -------------- An HTML attachment was scrubbed... URL: From antonio.garcia at atosresearch.eu Fri Dec 9 15:13:59 2011 From: antonio.garcia at atosresearch.eu (Antonio Garcia Vazquez) Date: Fri, 9 Dec 2011 15:13:59 +0100 Subject: [Fiware-security] FI-WARE - Security Message-ID: <8E18929A6C79354FB4BD9BD4636DCB06288A5F@INTMAIL03.es.int.atosorigin.com> Pascal, My report on Sprint 1 & 2 Tasks: 1) Sprint 1: FIWARE.Work-Items.Security.Context-based security and compliance.USDL-SEC Definition The main objectives of this work-Item were: - Define the roadmap to develop the USDL-SEC language - Define the starting point and evolution of USDL-SEC taking as reference the work already done by both The USDL W3C Incubator group and FI-WARE WP3. A power point with this results has been uploaded as an attachment in the tracker. 2) Sprint 2: FIWARE.Work-Items.Security.Context-based security and compliance.USDL-SEC Features Under this tracker we are going to work on the analysis and description of the different features offered by the different GE in order to work towards the identification of the language vocabulary Regarding to this also tell you that I can't change the state of any tracker from "open" to "under execution" or "closed"; so Sprint 1 and sprint 2 trackers are both listed as open instead of close (Sprint 1) and under execution (Sprint 2). Do you know if could be a rights problem? Could you change their states for me? Thanks and Best Regards. ************************************ * Antonio Garc?a-V?zquez * * (+34) 91 214 9384 * * antonio.garcia at atosresearch.eu * ************************************ From: fiware-security-bounces at lists.fi-ware.eu [mailto:fiware-security-bounces at lists.fi-ware.eu] On Behalf Of BISSON Pascal Sent: lunes, 05 de diciembre de 2011 10:57 To: fiware-security at lists.fi-ware.eu Subject: [Fiware-security] FI-WARE - Security Dear All, This just to confirm our next audio conf of Friday 9/12 (10am-12am). At this audio conf we will address the following items: Report on Sprint 1 outcomes per task and per GE (please task leaders prepare and distribute prior to our audio conf a short textual report on Sprint1. To be reviewed at our audio and them uploaded on the WP8 internal repository), a. Also update the status of work items you had for sprint 1 accordingly (closed vs still under execution) 2. 2. Report per task and per GE work items and user stories planned to be addressing during the Second sprint (December). Once more I need here from each of the task leads a short textual description of what a. Bear in mind Sprint 2 items should somehow also reflect things we are now engaged in (i.e. Architecture spec., Open Calls, ...) 3. Report on progress regarding tickets issued and by the UC and which have been assigned. 4. M9 Deliverable - Architecture Specifications (will discuss our approach to it) 5. Open Calls a. n lang=EN-US>Need here a short but sound textual description for each of the items which have been proposed (in order to have them reviewed and further discussed) b. Count here on each of the Task leads/GE Owners topics proposers to come once more with such a textual description at our meeting (...) 6. WP8 Meeting (set the date of next Physical meeting) 7. Other topics (M12 deliverables, ...) Counting on you all to be present at our audio conf on Friday being said we have important topics to be discussed there. Don't forget to also perform preparatory actions requested to make our audio conf effective/efficient. Thanks in advance and talk with you there. Best Regards, Pascal ------------------------------------------------------------------ This e-mail and the documents attached are confidential and intended solely for the addressee; it may also be privileged. If you receive this e-mail in error, please notify the sender immediately and destroy it. As its integrity cannot be secured on the Internet, the Atos group liability cannot be triggered for the message content. Although the sender endeavours to maintain a computer virus-free network, the sender does not warrant that this transmission is virus-free and will not be liable for any damages resulting from any virus transmitted. Este mensaje y los ficheros adjuntos pueden contener informacion confidencial destinada solamente a la(s) persona(s) mencionadas anteriormente pueden estar protegidos por secreto profesional. Si usted recibe este correo electronico por error, gracias por informar inmediatamente al remitente y destruir el mensaje. Al no estar asegurada la integridad de este mensaje sobre la red, Atos no se hace responsable por su contenido. Su contenido no constituye ningun compromiso para el grupo Atos, salvo ratificacion escrita por ambas partes. Aunque se esfuerza al maximo por mantener su red libre de virus, el emisor no puede garantizar nada al respecto y no sera responsable de cualesquiera danos que puedan resultar de una transmision de virus. ------------------------------------------------------------------ -------------- next part -------------- An HTML attachment was scrubbed... URL: From robert.seidl at nsn.com Fri Dec 9 16:30:26 2011 From: robert.seidl at nsn.com (Seidl, Robert (NSN - DE/Munich)) Date: Fri, 9 Dec 2011 16:30:26 +0100 Subject: [Fiware-security] FI-WARE - Security In-Reply-To: A<8E18929A6C79354FB4BD9BD4636DCB06288A5F@INTMAIL03.es.int.atosorigin.com> References: A<8E18929A6C79354FB4BD9BD4636DCB06288A5F@INTMAIL03.es.int.atosorigin.com> Message-ID: <9739B018F0466A4CAB10A9DABBEBF5A64B9DD3@DEMUEXC027.nsn-intra.net> And here for T8.2: Sprint1 (November): Content of this Sprint is to derive user stories and features from the identified epics (2 epics for Identity Generic Enabler and 3 epics for Privacy Generic Enabler). This activity is still ongoing and will be finalized by end of week 50. Sprint2 (Dezember): In this sprint we will start the definition of the interfaces and api's. Here we will concentrate mainly on the following tasks: ? Consolidate the specifications related to the design of the Protocols and Interfaces between the PPL engine and the Credential Based AC/Idmix Service ? Design of the Protocols and Interfaces between the PPL engine and the Credential Based AC/Idemix Service ? Design of the interface and protocol between IDM and Idemix In total this activity will last until end of January, meaning that it will cover as well sprint3. Greetings Robert From: fiware-security-bounces at lists.fi-ware.eu [mailto:fiware-security-bounces at lists.fi-ware.eu] On Behalf Of ext Antonio Garcia Vazquez Sent: Friday, December 09, 2011 3:14 PM To: BISSON Pascal Cc: fiware-security at lists.fi-ware.eu Subject: Re: [Fiware-security] FI-WARE - Security Pascal, My report on Sprint 1 & 2 Tasks: 1) Sprint 1: FIWARE.Work-Items.Security.Context-based security and compliance.USDL-SEC Definition The main objectives of this work-Item were: - Define the roadmap to develop the USDL-SEC language - Define the starting point and evolution of USDL-SEC taking as reference the work already done by both The USDL W3C Incubator group and FI-WARE WP3. A power point with this results has been uploaded as an attachment in the tracker. 2) Sprint 2: FIWARE.Work-Items.Security.Context-based security and compliance.USDL-SEC Features Under this tracker we are going to work on the analysis and description of the different features offered by the different GE in order to work towards the identification of the language vocabulary Regarding to this also tell you that I can't change the state of any tracker from "open" to "under execution" or "closed"; so Sprint 1 and sprint 2 trackers are both listed as open instead of close (Sprint 1) and under execution (Sprint 2). Do you know if could be a rights problem? Could you change their states for me? Thanks and Best Regards. ************************************ * Antonio Garc?a-V?zquez * * (+34) 91 214 9384 * * antonio.garcia at atosresearch.eu * ************************************ From: fiware-security-bounces at lists.fi-ware.eu [mailto:fiware-security-bounces at lists.fi-ware.eu] On Behalf Of BISSON Pascal Sent: lunes, 05 de diciembre de 2011 10:57 To: fiware-security at lists.fi-ware.eu Subject: [Fiware-security] FI-WARE - Security Dear All, This just to confirm our next audio conf of Friday 9/12 (10am-12am). At this audio conf we will address the following items: Report on Sprint 1 outcomes per task and per GE (please task leaders prepare and distribute prior to our audio conf a short textual report on Sprint1. To be reviewed at our audio and them uploaded on the WP8 internal repository), a. Also update the status of work items you had for sprint 1 accordingly (closed vs still under execution) 2. 2. Report per task and per GE work items and user stories planned to be addressing during the Second sprint (December). Once more I need here from each of the task leads a short textual description of what a. Bear in mind Sprint 2 items should somehow also reflect things we are now engaged in (i.e. Architecture spec., Open Calls, ...) 3. Report on progress regarding tickets issued and by the UC and which have been assigned. 4. M9 Deliverable - Architecture Specifications (will discuss our approach to it) 5. Open Calls a. n lang=EN-US>Need here a short but sound textual description for each of the items which have been proposed (in order to have them reviewed and further discussed) b. Count here on each of the Task leads/GE Owners topics proposers to come once more with such a textual description at our meeting (...) 6. WP8 Meeting (set the date of next Physical meeting) 7. Other topics (M12 deliverables, ...) Counting on you all to be present at our audio conf on Friday being said we have important topics to be discussed there. Don't forget to also perform preparatory actions requested to make our audio conf effective/efficient. Thanks in advance and talk with you there. Best Regards, Pascal ------------------------------------------------------------------ This e-mail and the documents attached are confidential and intended solely for the addressee; it may also be privileged. If you receive this e-mail in error, please notify the sender immediately and destroy it. As its integrity cannot be secured on the Internet, the Atos group liability cannot be triggered for the message content. Although the sender endeavours to maintain a computer virus-free network, the sender does not warrant that this transmission is virus-free and will not be liable for any damages resulting from any virus transmitted. Este mensaje y los ficheros adjuntos pueden contener informacion confidencial destinada solamente a la(s) persona(s) mencionadas anteriormente pueden estar protegidos por secreto profesional. Si usted recibe este correo electronico por error, gracias por informar inmediatamente al remitente y destruir el mensaje. Al no estar asegurada la integridad de este mensaje sobre la red, Atos no se hace responsable por su contenido. Su contenido no constituye ningun compromiso para el grupo Atos, salvo ratificacion escrita por ambas partes. Aunque se esfuerza al maximo por mantener su red libre de virus, el emisor no puede garantizar nada al respecto y no sera responsable de cualesquiera danos que puedan resultar de una transmision de virus. ------------------------------------------------------------------ -------------- next part -------------- An HTML attachment was scrubbed... URL: From francesco.di.cerbo at sap.com Mon Dec 12 14:32:30 2011 From: francesco.di.cerbo at sap.com (DI CERBO, Francesco) Date: Mon, 12 Dec 2011 14:32:30 +0100 Subject: [Fiware-security] Analysis on use case projects + new open call topic for T8.4? Message-ID: <71C0C7C7A712EE4CA636EDFD663B4E2703687DE77E@DEWDFECCR09.wdf.sap.corp> Dear all, Please find here attached a new iteration on the security tickets. We provided some more information, on PPL engine and on T8.4 topics. With this respect, we found that 4 epics are actually related to the same topic (encrypted communication system), and as this is not covered by any asset currently available, we thought to add an open call topic. In an email later on today, I shall write the description as requested by Pascal last Friday. Best regards, Francesco ___ Francesco Di Cerbo, PhD SAP Labs France 805, avenue Maurice Donat Font de l'Orme BP 1216 06250 Mougins Cedex France Tel. +33 4 92 28 64 45 e-mail: Francesco.Di.Cerbo at sap.com -------------- next part -------------- A non-text attachment was scrubbed... Name: FI-WARE Security tickets_SAP_v3.xls Type: application/vnd.ms-excel Size: 96256 bytes Desc: FI-WARE Security tickets_SAP_v3.xls URL: From pascal.bisson at thalesgroup.com Mon Dec 12 17:35:39 2011 From: pascal.bisson at thalesgroup.com (BISSON Pascal) Date: Mon, 12 Dec 2011 17:35:39 +0100 Subject: [Fiware-security] TR: FI-WARE - Security Message-ID: <27426_1323707743_4EE62D5F_27426_453_1_73151378-f5eb-4c19-8e3f-0558c5938ff0@THSONEA01HUB01P.one.grp> Dear All, Find hereafter the minutes of last Friday audio on WP8 : ? Report on Sprint 1 o AP: each of the task lead/GE owners to send WPL/WPA with their report (textual) on Sprint 1 (also update status on the wiki of what was in scope (user-stories, work items) accordingly, ? Sprint 2 content description o AP: each of the task lead/GE owners to send WPL/WPA with a textual description of what was in scope of Sprint 2 (report any changes compared to what was announced) ? Reflect as much as you can ongoing work (spec. for M9, topics for 1st Open call, ...) ? Management of ticket coming from the UC projects o A number of tickets have been assigned by Pascal to Task leads/GE owners (up to them to re-assign them to member of their team to which the ticket/demand best fits). This was done according to comments received from Robert. Please other provide WPL/WPA also with your comments on the excel file which was distributed. ? AP: Pascal to monitor proper handling of the ticket and assign new ones ? AP: assignees to work on the ticket (contacting ticket issuer whenever appropriate) ? M9 Deliverable - Architecture Specifications (will discuss our approach to it) o AP for each and more specifically Task lead and GE owners to comment on the approach proposed by Juanjo to address M9 deliverable (architecture specifications). Provide comments and/or questions to be raised by Pascal/Daniel at next WPL/WPA audio. The sooner the better. Without any comment from your side we will assume you all agree and as such we would be committed to deliver the what it has been announced by CA. ? Topics for Open Calls o AP for anyone who would like to propose a topic for the 1st Open Call: ? To come up with description of that topic asap. Being said there would be on AB to discuss and select topics with UC projects on the 15th it is important to deliver your topic description by early next week (preferably 12/12/11 EOB). Topic without proper description would not be proposed and so discussed !! ? So far we have the following candidate topics for Sprint 1: o Policy editing and authoring support (T8.2 / Anja o Digital forensics for evidence (T8.1/Daniel) o Data Track (T8.2/Anja) ? AP: Topic proposer please fill in accordingly the excel file at the following address (and inform me once done) https://docs.google.com/spreadsheet/ccc?key=0AqGGeaQGro3fdHFLUXozQU9lem5rWVRBeS02czJmNlE ? WP8 meeting o We will use GA planned week 04 to meet and have a WP8 session there (also sessions with other WPs) ? APIs accompanying the GEs o AP for each of the GE owners (Daniel, Robert, Antonio, Slim) to provide an initial textual description prior to next audio conference. To set the scene and further engage with other ATs and UC projects. ? M12 deliverables o Not discussed at this audio ? Other topics o AP: T8.2 lead (Robert) to engage TRT-UK (Richard, Adrian) in the work initiated in Nice (for them to catch up on things and join the work). De : BISSON Pascal Envoy? : lundi 5 d?cembre 2011 10:57 ? : fiware-security at lists.fi-ware.eu Cc : BISSON Pascal; GIDOIN Daniel Objet : FI-WARE - Security Dear All, This just to confirm our next audio conf of Friday 9/12 (10am-12am). At this audio conf we will address the following items: 1. Report on Sprint 1 outcomes per task and per GE (please task leaders prepare and distribute prior to our audio conf a short textual report on Sprint1. To be reviewed at our audio and them uploaded on the WP8 internal repository), a. Also update the status of work items you had for sprint 1 accordingly (closed vs still under execution) 2. Report per task and per GE work items and user stories planned to be addressing during the Second sprint (December). Once more I need here from each of the task leads a short textual description of what a. Bear in mind Sprint 2 items should somehow also reflect things we are now engaged in (i.e. Architecture spec., Open Calls, ...) 3. Report on progress regarding tickets issued and by the UC and which have been assigned. 4. M9 Deliverable - Architecture Specifications (will discuss our approach to it) 5. Open Calls a. Need here a short but sound textual description for each of the items which have been proposed (in order to have them reviewed and further discussed) b. Count here on each of the Task leads/GE Owners topics proposers to come once more with such a textual description at our meeting (...) 6. WP8 Meeting (set the date of next Physical meeting) 7. Other topics (M12 deliverables, ...) Counting on you all to be present at our audio conf on Friday being said we have important topics to be discussed there. Don't forget to also perform preparatory actions requested to make our audio conf effective/efficient. Thanks in advance and talk with you there. Best Regards, Pascal -------------- next part -------------- An HTML attachment was scrubbed... URL: From francesco.di.cerbo at sap.com Mon Dec 12 18:45:30 2011 From: francesco.di.cerbo at sap.com (DI CERBO, Francesco) Date: Mon, 12 Dec 2011 18:45:30 +0100 Subject: [Fiware-security] Open Call topic for T8.4 Message-ID: <71C0C7C7A712EE4CA636EDFD663B4E2703688775D3@DEWDFECCR09.wdf.sap.corp> Dear Pascal, As previously announced, please find the description of the open call topic for T8.4. I noticed that in the minutes, you make a reference to a google doc spreadsheet. Just to test if I got it right: - we are supposed to mention the UC tickets that we analyzed there, copying the MoSCoW priority assigned by the requestor UC, AND expressing our final evaluation (using MoSCoW classification) to explain if and with which priority a ticket shall be accepted by us. Right? Questions: 1) each tab has a project name associated to it; in columns, however, there are also the name of all other UC projects: this is meant in case of joint requests by a number of UC projects? Or if we detect a cross-cutting problem/request, we can use those columns to make links among tickets? 2) how are we expressing if a ticket is covered just to a certain extent by a GE? For instance, how do we express if a ticket is covered at 50% by a GE? Thanks a lot for the clarification! Francesco _______ Title: Secure communication asset Description: The asset must support authenticated and encrypted communications between different actors, ensuring confidentiality and security to end points. The asset must work at application level as a proxy, and expose ReST and SOAP interfaces. The asset must support the identification of endpoints simply using cryptographic tools, i.e., a pair public-private RSA keys, but not limited to it. It must provide an encryption/decryption API, and support at least the following encryption protocols: DES, AES, RSA, TEA, SHA-0 and SHA-1. UC requests covered by the asset: INSTANMOBILITY.Epic.Security.SecureTransaction https://forge.fi-ware.eu/tracker/index.php?func=detail&aid=362&group_id=7&atid=163 (even if some more explanations could be asked, to ensure that they are really interested to application-level security) OUTSMART.Epic.Security.EncryptedCommunications https://forge.fi-ware.eu/tracker/index.php?func=detail&aid=474&group_id=7&atid=163 ___ Francesco Di Cerbo, PhD SAP Labs France 805, avenue Maurice Donat Font de l'Orme BP 1216 06250 Mougins Cedex France Tel. +33 4 92 28 64 45 e-mail: Francesco.Di.Cerbo at sap.com From francesco.di.cerbo at sap.com Mon Dec 12 18:49:25 2011 From: francesco.di.cerbo at sap.com (DI CERBO, Francesco) Date: Mon, 12 Dec 2011 18:49:25 +0100 Subject: [Fiware-security] extension for workshop submission CYBER SECURITY & PRIVACY EU FORUM 2012 Message-ID: <71C0C7C7A712EE4CA636EDFD663B4E2703688775DE@DEWDFECCR09.wdf.sap.corp> Hello everyone, Michele told me that we can have a few days more for submitting our proposal. But we shall be as quick as possible! Best Francesco ___ Francesco Di Cerbo, PhD SAP Labs France 805, avenue Maurice Donat Font de l'Orme BP 1216 06250 Mougins Cedex France Tel. +33 4 92 28 64 45 e-mail: Francesco.Di.Cerbo at sap.com From pascal.bisson at thalesgroup.com Tue Dec 13 13:27:30 2011 From: pascal.bisson at thalesgroup.com (BISSON Pascal) Date: Tue, 13 Dec 2011 13:27:30 +0100 Subject: [Fiware-security] TR: Topic for Open 1st Call Message-ID: <19338_1323779254_4EE744B6_19338_18472_1_25114ac4-3591-434b-b41a-6942da9768a0@THSONEA01HUB04P.one.grp> Dear Task leads/GE owners, It appears that a Google spreadsheet has been put in place to advertise on candidate topics FI-WARE is proposing for Call 1. This document is shared with UC projects that have or would also have their own candidate topics for each of our calls. The topics present in this shared Google spreadsheet would be the ones presented and discussed at the AB meeting that would take place on Dec 15. For those of you who have candidate topics ready for call 1 please put them in the same way we did for the digital forensics for evidence topics Daniel and I added there. Drop me and Daniel an email once done. Please notice that for the time being there are more topics coming from UC projects which have been proposed rather than from FI-WARE which is a good sign to give to UC Project with respect to Open Call (at least first one) but in the meantime we should come up with some from FI-WARE side. That's side it is important as we agreed to propose from our Security side a few (hot/burning) topics. The other topics will go to the second Open Call. Regards, Pascal De : BISSON Pascal Envoy? : mardi 13 d?cembre 2011 12:51 ? : 'Juanjo Hierro' Cc : BISSON Pascal; GIDOIN Daniel Objet : Topic for Open 1st Call Hi Juajno, I added a topic on Digital Forensic for evidence in scope of task T8.1 and GE attached. https://docs.google.com/spreadsheet/ccc?key=0AqGGeaQGro3fdHFLUXozQU9lem5rWVRBeS02czJmNlE#gid=1 please have a look and provide me and Daniel with feedback. If more is requested please let us know. In the meantime I found the file a little bit sparse especially for what concerns FI-WARE topics for first open call which worries me a little bit. How much topics do you expect coming from FI-WARE for this first Open Call ? BTW could you please remind me the budget for now the three Open Calls ? Hearing from you and many thanks in advance fro your feedback. Regards, Pascal PS: From our WP8 side we should have two more topics from open call coming from Core GE in scope of T8.2 (the topics I reported already at the review meeting). -------------- next part -------------- An HTML attachment was scrubbed... URL: From antonio.garcia at atosresearch.eu Tue Dec 13 18:37:33 2011 From: antonio.garcia at atosresearch.eu (Antonio Garcia Vazquez) Date: Tue, 13 Dec 2011 18:37:33 +0100 Subject: [Fiware-security] Topic for Open 1st Call In-Reply-To: <19338_1323779254_4EE744B6_19338_18472_1_25114ac4-3591-434b-b41a-6942da9768a0@THSONEA01HUB04P.one.grp> References: <19338_1323779254_4EE744B6_19338_18472_1_25114ac4-3591-434b-b41a-6942da9768a0@THSONEA01HUB04P.one.grp> Message-ID: <8E18929A6C79354FB4BD9BD4636DCB062E8AEF@INTMAIL03.es.int.atosorigin.com> Pascal, As I've told you last month I've two topics that could be addressed in the context of Task 8.3 The fact is that their features could be covered by Compliance Governance Dashboard & CRLT Thales assets but I don't know if we unfortunately will have to reject them because they still have some open issues: - CRLT : Its IPR details are not clear at this moment. Daniel is still waiting an answer from Tilburg about this (Ref wiki asset description: https://forge.fi-ware.eu/plugins/mediawiki/wiki/fiware/index.php/CRLT_Compliance_Request_Language_Tools) - Governance Dashboard: Its IPR details addresses to its Web page, but the Web is not available anymore. (Ref wiki asset description: https://forge.fi-ware.eu/plugins/mediawiki/wiki/fiware/index.php/Compliance_Governance_Dashboard) @Daniel: Do you have additional information about them? If you and Daniel are agree with me we could wait till the second call for their publication in the case we are not able to solve these problems The topics to be published would be 1) Monitor system ( FIWARE.Epic.Security.Context-based security and compliance.Monitoring ): This GE component will analyze context and status information from the End-User environment and will check security solution's performance level by comparing the obtained information with the compliance conditions PRRS framework had previously sent; on a noncompliance situation monitoring systems should trigger PRRS framework sending the signal previously defined in the set of rules received. As an additional feature Monitoring services will have the capability to produce periodical reports to get expert users the possibility of produce performance and other statistical analysis Note: In the case we could get the IPR details on time this component should be covered by Runtime compliance monitoring system from CRLT asset and from Governance Dashboard asset. 2) Rule repository ( FIWARE.Epic.Security.Context-based security and compliance.Rules ): This GE component will be in charge of managing the applicable set of rules that will determinate the compliance situation of an end user context. It will allow storing and managing compliance requirements and relevant specifics at various abstraction levels as well as give the possibility of checking end-to-end business processes for compliance against the set of applicable constraints during design-time as well as will also signal PRRS framework when a rule is changed. Note: In the case we could get the IPR details on time this component should be covered by Compliance requirements manager, Compliance rule modeler and Design-time compliance verification manager from CRLT asset. Additionally Fragmento asset will also should be integrated with this component to give the component reuse of already defined rules capabilities Best Regards ************************************ * Antonio Garc?a-V?zquez * * (+34) 91 214 9384 * * antonio.garcia at atosresearch.eu * ************************************ From: BISSON Pascal [mailto:pascal.bisson at thalesgroup.com] Sent: martes, 13 de diciembre de 2011 13:28 To: Seidl, Robert (NSN - DE/Munich); TRABELSI, Slim; Antonio Garcia Vazquez Cc: DI CERBO, Francesco; ext Anja Lehmann; GIDOIN Daniel; BISSON Pascal; fiware-security at lists.fi-ware.eu Subject: TR: Topic for Open 1st Call Dear Task leads/GE owners, It appears that a Google spreadsheet has been put in place to advertise on candidate topics FI-WARE is proposing for Call 1. This document is shared with UC projects that have or would also have their own candidate topics for each of our calls. The topics present in this shared Google spreadsheet would be the ones presented and discussed at the AB meeting that would take place on Dec 15. For those of you who have candidate topics ready for call 1 please put them in the same way we did for the digital forensics for evidence topics Daniel and I added there. Drop me and Daniel an email once done. Please notice that for the time being there are more topics coming from UC projects which have been proposed rather than from FI-WARE which is a good sign to give to UC Project with respect to Open Call (at least first one) but in the meantime we should come up with some from FI-WARE side. That's side it is important as we agreed to propose from our Security side a few (hot/burning) topics. The other topics will go to the second Open Call. Regards, Pascal De : BISSON Pascal Envoy? : mardi 13 d?cembre 2011 12:51 ? : 'Juanjo Hierro' Cc : BISSON Pascal; GIDOIN Daniel Objet : Topic for Open 1st Call Hi Juajno, I added a topic on Digital Forensic for evidence in scope of task T8.1 and GE attached. https://docs.google.com/spreadsheet/ccc?key=0AqGGeaQGro3fdHFLUXozQU9lem5rWVRBeS02czJmNlE#gid=1 please have a look and provide me and Daniel with feedback. If more is requested please let us know. In the meantime I found the file a little bit sparse especially for what concerns FI-WARE topics for first open call which worries me a little bit. How much topics do you expect coming from FI-WARE for this first Open Call ? BTW could you please remind me the budget for now the three Open Calls ? Hearing from you and many thanks in advance fro your feedback. Regards, Pascal PS: From our WP8 side we should have two more topics from open call coming from Core GE in scope of T8.2 (the topics I reported already at the review meeting). ------------------------------------------------------------------ This e-mail and the documents attached are confidential and intended solely for the addressee; it may also be privileged. If you receive this e-mail in error, please notify the sender immediately and destroy it. As its integrity cannot be secured on the Internet, the Atos group liability cannot be triggered for the message content. Although the sender endeavours to maintain a computer virus-free network, the sender does not warrant that this transmission is virus-free and will not be liable for any damages resulting from any virus transmitted. Este mensaje y los ficheros adjuntos pueden contener informacion confidencial destinada solamente a la(s) persona(s) mencionadas anteriormente pueden estar protegidos por secreto profesional. Si usted recibe este correo electronico por error, gracias por informar inmediatamente al remitente y destruir el mensaje. Al no estar asegurada la integridad de este mensaje sobre la red, Atos no se hace responsable por su contenido. Su contenido no constituye ningun compromiso para el grupo Atos, salvo ratificacion escrita por ambas partes. Aunque se esfuerza al maximo por mantener su red libre de virus, el emisor no puede garantizar nada al respecto y no sera responsable de cualesquiera danos que puedan resultar de una transmision de virus. ------------------------------------------------------------------ -------------- next part -------------- An HTML attachment was scrubbed... URL: From pascal.bisson at thalesgroup.com Tue Dec 13 18:40:19 2011 From: pascal.bisson at thalesgroup.com (BISSON Pascal) Date: Tue, 13 Dec 2011 18:40:19 +0100 Subject: [Fiware-security] Topic for Open 1st Call In-Reply-To: <8E18929A6C79354FB4BD9BD4636DCB062E8AEF@INTMAIL03.es.int.atosorigin.com> References: <19338_1323779254_4EE744B6_19338_18472_1_25114ac4-3591-434b-b41a-6942da9768a0@THSONEA01HUB04P.one.grp> <8E18929A6C79354FB4BD9BD4636DCB062E8AEF@INTMAIL03.es.int.atosorigin.com> Message-ID: <30368_1323798023_4EE78E07_30368_146_1_b3dd6556-0d2d-44cb-992c-7ca719b9dafc@THSONEA01HUB04P.one.grp> Thanks Antonio. And yes as discussed and agreed at our last audio conference we can wait till the second Open Call to present the 2 topics you briefly introduced hereafter. Regards, Pascal De : Antonio Garcia Vazquez [mailto:antonio.garcia at atosresearch.eu] Envoy? : mardi 13 d?cembre 2011 18:38 ? : BISSON Pascal; Seidl, Robert (NSN - DE/Munich); TRABELSI, Slim; DI CERBO, Francesco; ext Anja Lehmann; GIDOIN Daniel Cc : fiware-security at lists.fi-ware.eu Objet : RE: Topic for Open 1st Call Pascal, As I've told you last month I've two topics that could be addressed in the context of Task 8.3 The fact is that their features could be covered by Compliance Governance Dashboard & CRLT Thales assets but I don't know if we unfortunately will have to reject them because they still have some open issues: - CRLT : Its IPR details are not clear at this moment. Daniel is still waiting an answer from Tilburg about this (Ref wiki asset description: https://forge.fi-ware.eu/plugins/mediawiki/wiki/fiware/index.php/CRLT_Compliance_Request_Language_Tools) - Governance Dashboard: Its IPR details addresses to its Web page, but the Web is not available anymore. (Ref wiki asset description: https://forge.fi-ware.eu/plugins/mediawiki/wiki/fiware/index.php/Compliance_Governance_Dashboard) @Daniel: Do you have additional information about them? If you and Daniel are agree with me we could wait till the second call for their publication in the case we are not able to solve these problems The topics to be published would be 1) Monitor system ( FIWARE.Epic.Security.Context-based security and compliance.Monitoring ): This GE component will analyze context and status information from the End-User environment and will check security solution's performance level by comparing the obtained information with the compliance conditions PRRS framework had previously sent; on a noncompliance situation monitoring systems should trigger PRRS framework sending the signal previously defined in the set of rules received. As an additional feature Monitoring services will have the capability to produce periodical reports to get expert users the possibility of produce performance and other statistical analysis Note: In the case we could get the IPR details on time this component should be covered by Runtime compliance monitoring system from CRLT asset and from Governance Dashboard asset. 2) Rule repository ( FIWARE.Epic.Security.Context-based security and compliance.Rules ): This GE component will be in charge of managing the applicable set of rules that will determinate the compliance situation of an end user context. It will allow storing and managing compliance requirements and relevant specifics at various abstraction levels as well as give the possibility of checking end-to-end business processes for compliance against the set of applicable constraints during design-time as well as will also signal PRRS framework when a rule is changed. Note: In the case we could get the IPR details on time this component should be covered by Compliance requirements manager, Compliance rule modeler and Design-time compliance verification manager from CRLT asset. Additionally Fragmento asset will also should be integrated with this component to give the component reuse of already defined rules capabilities Best Regards ************************************ * Antonio Garc?a-V?zquez * * (+34) 91 214 9384 * * antonio.garcia at atosresearch.eu * ************************************ From: BISSON Pascal [mailto:pascal.bisson at thalesgroup.com] Sent: martes, 13 de diciembre de 2011 13:28 To: Seidl, Robert (NSN - DE/Munich); TRABELSI, Slim; Antonio Garcia Vazquez Cc: DI CERBO, Francesco; ext Anja Lehmann; GIDOIN Daniel; BISSON Pascal; fiware-security at lists.fi-ware.eu Subject: TR: Topic for Open 1st Call Dear Task leads/GE owners, It appears that a Google spreadsheet has been put in place to advertise on candidate topics FI-WARE is proposing for Call 1. This document is shared with UC projects that have or would also have their own candidate topics for each of our calls. The topics present in this shared Google spreadsheet would be the ones presented and discussed at the AB meeting that would take place on Dec 15. For those of you who have candidate topics ready for call 1 please put them in the same way we did for the digital forensics for evidence topics Daniel and I added there. Drop me and Daniel an email once done. Please notice that for the time being there are more topics coming from UC projects which have been proposed rather than from FI-WARE which is a good sign to give to UC Project with respect to Open Call (at least first one) but in the meantime we should come up with some from FI-WARE side. That's side it is important as we agreed to propose from our Security side a few (hot/burning) topics. The other topics will go to the second Open Call. Regards, Pascal De : BISSON Pascal Envoy? : mardi 13 d?cembre 2011 12:51 ? : 'Juanjo Hierro' Cc : BISSON Pascal; GIDOIN Daniel Objet : Topic for Open 1st Call Hi Juajno, I added a topic on Digital Forensic for evidence in scope of task T8.1 and GE attached. https://docs.google.com/spreadsheet/ccc?key=0AqGGeaQGro3fdHFLUXozQU9lem5rWVRBeS02czJmNlE#gid=1 please have a look and provide me and Daniel with feedback. If more is requested please let us know. In the meantime I found the file a little bit sparse especially for what concerns FI-WARE topics for first open call which worries me a little bit. How much topics do you expect coming from FI-WARE for this first Open Call ? BTW could you please remind me the budget for now the three Open Calls ? Hearing from you and many thanks in advance fro your feedback. Regards, Pascal PS: From our WP8 side we should have two more topics from open call coming from Core GE in scope of T8.2 (the topics I reported already at the review meeting). ------------------------------------------------------------------ This e-mail and the documents attached are confidential and intended solely for the addressee; it may also be privileged. If you receive this e-mail in error, please notify the sender immediately and destroy it. As its integrity cannot be secured on the Internet, the Atos group liability cannot be triggered for the message content. Although the sender endeavours to maintain a computer virus-free network, the sender does not warrant that this transmission is virus-free and will not be liable for any damages resulting from any virus transmitted. Este mensaje y los ficheros adjuntos pueden contener informacion confidencial destinada solamente a la(s) persona(s) mencionadas anteriormente pueden estar protegidos por secreto profesional. Si usted recibe este correo electronico por error, gracias por informar inmediatamente al remitente y destruir el mensaje. Al no estar asegurada la integridad de este mensaje sobre la red, Atos no se hace responsable por su contenido. Su contenido no constituye ningun compromiso para el grupo Atos, salvo ratificacion escrita por ambas partes. Aunque se esfuerza al maximo por mantener su red libre de virus, el emisor no puede garantizar nada al respecto y no sera responsable de cualesquiera danos que puedan resultar de una transmision de virus. ------------------------------------------------------------------ -------------- next part -------------- An HTML attachment was scrubbed... URL: From pascal.bisson at thalesgroup.com Tue Dec 13 20:04:23 2011 From: pascal.bisson at thalesgroup.com (BISSON Pascal) Date: Tue, 13 Dec 2011 20:04:23 +0100 Subject: [Fiware-security] FI-WARE WP8 - Audio conf 16/12 (Cancelled) Message-ID: <30368_1323803066_4EE7A1BA_30368_2605_1_958618a9-db52-40de-aaa5-a6324ab69c0a@THSONEA01HUB02P.one.grp> Dear All, This just to let you know that I'm forced to cancel our WP8 audio conf this WE due to another meeting I have now to attend. Apologize for the inconvenience. Best Regards, Pascal -------------- next part -------------- An HTML attachment was scrubbed... URL: From anj at zurich.ibm.com Wed Dec 14 18:40:08 2011 From: anj at zurich.ibm.com (Anja Lehmann) Date: Wed, 14 Dec 2011 18:40:08 +0100 Subject: [Fiware-security] Analysis on use case projects In-Reply-To: <71C0C7C7A712EE4CA636EDFD663B4E2703687DE77E@DEWDFECCR09.wdf.sap.corp> References: <71C0C7C7A712EE4CA636EDFD663B4E2703687DE77E@DEWDFECCR09.wdf.sap.corp> Message-ID: <4EE8DF78.30407@zurich.ibm.com> Hi Robert, hi all, I just added some comments for one of the use case projects related to the privacy GE/idemix. ciao, anja Am 12/12/2011 2:32 PM, schrieb DI CERBO, Francesco: > Dear all, > > Please find here attached a new iteration on the security tickets. We > provided some more information, on PPL engine and on T8.4 topics. > With this respect, we found that 4 epics are actually related to the > same topic (encrypted communication system), and as this is not > covered by any asset currently available, we thought to add an open > call topic. > > In an email later on today, I shall write the description as > requested by Pascal last Friday. > > Best regards, > > Francesco > > ___ > > Francesco Di Cerbo, PhD SAP Labs France 805, avenue Maurice Donat > Font de l'Orme BP 1216 06250 Mougins Cedex France Tel. +33 4 92 28 64 > 45 e-mail: Francesco.Di.Cerbo at sap.com > > > > > > _______________________________________________ Fiware-security > mailing list Fiware-security at lists.fi-ware.eu > http://lists.fi-ware.eu/listinfo/fiware-security -- Dr. Anja Lehmann IBM Research Zurich zurich.ibm.com/~anj tel: +41 44 724 8351 fax: +41 44 724 8953 -------------- next part -------------- A non-text attachment was scrubbed... Name: FI-WARE Security tickets_v4.xls Type: application/octet-stream Size: 53248 bytes Desc: not available URL: From pascal.bisson at thalesgroup.com Wed Dec 14 20:02:32 2011 From: pascal.bisson at thalesgroup.com (BISSON Pascal) Date: Wed, 14 Dec 2011 20:02:32 +0100 Subject: [Fiware-security] TR: [Fiware-wpl] IMPORTANT: Approach for Architecture Specification Deliverable Message-ID: <7037_1323889364_4EE8F2D4_7037_9458_1_d2c66b05-49f5-4314-adff-693a4a62d24c@THSONEA01HUB01P.one.grp> Dear All, I forwarded you this email some weeks ago for your information and feedback being said this is the approach promoted by our CA (Juanjo) for us to address M9 deliverable and deliver our input. Awaiting for your feedback on the proposed approach. Without feedback I will use you agree with what has been proposed. Hearing from you one way or another. Regards, Pascal PS: This mail also to answer your demand on the topic Anja . De : fiware-wpl-bounces at lists.fi-ware.eu [mailto:fiware-wpl-bounces at lists.fi-ware.eu] De la part de Juanjo Hierro Envoy? : mercredi 30 novembre 2011 15:39 ? : fiware-wpl at lists.fi-ware.eu; fiware-wpa at lists.fi-ware.eu Objet : [Fiware-wpl] IMPORTANT: Approach for Architecture Specification Deliverable Hi all, As you know, we have to start working on the Architecture Specifications, which is one of the deliverables that is due in month 9, that is, end of January. My intention is to adopt a pragmatic approach, trying to generate something that can be integrated as part of the GE Open Specifications that we have to produce by month 12. My vision is that all GE Open Specifications should start with a chapter where an overview of the envisioned Architecture for the GE is described. While style would be narrative, the description should be enough concrete, i.e., formulated over actual data type, interface and operation names and elaborating on the base interaction scenarios involving the different entities exporting the defined interfaces. Then, after that chapter, the detailed specification of all data types and interfaces with their operations, are provided (this including signature of operations and accurate description of expected behaviour linked to operations) Then, the Architecture Specification deliverable would be just the result of developing this overview chapter. But nothing better than an example, so let me use one taken from OMG's set of CORBA Services Specifications. Along my many years involved in different standardization efforts, I have found that OMG CORBA Service specs are rather comprehensive and close to what programmers (our ultimate customers!) love to see. Please find enclosed the CORBA Event Service Specifications. What I would then select as the Architecture description are the contents of the following sections: * The whole chapter 1 * Section 2.2 and 2.4 (which some people may have argued should have been included in chapter 1 :-) Note that anyone who reads the mentioned sections would get a CLEAR picture of what is the Architecture of the service and what are going to be the entities and interfaces/operations that will be supported in a compliant implementation. The conceptual and programming model would be also rather clear from a programmer's perspective. Therefore, rather valuable information for an application developer perspective which is what really should matter to us. A side benefit is that what will remain as pending regarding GE Open Specifications will be less, that is, the detailed specification of data types and interfaces/operations. One thing that we will have to define is the set of conventions that we should all follow whenever we need to draw any figure, like figures 1-x or 2-x. For this, Thomas and me will come soon to you with a proposal in short time. Please take your time to analyze this carefully and formulate any question you may have. From now on, I assume that you will start planning activities in Sprint 2 and 3 dealing with development of these specifications within each of your chapters. This may well take the form of Work Items in the tracker. Best regards, -- Juanjo ________________________________ Este mensaje se dirige exclusivamente a su destinatario. Puede consultar nuestra pol?tica de env?o y recepci?n de correo electr?nico en el enlace situado m?s abajo. This message is intended exclusively for its addressee. We only send and receive email on the basis of the terms set out at. http://www.tid.es/ES/PAGINAS/disclaimer.aspx -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: Event Service Specification 04-10-02.pdf Type: application/pdf Size: 515254 bytes Desc: Event Service Specification 04-10-02.pdf URL: -------------- next part -------------- An embedded and charset-unspecified text was scrubbed... Name: ATT00001.txt URL: From slim.trabelsi at sap.com Thu Dec 15 10:40:05 2011 From: slim.trabelsi at sap.com (TRABELSI, Slim) Date: Thu, 15 Dec 2011 10:40:05 +0100 Subject: [Fiware-security] TR: [Fiware-wpl] IMPORTANT: Approach for Architecture Specification Deliverable In-Reply-To: <7037_1323889364_4EE8F2D4_7037_9458_1_d2c66b05-49f5-4314-adff-693a4a62d24c@THSONEA01HUB01P.one.grp> References: <7037_1323889364_4EE8F2D4_7037_9458_1_d2c66b05-49f5-4314-adff-693a4a62d24c@THSONEA01HUB01P.one.grp> Message-ID: Hi Pascal, Why are we using an architecture specification model dedicated to CORBA. This middleware is now quite outdated and I'm not sure that this model will describe correctly SOA and cloud based architecture. But since I do not have any other specification model to recommend, my feedback would be neutral ! Thank you Best Slim ===================================== Dr Slim Trabelsi Researcher Security & Trust SAP Labs France 805, Avenue du Docteur Maurice Donat BP 1216 - 06254 Mougins Cedex, France T +33 4 92 28 63 45 M + 33 6 11 99 85 79 www.sap.com From: fiware-security-bounces at lists.fi-ware.eu [mailto:fiware-security-bounces at lists.fi-ware.eu] On Behalf Of BISSON Pascal Sent: mercredi 14 d?cembre 2011 20:03 To: fiware-security at lists.fi-ware.eu Subject: [Fiware-security] TR: [Fiware-wpl] IMPORTANT: Approach for Architecture Specification Deliverable Importance: High Dear All, I forwarded you this email some weeks ago for your information and feedback being said this is the approach promoted by our CA (Juanjo) for us to address M9 deliverable and deliver our input. Awaiting for your feedback on the proposed approach. Without feedback I will use you agree with what has been proposed. Hearing from you one way or another. Regards, Pascal PS: This mail also to answer your demand on the topic Anja . De : fiware-wpl-bounces at lists.fi-ware.eu [mailto:fiware-wpl-bounces at lists.fi-ware.eu] De la part de Juanjo Hierro Envoy? : mercredi 30 novembre 2011 15:39 ? : fiware-wpl at lists.fi-ware.eu; fiware-wpa at lists.fi-ware.eu Objet : [Fiware-wpl] IMPORTANT: Approach for Architecture Specification Deliverable Hi all, As you know, we have to start working on the Architecture Specifications, which is one of the deliverables that is due in month 9, that is, end of January. My intention is to adopt a pragmatic approach, trying to generate something that can be integrated as part of the GE Open Specifications that we have to produce by month 12. My vision is that all GE Open Specifications should start with a chapter where an overview of the envisioned Architecture for the GE is described. While style would be narrative, the description should be enough concrete, i.e., formulated over actual data type, interface and operation names and elaborating on the base interaction scenarios involving the different entities exporting the defined interfaces. Then, after that chapter, the detailed specification of all data types and interfaces with their operations, are provided (this including signature of operations and accurate description of expected behaviour linked to operations) Then, the Architecture Specification deliverable would be just the result of developing this overview chapter. But nothing better than an example, so let me use one taken from OMG's set of CORBA Services Specifications. Along my many years involved in different standardization efforts, I have found that OMG CORBA Service specs are rather comprehensive and close to what programmers (our ultimate customers!) love to see. Please find enclosed the CORBA Event Service Specifications. What I would then select as the Architecture description are the contents of the following sections: * The whole chapter 1 * Section 2.2 and 2.4 (which some people may have argued should have been included in chapter 1 :-) Note that anyone who reads the mentioned sections would get a CLEAR picture of what is the Architecture of the service and what are going to be the entities and interfaces/operations that will be supported in a compliant implementation. The conceptual and programming model would be also rather clear from a programmer's perspective. Therefore, rather valuable information for an application developer perspective which is what really should matter to us. A side benefit is that what will remain as pending regarding GE Open Specifications will be less, that is, the detailed specification of data types and interfaces/operations. One thing that we will have to define is the set of conventions that we should all follow whenever we need to draw any figure, like figures 1-x or 2-x. For this, Thomas and me will come soon to you with a proposal in short time. Please take your time to analyze this carefully and formulate any question you may have. From now on, I assume that you will start planning activities in Sprint 2 and 3 dealing with development of these specifications within each of your chapters. This may well take the form of Work Items in the tracker. Best regards, -- Juanjo ________________________________ Este mensaje se dirige exclusivamente a su destinatario. Puede consultar nuestra pol?tica de env?o y recepci?n de correo electr?nico en el enlace situado m?s abajo. This message is intended exclusively for its addressee. We only send and receive email on the basis of the terms set out at. http://www.tid.es/ES/PAGINAS/disclaimer.aspx -------------- next part -------------- An HTML attachment was scrubbed... URL: From Adrian.Waller at uk.thalesgroup.com Tue Dec 13 12:06:48 2011 From: Adrian.Waller at uk.thalesgroup.com (Waller, Adrian) Date: Tue, 13 Dec 2011 11:06:48 -0000 Subject: [Fiware-security] Open Call topic for T8.4 Message-ID: Dear Francesco, Looking at your description for the required asset and the spreadsheet you previousy sent, our Content Based Security asset already proposed for Task 8.4 (and which has backlog entries) would appear to meet the requirement. So, I don't think we need an Open Call on this. Regards, Adrian Dr. Adrian Waller CISSP Technical Consultant - Information Security Thales UK Thales Research and Technology (UK) Ltd., Worton Drive, Reading RG2 0SB, U.K. [www.thalesgroup.com/uk] Tel: ++44 118 923 8304 Fax: ++44 118 923 8399 e-mail: Adrian.Waller at thalesgroup.com > -----Original Message----- > From: fiware-security-bounces at lists.fi-ware.eu > [mailto:fiware-security-bounces at lists.fi-ware.eu] On Behalf > Of DI CERBO, Francesco > Sent: 12 December 2011 17:46 > To: BISSON Pascal > (pascal.bisson at thalesgroup.com) > Cc: fiware-security at lists.fi-ware.eu > Subject: [Fiware-security] Open Call topic for T8.4 > > Dear Pascal, > > As previously announced, please find the description of the > open call topic for T8.4. > > I noticed that in the minutes, you make a reference to a > google doc spreadsheet. Just to test if I got it right: > > - we are supposed to mention the UC tickets that we analyzed > there, copying the MoSCoW priority assigned by the requestor > UC, AND expressing our final evaluation (using MoSCoW > classification) to explain if and with which priority a > ticket shall be accepted by us. Right? > > Questions: > > 1) each tab has a project name associated to it; in columns, > however, there are also the name of all other UC projects: > this is meant in case of joint requests by a number of UC > projects? Or if we detect a cross-cutting problem/request, we > can use those columns to make links among tickets? > 2) how are we expressing if a ticket is covered just to a > certain extent by a GE? For instance, how do we express if a > ticket is covered at 50% by a GE? > > Thanks a lot for the clarification! > > Francesco > > _______ > > Title: Secure communication asset > > Description: The asset must support authenticated and > encrypted communications between different actors, ensuring > confidentiality and security to end points. The asset must > work at application level as a proxy, and expose ReST and > SOAP interfaces. The asset must support the identification of > endpoints simply using cryptographic tools, i.e., a pair > public-private RSA keys, but not limited to it. It must > provide an encryption/decryption API, and support at least > the following encryption protocols: DES, AES, RSA, TEA, SHA-0 > and SHA-1. > > UC requests covered by the asset: > INSTANMOBILITY.Epic.Security.SecureTransaction > https://forge.fi-ware.eu/tracker/index.php?func=detail&aid=362 > &group_id=7&atid=163 > > (even if some more explanations could be asked, to ensure > that they are really interested to application-level > security) OUTSMART.Epic.Security.EncryptedCommunications > https://forge.fi-ware.eu/tracker/index.php?func=detail&aid=474 > &group_id=7&atid=163 > > ___ > > Francesco Di Cerbo, PhD > SAP Labs France > 805, avenue Maurice Donat > Font de l'Orme > BP 1216 > 06250 Mougins Cedex > France > Tel. +33 4 92 28 64 45 > e-mail: Francesco.Di.Cerbo at sap.com > > > _______________________________________________ > Fiware-security mailing list > Fiware-security at lists.fi-ware.eu > http://lists.fi-ware.eu/listinfo/fiware-security > Please consider the environment before printing a hard copy of this e-mail. The information contained in this e-mail is confidential. It is intended only for the stated addressee(s) and access to it by any other person is unauthorised. If you are not an addressee, you must not disclose, copy, circulate or in any other way use or rely on the information contained in this e-mail. Such unauthorised use may be unlawful. If you have received this e-mail in error, please inform us immediately on +44 (0)118 986 8601 and delete it and all copies from your system. Thales Research and Technology (UK) Limited. A company registered in England and Wales. Registered Office: 2 Dashwood Lang Road, The Bourne Business Park, Addlestone, Weybridge, Surrey KT15 2NX. Registered Number: 774298 Thales UK Limited. A company registered in England and Wales. Registered Office: 2 Dashwood Lang Road, The Bourne Business Park, Addlestone, Weybridge, Surrey KT15 2NX. Registered Number: 868273 -------------- next part -------------- A non-text attachment was scrubbed... Name: PPP_FIWARE_ASSETS_Description of the Optional Security Assets.docx Type: application/octet-stream Size: 19126 bytes Desc: not available URL: From Adrian.Waller at uk.thalesgroup.com Tue Dec 13 12:31:56 2011 From: Adrian.Waller at uk.thalesgroup.com (Waller, Adrian) Date: Tue, 13 Dec 2011 11:31:56 -0000 Subject: [Fiware-security] Open Call topic for T8.4 Message-ID: Please ignore the attachment on the previous message as it was the wrong one! Adrian > -----Original Message----- > From: Waller, Adrian > Sent: 13 December 2011 11:07 > To: 'DI CERBO, Francesco'; BISSON Pascal > (pascal.bisson at thalesgroup.com) > Cc: fiware-security at lists.fi-ware.eu > Subject: RE: [Fiware-security] Open Call topic for T8.4 > > Dear Francesco, > Looking at your description for the required asset and > the spreadsheet you previousy sent, our Content Based > Security asset already proposed for Task 8.4 (and which has > backlog entries) would appear to meet the requirement. So, I > don't think we need an Open Call on this. > > Regards, > > Adrian > > Dr. Adrian Waller CISSP > Technical Consultant - Information Security Thales UK Thales > Research and Technology (UK) Ltd., Worton Drive, Reading RG2 > 0SB, U.K. > > [www.thalesgroup.com/uk] > Tel: ++44 118 923 8304 Fax: ++44 118 923 8399 > e-mail: Adrian.Waller at thalesgroup.com > > > > > > > > -----Original Message----- > > From: fiware-security-bounces at lists.fi-ware.eu > > [mailto:fiware-security-bounces at lists.fi-ware.eu] On Behalf Of DI > > CERBO, Francesco > > Sent: 12 December 2011 17:46 > > To: BISSON Pascal > > (pascal.bisson at thalesgroup.com) > > Cc: fiware-security at lists.fi-ware.eu > > Subject: [Fiware-security] Open Call topic for T8.4 > > > > Dear Pascal, > > > > As previously announced, please find the description of the > open call > > topic for T8.4. > > > > I noticed that in the minutes, you make a reference to a google doc > > spreadsheet. Just to test if I got it right: > > > > - we are supposed to mention the UC tickets that we analyzed there, > > copying the MoSCoW priority assigned by the requestor UC, AND > > expressing our final evaluation (using MoSCoW > > classification) to explain if and with which priority a > ticket shall > > be accepted by us. Right? > > > > Questions: > > > > 1) each tab has a project name associated to it; in > columns, however, > > there are also the name of all other UC projects: > > this is meant in case of joint requests by a number of UC > projects? Or > > if we detect a cross-cutting problem/request, we can use > those columns > > to make links among tickets? > > 2) how are we expressing if a ticket is covered just to a certain > > extent by a GE? For instance, how do we express if a ticket > is covered > > at 50% by a GE? > > > > Thanks a lot for the clarification! > > > > Francesco > > > > _______ > > > > Title: Secure communication asset > > > > Description: The asset must support authenticated and encrypted > > communications between different actors, ensuring > confidentiality and > > security to end points. The asset must work at application > level as a > > proxy, and expose ReST and SOAP interfaces. The asset must > support the > > identification of endpoints simply using cryptographic > tools, i.e., a > > pair public-private RSA keys, but not limited to it. It > must provide > > an encryption/decryption API, and support at least the following > > encryption protocols: DES, AES, RSA, TEA, SHA-0 and SHA-1. > > > > UC requests covered by the asset: > > INSTANMOBILITY.Epic.Security.SecureTransaction > > https://forge.fi-ware.eu/tracker/index.php?func=detail&aid=362 > > &group_id=7&atid=163 > > > > (even if some more explanations could be asked, to ensure that they > > are really interested to application-level > > security) OUTSMART.Epic.Security.EncryptedCommunications > > https://forge.fi-ware.eu/tracker/index.php?func=detail&aid=474 > > &group_id=7&atid=163 > > > > ___ > > > > Francesco Di Cerbo, PhD > > SAP Labs France > > 805, avenue Maurice Donat > > Font de l'Orme > > BP 1216 > > 06250 Mougins Cedex > > France > > Tel. +33 4 92 28 64 45 > > e-mail: Francesco.Di.Cerbo at sap.com > > > > > > _______________________________________________ > > Fiware-security mailing list > > Fiware-security at lists.fi-ware.eu > > http://lists.fi-ware.eu/listinfo/fiware-security > > > Please consider the environment before printing a hard copy of this e-mail. The information contained in this e-mail is confidential. It is intended only for the stated addressee(s) and access to it by any other person is unauthorised. If you are not an addressee, you must not disclose, copy, circulate or in any other way use or rely on the information contained in this e-mail. Such unauthorised use may be unlawful. If you have received this e-mail in error, please inform us immediately on +44 (0)118 986 8601 and delete it and all copies from your system. Thales Research and Technology (UK) Limited. A company registered in England and Wales. Registered Office: 2 Dashwood Lang Road, The Bourne Business Park, Addlestone, Weybridge, Surrey KT15 2NX. Registered Number: 774298 Thales UK Limited. A company registered in England and Wales. Registered Office: 2 Dashwood Lang Road, The Bourne Business Park, Addlestone, Weybridge, Surrey KT15 2NX. Registered Number: 868273 From antonio.garcia at atosresearch.eu Fri Dec 16 13:29:13 2011 From: antonio.garcia at atosresearch.eu (Antonio Garcia Vazquez) Date: Fri, 16 Dec 2011 13:29:13 +0100 Subject: [Fiware-security] TR: [Fiware-wpl] IMPORTANT: Approach forArchitecture Specification Deliverable Message-ID: <8E18929A6C79354FB4BD9BD4636DCB062E9567@INTMAIL03.es.int.atosorigin.com> Pascal, I don't know if there are some other model more SOA/cloud oriented. As far as I know CORBA is multiplatform service oriented model; so could be a good starting point for our architecture without detriment to extend it if needed Best Regards ************************************ * Antonio Garc?a-V?zquez * * (+34) 91 214 9384 * * antonio.garcia at atosresearch.eu * ************************************ From: fiware-security-bounces at lists.fi-ware.eu [mailto:fiware-security-bounces at lists.fi-ware.eu] On Behalf Of TRABELSI, Slim Sent: jueves, 15 de diciembre de 2011 10:40 To: BISSON Pascal; fiware-security at lists.fi-ware.eu Subject: Re: [Fiware-security] TR: [Fiware-wpl] IMPORTANT: Approach forArchitecture Specification Deliverable Hi Pascal, Why are we using an architecture specification model dedicated to CORBA. This middleware is now quite outdated and I'm not sure that this model will describe correctly SOA and cloud based architecture. But since I do not have any other specification model to recommend, my feedback would be neutral ! Thank you Best Slim ===================================== Dr Slim Trabelsi Researcher Security & Trust SAP Labs France 805, Avenue du Docteur Maurice Donat BP 1216 - 06254 Mougins Cedex, France T +33 4 92 28 63 45 M + 33 6 11 99 85 79 www.sap.com From: fiware-security-bounces at lists.fi-ware.eu [mailto:fiware-security-bounces at lists.fi-ware.eu] On Behalf Of BISSON Pascal Sent: mercredi 14 d?cembre 2011 20:03 To: fiware-security at lists.fi-ware.eu Subject: [Fiware-security] TR: [Fiware-wpl] IMPORTANT: Approach for Architecture Specification Deliverable Importance: High Dear All, I forwarded you this email some weeks ago for your information and feedback being said this is the approach promoted by our CA (Juanjo) for us to address M9 deliverable and deliver our input. Awaiting for your feedback on the proposed approach. Without feedback I will use you agree with what has been proposed. Hearing from you one way or another. Regards, Pascal PS: This mail also to answer your demand on the topic Anja . De : fiware-wpl-bounces at lists.fi-ware.eu [mailto:fiware-wpl-bounces at lists.fi-ware.eu] De la part de Juanjo Hierro Envoy? : mercredi 30 novembre 2011 15:39 ? : fiware-wpl at lists.fi-ware.eu; fiware-wpa at lists.fi-ware.eu Objet : [Fiware-wpl] IMPORTANT: Approach for Architecture Specification Deliverable Hi all, As you know, we have to start working on the Architecture Specifications, which is one of the deliverables that is due in month 9, that is, end of January. My intention is to adopt a pragmatic approach, trying to generate something that can be integrated as part of the GE Open Specifications that we have to produce by month 12. My vision is that all GE Open Specifications should start with a chapter where an overview of the envisioned Architecture for the GE is described. While style would be narrative, the description should be enough concrete, i.e., formulated over actual data type, interface and operation names and elaborating on the base interaction scenarios involving the different entities exporting the defined interfaces. Then, after that chapter, the detailed specification of all data types and interfaces with their operations, are provided (this including signature of operations and accurate description of expected behaviour linked to operations) Then, the Architecture Specification deliverable would be just the result of developing this overview chapter. But nothing better than an example, so let me use one taken from OMG's set of CORBA Services Specifications. Along my many years involved in different standardization efforts, I have found that OMG CORBA Service specs are rather comprehensive and close to what programmers (our ultimate customers!) love to see. Please find enclosed the CORBA Event Service Specifications. What I would then select as the Architecture description are the contents of the following sections: * The whole chapter 1 * Section 2.2 and 2.4 (which some people may have argued should have been included in chapter 1 :-) Note that anyone who reads the mentioned sections would get a CLEAR picture of what is the Architecture of the service and what are going to be the entities and interfaces/operations that will be supported in a compliant implementation. The conceptual and programming model would be also rather clear from a programmer's perspective. Therefore, rather valuable information for an application developer perspective which is what really should matter to us. A side benefit is that what will remain as pending regarding GE Open Specifications will be less, that is, the detailed specification of data types and interfaces/operations. One thing that we will have to define is the set of conventions that we should all follow whenever we need to draw any figure, like figures 1-x or 2-x. For this, Thomas and me will come soon to you with a proposal in short time. Please take your time to analyze this carefully and formulate any question you may have. From now on, I assume that you will start planning activities in Sprint 2 and 3 dealing with development of these specifications within each of your chapters. This may well take the form of Work Items in the tracker. Best regards, -- Juanjo ________________________________ Este mensaje se dirige exclusivamente a su destinatario. Puede consultar nuestra pol?tica de env?o y recepci?n de correo electr?nico en el enlace situado m?s abajo. This message is intended exclusively for its addressee. We only send and receive email on the basis of the terms set out at. http://www.tid.es/ES/PAGINAS/disclaimer.aspx ------------------------------------------------------------------ This e-mail and the documents attached are confidential and intended solely for the addressee; it may also be privileged. If you receive this e-mail in error, please notify the sender immediately and destroy it. As its integrity cannot be secured on the Internet, the Atos group liability cannot be triggered for the message content. Although the sender endeavours to maintain a computer virus-free network, the sender does not warrant that this transmission is virus-free and will not be liable for any damages resulting from any virus transmitted. Este mensaje y los ficheros adjuntos pueden contener informacion confidencial destinada solamente a la(s) persona(s) mencionadas anteriormente pueden estar protegidos por secreto profesional. Si usted recibe este correo electronico por error, gracias por informar inmediatamente al remitente y destruir el mensaje. Al no estar asegurada la integridad de este mensaje sobre la red, Atos no se hace responsable por su contenido. Su contenido no constituye ningun compromiso para el grupo Atos, salvo ratificacion escrita por ambas partes. Aunque se esfuerza al maximo por mantener su red libre de virus, el emisor no puede garantizar nada al respecto y no sera responsable de cualesquiera danos que puedan resultar de una transmision de virus. ------------------------------------------------------------------ -------------- next part -------------- An HTML attachment was scrubbed... URL: From pascal.bisson at thalesgroup.com Tue Dec 20 10:43:49 2011 From: pascal.bisson at thalesgroup.com (BISSON Pascal) Date: Tue, 20 Dec 2011 10:43:49 +0100 Subject: [Fiware-security] TR: [Fiware-wpl] Notes from last joint WPLs/WPAs confcall Message-ID: <4778_1324374233_4EF058D9_4778_9482_1_48bd74a3-5ed1-4a74-b799-fc5597678a2a@THSONEA01HUB02P.one.grp> Dear All, I'm forwarding you this email received from Juanjo as minutes of the WPL/WPA audio conf which took place yesterday. Unfortunately nor me nor Daniel where able to attend. My view on this is that we need more than that. What we need in my view is a physical meeting chaired by CA and with each and every WPA present to discuss, align and converge the partial architectures which have been produced so far. Of course we need also dedicated task forces focusing on some aspects (e.g. task force on CMDB between wp8 and wp4) and for that we already created EPICS to have it happened but to end up with overall architecture on which we can all agree we need more. So please have a look at what is proposed below and provide with your view in order to raise the voice of WP8 & Security AT on the topic. This both at general level (overall integrated architecture and processes to have it achieved) and specific level (architectural topics that you think are missing and would need creation of dedicated task forces to have them addressed). Of course this is something we would discuss at our next audio conf on Friday based on your input and the view of Daniel on this as WPA. Counting on you to prepare elements (text, couple of slides) to be discussed on Friday. Best Regards, Pascal De : fiware-wpl-bounces at lists.fi-ware.eu [mailto:fiware-wpl-bounces at lists.fi-ware.eu] De la part de Juanjo Hierro Envoy? : mardi 20 d?cembre 2011 10:18 ? : fiware-wpl at lists.fi-ware.eu; fiware-wpa at lists.fi-ware.eu Objet : [Fiware-wpl] Notes from last joint WPLs/WPAs confcall Hi all, Please find below my notes from our confcall today. Please share with your respective teams. As you see, there will be a number of APs to setup a number of Task Forces, each concentrated in a particular cross-chapter topic (see point on goals and agenda). A mailing list for discussion on the topic will be setup. In addition, a ticket will be created in a Task Force Management tracker we will setup in the "FI-WARE Private" project in FusionForge that has been created. The ticket will point to the archive of the mailing list being created and will help us to follow up progress. Cheers, -- Juanjo 1. Attendees * Cloud Chapter: Alex (IBM) * Data Chapter: Carlos (TID) * IoT Chapter: Denes (NSN) * Apps Chapter: Torsten (SAP), Axel (SAP) * Security Chapter: None * I2ND: Pier (TI), Hans (DT) * Dev Tools: Davide (Engineering) * Exploitation (Juan) 2. Goals and agenda: The main goal of the confcall is to identify architectural topics that will require further discussion involving more than one chapter. An Architecture Task Force will be created for each relevant topic. Concretely, this will mean that: * TID will set up a dedicated mailing list and create a ticket on the Task Force tracker in the FI-WARE private project in FusionForge * Each WPL/WPA will designate who should join from their chapters * The partner who proposed the Task Force (owner of the Task Force) will kick-off the discussion on the mailing list by sending an email which helps as terms of reference * The owner of the Task Force should present conclusions at the joint WPL/WPA meeting that will take place on January 23rd Each WPL/WPA was requested to bring any cross-chapter topic for which he wish to create a Task Force. The following partners brought some views: * Juanjo (TID) * Davide (Engineering) * Torsten (SAP) * Pier (Telecom Italia) 3. Presentation by Juanjo 3.1 Generalize Event Management model being proposed at the level of Things in IoT chapter, applying it to Cloud Monitoring and Security Events Monitoring Despite it is still under discussion, the Event Management Model being proposed at the level of Things in the IoT chapter is rather generic and has been defined so it is consistent with the Event Management model defined within the Data/Context Management Model. This Event Management Model is based on the OMA (Open Mobile Alliance) specs for NGSI Context-Management. In such model, an event leads to generation of a Context Element data structure which includes info about updated values of properties linked to entities defined in the system. An entity maps to the concept of "Thing" in the IoT chapter but there may be other entities in the system (e.g., another application). In FI-WARE, values assigned to properties describing Things will be derived from data gathered from IoT resources, referred as sensors, which run on IoT devices. Associations between Things and IoT resources as well as formulas for mapping values of IoT resources into properties of entities are handled through an IoT Configuration Management GE at the Things Management Layer. However, this concept may be further generalized so that we talk about "Monitoring Agents" or "Monitored Resources". The model would then be able to work for both Cloud Monitoring and Security Events Monitoring. The advantage for this approach would be reuse of components, as well as exhibiting higher coherence. AP: Setup task force to check whether the Events Management Model defined at the level of Things within IoT chapter can be adopted for both Cloud monitoring and Security events monitoring. Mailing list to be created: fiware-monitoring 3.2 Glue middleware There are a number of issues that are related to how interfaces exported by GEs are actually specified and implemented: * first, we have to agree on a common way to specify interfaces exported by GEs ... Should we adopt REST as a minimum common denominator ? Can we define a technology-neutral approach that would allow an interface to be accessible using multiple technologies (REST, WS, optimized binary protocols, ...) and would allow us to overcome that a given technology becomes deprecated ? * second, the most suitable technical solution for some Security issues may need to implement some functions at middleware level * third, APIs usage accountability may require that also some functions be implemented at middleware level if we want to achieve a suitable level of transparency Alex: not sure if we can decide on one API paradigm but he agrees we should support just a limited set Juanjo: is not about choosing one API paradigm but probably define an interface definition language that may abstract us from the limited set of API paradigms we will support (which could then be extended over time). Denes: any decision on middleware should take into account that middleware may need to fit with restrictions about computing resources in IoT devices AP: Setup task force on the matter. Mailing list to be created: fiware-middleware 3.3 Network-aware Cloud Some UC projects have declared the need to be able to declare what SLO (Service Level Objectives) they want to see fulfilled for certain end-to-end scenarios, typically requiring communication between applications running on the Cloud and IoT gateways (cloud proxies) or end users. It would then be up to the Cloud Hosting capabilities in FI-WARE to cope with those SLOs relying on capacities of the underlying network. Despite we will see whether this functionality would easily fit in the roadmap based on available resources, all declare to agree with creation of a Task Force on the matter. It will typically involve partners from the I2ND chapter, Cloud chapter and Apps chapter (since we need to resolve how this sort of SLOs become part of the SLA definition linked to an application) We agree to leave P2P scenarios aside for the time being unless UC projects raise the need to analyze them. AP: Start with a single Task Force involving I2ND, Cloud and Apps chapter members. Mailing list to be created: fiware-network-cloud-SLOs Eventually split into two task forces if needed which may be: - a task force involving Apps (Business Framework) and Cloud chapters, dealing with how to declare SLAs at USDL related to end-to-end SLOs - a task force involving Cloud and I2ND chapter dealing with how to implement SLOs relying on QoS management functions exported by networks 3.4 Semantic Web Infrastructure: Several chapters addressing development of GEs whose implementation relies on Semantic Web technologies. We should go for the selection of a single technology for this (mostly RDF storage and SPARQL support) AP: Setup a Task Force that takes a decision for all the project. Mailing list to be created: fiware-semantic-platform Torsten: Shouldn't we also go for a common decision regarding linked-data GE ? AP: Apps chapter to share info about linked-data technologies being defined in their chapter so that rest of WPAs can evaluate whether it can be used elsewhere (info to be sent to fiware-wpa mailing list for the time being) 3.5 Common Look&Feel in FI-WARE portals AP: Juanjo to launch a thread of discussion on the matter so that we can start discussion on the matter 4. Development Tools by Davide Davide reinforce the need to link some of the developments to be made within the Dev&Tools and those in other chapters. Particularly those that have to do with deployment tools where we need to explore how they integrate (or matches) the development of part of the Cloud portal. He also reinforce the need to make a decision on how interfaces will be specified and what protocols will be supported. Davide take the opportunity to reinforce that other chapter leaders should answer the questionnaire that was distributed by WP9 to all WPLs/WPAs. 5. Presentation by Torsten Despite Torsten didn't have time to present all cross-chapter topics, he made emphasis on the need to push for making services provided by FI-WARE GEs available in the marketplace. This means that they should be defined in USDL. Juanjo: this should allow that a FI-WARE Instance Provider operating a FI-WARE Instance defined around the Marketplace GEs offer third parties the ability to publish their implementation of FI-WARE GEs in other chapters and get paid for their usage by applications. It would also help a FI-WARE Instance Provider operating a FI-WARE Instance that deploys all FI-WARE GEs to establish how it plans to charge for usage of their services by applications. AP: To setup Task Force on discussion about USDL. Mailing list to be created: fiware-usdl As a second major point in his presentation, Torsten put emphasis on the need to close the definition of the GEs supporting Identity Management. We should soon have the APIs of these GEs defined as soon as possible. Juanjo and Pier highlighted this is rather relevant. Juanjo expects that the Security chapter has been able to further refine the vision that they presented in the workshop which took place in November and now could present a detailed Reference Architecture with well-defined APIs. AP: To setup Task Force on discussion about Security Identity Management, Access Control and Data Handling. Mailing list to be created fiware-security-core Unfortunately, there was not time to address other topics to be brought by Torsten. He will distribute his presentation among WPLs/WPAs. 6. Short comments by Pier Pier mentioned that they are already working on how to ensure that cloud-edge proxy supports all capabilities that are needed to host IoT software. AP: We may consider that a Task Force is already in place. We just need to create a dedicated mailing list to discuss on the matter: ------------- Juanjo Hierro Product Development and Innovation (PDI) - Telefonica Digital email: jhierro at tid.es twitter: twitter.com/JuanjoHierro ________________________________ Este mensaje se dirige exclusivamente a su destinatario. Puede consultar nuestra pol?tica de env?o y recepci?n de correo electr?nico en el enlace situado m?s abajo. This message is intended exclusively for its addressee. We only send and receive email on the basis of the terms set out at. http://www.tid.es/ES/PAGINAS/disclaimer.aspx -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- An embedded and charset-unspecified text was scrubbed... Name: ATT00001.txt URL: From jhierro at tid.es Tue Dec 20 11:32:19 2011 From: jhierro at tid.es (Juanjo Hierro) Date: Tue, 20 Dec 2011 11:32:19 +0100 Subject: [Fiware-security] [Fiware-wpl] REMINDER: Joint WPL/WPA Follow-up confcall on Monday starting at 11:00 - 3 hours In-Reply-To: <29396_1324283122_4EEEF4F2_29396_6377_1_a94baad4-09d4-474f-8e09-a80435b5a342@THSONEA01HUB06P.one.grp> References: <4EEB3143.2040602@tid.es> <29396_1324283122_4EEEF4F2_29396_6377_1_a94baad4-09d4-474f-8e09-a80435b5a342@THSONEA01HUB06P.one.grp> Message-ID: <4EF06433.8070209@tid.es> Dear Pascal, I'm sorry that you couldn't make the call. One of the points that were raised (already mentioned in the minutes), and indeed one about which many people is seeking for an aswer, has to do with definition of the Reference Architecture that we are going to adopt for Identity Management and Access Control. Identity Management and Access Control is a key core GE on which many GEs and final applications will rely. Therefore, we need to know ASAP what is the target solution for this very basic functionality as well as details about what APIs will be used by the programmers of GEs/Applications. I rather hope you have been able to progress on the matter since the workshop that took place in November. There, the Architecture for identity Management and Access Control that was sketched was rather high-level. We need more detail and, if possible, reference to the APIs that will be used. This is a demand not just from me but many of the other WPLs/WPAs. I copy the fiware-security mailing list in this response to make them aware about the critical importance of this point. Cheers, ------------- Juanjo Hierro Product Development and Innovation (PDI) - Telefonica Digital email: jhierro at tid.es twitter: twitter.com/JuanjoHierro On 19/12/11 09:25, BISSON Pascal wrote: > Dear Juanjo, > Dear Colleagues, > > Due to a management meeting Daniel and I have to attend this morning we would not be able to attend the audio conf of today. > > Apologize for the inconvenience. > > Regarding topical architectural issues we'd like to discuss across WPs there are a number of them which were already stated and reported on the Wiki (also discussed through bilateral meeting we had with other WPs at previous GA in Torino - one of them being overall monitoring). In any case I and especially Daniel as WP8 architect will come back to you with more details through couple of slides you requested. > > As for the rest I do sill think we need to go for a physical meeting with all WPAs addressing those architectural issues in order to converge on how to integrate the various partial (view-oriented) architectures we came up with. > > Best Regards, > > Pascal > > PS: Daniel and I will in any case catch up on the minutes of this audio. Once more apologize not being in a position to attend today's audio. > > -----Message d'origine----- > De : fiware-wpl-bounces at lists.fi-ware.eu [mailto:fiware-wpl-bounces at lists.fi-ware.eu] De la part de Juanjo Hierro > Envoy? : vendredi 16 d?cembre 2011 12:54 > ? : fiware-wpl at lists.fi-ware.eu; fiware-wpa at lists.fi-ware.eu > Objet : [Fiware-wpl] REMINDER: Joint WPL/WPA Follow-up confcall on Monday starting at 11:00 - 3 hours > > Hi all, > > This is a reminder that we will have our regular joint WPL/WPA > follow-up confcall on Monday starting at 11:00 and expected to last 3 hours. > > Main focus of the confcall will be to start discussion on > cross/global architectural issues. > > All WPLs/WPAs are welcome to bring presentations elaborating on both > their views (please, enough detailed, not just vague/abstract ideas) and > the questions they believe require launching dedicated Task Forces for > further discussion. From shared material and the discussion that may > follow, we should derive a number of Action Points and we should agree > what concrete Task Forces have to be launched. > > We may devote also some time to agree on preparation of the next > FI-WARE General Assembly. > > Cheers, > > ------------- > Juanjo Hierro > > Product Development and Innovation (PDI) - Telefonica Digital > email: jhierro at tid.es > twitter: twitter.com/JuanjoHierro > > > Este mensaje se dirige exclusivamente a su destinatario. Puede consultar nuestra pol?tica de env?o y recepci?n de correo electr?nico en el enlace situado m?s abajo. > This message is intended exclusively for its addressee. We only send and receive email on the basis of the terms set out at. > http://www.tid.es/ES/PAGINAS/disclaimer.aspx > _______________________________________________ > Fiware-wpl mailing list > Fiware-wpl at lists.fi-ware.eu > http://lists.fi-ware.eu/listinfo/fiware-wpl > . > Este mensaje se dirige exclusivamente a su destinatario. Puede consultar nuestra pol?tica de env?o y recepci?n de correo electr?nico en el enlace situado m?s abajo. This message is intended exclusively for its addressee. We only send and receive email on the basis of the terms set out at. http://www.tid.es/ES/PAGINAS/disclaimer.aspx From robert.seidl at nsn.com Tue Dec 20 11:53:25 2011 From: robert.seidl at nsn.com (Seidl, Robert (NSN - DE/Munich)) Date: Tue, 20 Dec 2011 11:53:25 +0100 Subject: [Fiware-security] FW: [Fiware-cloud] Identity management? Message-ID: <9739B018F0466A4CAB10A9DABBEBF5A6507CF0@DEMUEXC027.nsn-intra.net> FYI as WPL/WPA I received this email via the cloud hosting distribution list. Just to make you aware that there is also a discussion about IDM ongoing. From: fiware-cloud-bounces at lists.fi-ware.eu [mailto:fiware-cloud-bounces at lists.fi-ware.eu] On Behalf Of ext Alex Glikson Sent: Tuesday, December 20, 2011 9:39 AM To: FERNANDO LOPEZ AGUILAR; Edmonds, AndrewX Cc: fiware-cloud at lists.fi-ware.eu Subject: [Fiware-cloud] Identity management? Keynote is part of OpenStack, and will be further integrated by April 2012 release (Essex). http://wiki.openstack.org/keystone. Need to check what would make sense in terms of Keystone versus Identity Management GE in WP8. Andy -- when you see this, would appreciate if you could take a look (and recommend how to approach this). Of course, others are also welcome to take a look. Thanks, Alex From: FERNANDO LOPEZ AGUILAR To: Alex Glikson/Haifa/IBM at IBMIL Cc: "fiware-cloud at lists.fi-ware.eu" Date: 20/12/2011 10:26 AM Subject: Re: [Fiware-cloud] [FI-WARE.T4.5] #3 T4.5 PhC ________________________________ Identity Management is a GE for the wp8, the idea is if we could reuse it in order to provide the identity management in the portal and by extension in the cloud. Regarding the OpenStack Keynote, I do not know it. Maybe someone should prepare some slides in order to see the difference between both of these solutions. I thought that Keynote is something under developing now, don't? Best regards. Fernando. Enviado desde mi HTC ----- Reply message ----- De: "Alex Glikson" Fecha: mar., dic. 20, 2011 08:53 Asunto: [Fiware-cloud] [FI-WARE.T4.5] #3 T4.5 PhC Para: "FERNANDO LOPEZ AGUILAR" CC: "fiware-cloud at lists.fi-ware.eu" Good summary. Do we want to define Identity Management as a separate GE in the Cloud Hosting architecture (e.g., based on OpenStack Keystone)? Or it will be one of the services provided by the front-end (self-services) layer? Regards, Alex From: FERNANDO LOPEZ AGUILAR To: Irena Trajkovsica , Joaquin Salvachua , Javier Cervi?o , Defrance Serge Cc: "fiware-cloud at lists.fi-ware.eu" Date: 20/12/2011 03:03 AM Subject: [Fiware-cloud] [FI-WARE.T4.5] #3 T4.5 PhC Sent by: fiware-cloud-bounces at lists.fi-ware.eu ________________________________ Dear all, I just upload the presentation of Identity Management GE for the tomorrow PhC. You can download it in the following link (https://forge.fi-ware.eu/docman/admin/index.php?editdoc=1&docid=695&group_id=14) Best regards, Fernando L?pez Aguilar Cloud Computing fla at tid dot es +34 914 832 729 Telef?nica I+D (R&D) Ronda de la Comunicaci?n s/n Distrito C, Edificio Oeste 1, Planta 5 28050 Madrid, Spain El 19/12/2011, a las 10:58, FERNANDO LOPEZ AGUILAR escribi?: Dear all, You can find in the following link the template for the next PhC minute together with the agenda. https://forge.fi-ware.eu/docman/view.php/14/687/%233+2011-12-20+WP4+T4.5+PhC+Agenda+and+Minutes.doc Remember that the audio begin at 15.00 CET. I remember again that the previous minute has not been uploaded in the web site yet. Best regards, Fernando L?pez Aguilar Cloud Computing fla at tid dot es +34 914 832 729 Telef?nica I+D (R&D) Ronda de la Comunicaci?n s/n Distrito C, Edificio Oeste 1, Planta 5 28050 Madrid, Spain ________________________________ Este mensaje se dirige exclusivamente a su destinatario. Puede consultar nuestra pol?tica de env?o y recepci?n de correo electr?nico en el enlace situado m?s abajo. This message is intended exclusively for its addressee. We only send and receive email on the basis of the terms set out at. http://www.tid.es/ES/PAGINAS/disclaimer.aspx _______________________________________________ Fiware-cloud mailing list Fiware-cloud at lists.fi-ware.eu http://lists.fi-ware.eu/listinfo/fiware-cloud ________________________________ Este mensaje se dirige exclusivamente a su destinatario. Puede consultar nuestra pol?tica de env?o y recepci?n de correo electr?nico en el enlace situado m?s abajo. This message is intended exclusively for its addressee. We only send and receive email on the basis of the terms set out at. http://www.tid.es/ES/PAGINAS/disclaimer.aspx -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- An embedded and charset-unspecified text was scrubbed... Name: ATT1194363.txt URL: From robert.seidl at nsn.com Tue Dec 20 13:00:38 2011 From: robert.seidl at nsn.com (Seidl, Robert (NSN - DE/Munich)) Date: Tue, 20 Dec 2011 13:00:38 +0100 Subject: [Fiware-security] FI-WARE : EPIC downsizing --> here IDM - Idemix Message-ID: <9739B018F0466A4CAB10A9DABBEBF5A6507D54@DEMUEXC027.nsn-intra.net> Hi Anja, we have started our thoughts on how to downsize the EPIC related to IDM-Idemix integration into user stories and features. Please find attached the related document for your comments. Please include your changes/comments directly to the document. Later we have to copy the user stories and features to the WIKI. <> Greetings Robert -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: IdemixEpicsSplitUp_Goe.docx Type: application/octet-stream Size: 17390 bytes Desc: IdemixEpicsSplitUp_Goe.docx URL: From robert.seidl at nsn.com Tue Dec 20 15:01:26 2011 From: robert.seidl at nsn.com (Seidl, Robert (NSN - DE/Munich)) Date: Tue, 20 Dec 2011 15:01:26 +0100 Subject: [Fiware-security] FI-WARE : EPIC downsizing --> here IDM - STORK Message-ID: <9739B018F0466A4CAB10A9DABBEBF5A6507DF6@DEMUEXC027.nsn-intra.net> Hi Antonio, we have started our thoughts on how to downsize the EPIC related to IDM-Stork integration into user stories and features. Please find attached the related document for your comments. Please include your changes/comments directly to the document. Later we have to copy the user stories and features to the WIKI. <> Greetings Robert -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: StorkEpicsSplitUp_Goe(WK2).docx Type: application/octet-stream Size: 17200 bytes Desc: StorkEpicsSplitUp_Goe(WK2).docx URL: From pascal.bisson at thalesgroup.com Tue Dec 20 15:04:07 2011 From: pascal.bisson at thalesgroup.com (BISSON Pascal) Date: Tue, 20 Dec 2011 15:04:07 +0100 Subject: [Fiware-security] [Fiware-wpl] REMINDER: Joint WPL/WPA Follow-up confcall on Monday starting at 11:00 - 3 hours In-Reply-To: <4EF06433.8070209@tid.es> References: <4EEB3143.2040602@tid.es> <29396_1324283122_4EEEF4F2_29396_6377_1_a94baad4-09d4-474f-8e09-a80435b5a342@THSONEA01HUB06P.one.grp> <4EF06433.8070209@tid.es> Message-ID: <4778_1324389854_4EF095DE_4778_12999_1_85827611-77d6-4b0b-b42e-acd02d155368@THSONEA01HUB01P.one.grp> Dear Juanjo, Dear ALL, First once more my apologize not having been able to join the audio conf of Monday as expected. Second no problem to have this email copied to the Security team being said I already forwarded them also with the minutes of the WPL/WPA audio conf of Monday. This for their information but also to discuss with them the so far outcomes Regarding APIs attached to Security GEs I have an audio conference on Friday where I will review progress on this being said I already stressed each Security GE owner to come up with provisional description of the API(s) accompanying the GE. This obviously apply to the core GEs and so Identity Management. In the meantime I can only regret that the bilateral audio conferences (WP8-WP6, WP8-WP5 and WP8-WP4) on Security GEs (and more specifically Core GEs) as direct follow-up of the WP8-ALL other WPs were not followed (honored) as it could have helped us to make faster progress on this (understanding of GEs and how they could be accessed). But ok this is ongoing work and we will report progress on what we achieved so far. Best Regards, Pascal -----Message d'origine----- De?: Juanjo Hierro [mailto:jhierro at tid.es] Envoy??: mardi 20 d?cembre 2011 11:32 ??: BISSON Pascal Cc?: fiware-wpl at lists.fi-ware.eu; fiware-wpa at lists.fi-ware.eu; SIEUX Corinne; GIDOIN Daniel; fiware-security at lists.fi-ware.eu Objet?: Re: [Fiware-wpl] REMINDER: Joint WPL/WPA Follow-up confcall on Monday starting at 11:00 - 3 hours Dear Pascal, I'm sorry that you couldn't make the call. One of the points that were raised (already mentioned in the minutes), and indeed one about which many people is seeking for an aswer, has to do with definition of the Reference Architecture that we are going to adopt for Identity Management and Access Control. Identity Management and Access Control is a key core GE on which many GEs and final applications will rely. Therefore, we need to know ASAP what is the target solution for this very basic functionality as well as details about what APIs will be used by the programmers of GEs/Applications. I rather hope you have been able to progress on the matter since the workshop that took place in November. There, the Architecture for identity Management and Access Control that was sketched was rather high-level. We need more detail and, if possible, reference to the APIs that will be used. This is a demand not just from me but many of the other WPLs/WPAs. I copy the fiware-security mailing list in this response to make them aware about the critical importance of this point. Cheers, ------------- Juanjo Hierro Product Development and Innovation (PDI) - Telefonica Digital email: jhierro at tid.es twitter: twitter.com/JuanjoHierro On 19/12/11 09:25, BISSON Pascal wrote: > Dear Juanjo, > Dear Colleagues, > > Due to a management meeting Daniel and I have to attend this morning we would not be able to attend the audio conf of today. > > Apologize for the inconvenience. > > Regarding topical architectural issues we'd like to discuss across WPs there are a number of them which were already stated and reported on the Wiki (also discussed through bilateral meeting we had with other WPs at previous GA in Torino - one of them being overall monitoring). In any case I and especially Daniel as WP8 architect will come back to you with more details through couple of slides you requested. > > As for the rest I do sill think we need to go for a physical meeting with all WPAs addressing those architectural issues in order to converge on how to integrate the various partial (view-oriented) architectures we came up with. > > Best Regards, > > Pascal > > PS: Daniel and I will in any case catch up on the minutes of this audio. Once more apologize not being in a position to attend today's audio. > > -----Message d'origine----- > De : fiware-wpl-bounces at lists.fi-ware.eu [mailto:fiware-wpl-bounces at lists.fi-ware.eu] De la part de Juanjo Hierro > Envoy? : vendredi 16 d?cembre 2011 12:54 > ? : fiware-wpl at lists.fi-ware.eu; fiware-wpa at lists.fi-ware.eu > Objet : [Fiware-wpl] REMINDER: Joint WPL/WPA Follow-up confcall on Monday starting at 11:00 - 3 hours > > Hi all, > > This is a reminder that we will have our regular joint WPL/WPA > follow-up confcall on Monday starting at 11:00 and expected to last 3 hours. > > Main focus of the confcall will be to start discussion on > cross/global architectural issues. > > All WPLs/WPAs are welcome to bring presentations elaborating on both > their views (please, enough detailed, not just vague/abstract ideas) and > the questions they believe require launching dedicated Task Forces for > further discussion. From shared material and the discussion that may > follow, we should derive a number of Action Points and we should agree > what concrete Task Forces have to be launched. > > We may devote also some time to agree on preparation of the next > FI-WARE General Assembly. > > Cheers, > > ------------- > Juanjo Hierro > > Product Development and Innovation (PDI) - Telefonica Digital > email: jhierro at tid.es > twitter: twitter.com/JuanjoHierro > > > Este mensaje se dirige exclusivamente a su destinatario. Puede consultar nuestra pol?tica de env?o y recepci?n de correo electr?nico en el enlace situado m?s abajo. > This message is intended exclusively for its addressee. We only send and receive email on the basis of the terms set out at. > http://www.tid.es/ES/PAGINAS/disclaimer.aspx > _______________________________________________ > Fiware-wpl mailing list > Fiware-wpl at lists.fi-ware.eu > http://lists.fi-ware.eu/listinfo/fiware-wpl > . > Este mensaje se dirige exclusivamente a su destinatario. Puede consultar nuestra pol?tica de env?o y recepci?n de correo electr?nico en el enlace situado m?s abajo. This message is intended exclusively for its addressee. We only send and receive email on the basis of the terms set out at. http://www.tid.es/ES/PAGINAS/disclaimer.aspx From jhierro at tid.es Wed Dec 21 02:02:00 2011 From: jhierro at tid.es (Juanjo Hierro) Date: Wed, 21 Dec 2011 02:02:00 +0100 Subject: [Fiware-security] [Fiware-wpl] REMINDER: Joint WPL/WPA Follow-up confcall on Monday starting at 11:00 - 3 hours In-Reply-To: <4778_1324389854_4EF095DE_4778_12999_1_85827611-77d6-4b0b-b42e-acd02d155368@THSONEA01HUB01P.one.grp> References: <4EEB3143.2040602@tid.es> <29396_1324283122_4EEEF4F2_29396_6377_1_a94baad4-09d4-474f-8e09-a80435b5a342@THSONEA01HUB06P.one.grp> <4EF06433.8070209@tid.es> <4778_1324389854_4EF095DE_4778_12999_1_85827611-77d6-4b0b-b42e-acd02d155368@THSONEA01HUB01P.one.grp> Message-ID: <4EF13008.1090909@tid.es> On 20/12/11 15:04, BISSON Pascal wrote: > Dear Juanjo, > Dear ALL, > > First once more my apologize not having been able to join the audio conf of Monday as expected. > > Second no problem to have this email copied to the Security team being said I already forwarded them also with the minutes of the WPL/WPA audio conf of Monday. This for their information but also to discuss with them the so far outcomes I knew ... that's why I assumed there was no issue in doing so. > > Regarding APIs attached to Security GEs I have an audio conference on Friday where I will review progress on this being said I already stressed each Security GE owner to come up with provisional description of the API(s) accompanying the GE. This obviously apply to the core GEs and so Identity Management. Great ! > > In the meantime I can only regret that the bilateral audio conferences (WP8-WP6, WP8-WP5 and WP8-WP4) on Security GEs (and more specifically Core GEs) as direct follow-up of the WP8-ALL other WPs were not followed (honored) as it could have helped us to make faster progress on this (understanding of GEs and how they could be accessed). > > But ok this is ongoing work and we will report progress on what we achieved so far. I guess we may be facing some sort of "chicken & egg" problem ... I believe it is hard for some of the WPs you mention (WP5, WP6 and WP4) trying to sketch how they would integrate with security core GEs if they don't see first how the architecture for Identity Management and Access Control will look like and what are the concrete technologies/APIs that we will use for that ... so I rather suggest that you continue on such effort and hopefully when the a proposed architecture for Identity Management and Access Control gets detailed enough, a more concrete feedback from those other WPs may come naturally ... Besides, I believe part of the answer to the question about how Identity Management and Access Control GEs can integrate with WP4-WP6 relates to the issue I have brought about the "glue middleware" ... please take a look at the attached slides that I used on Monday. Regards, -- Juanjo > > Best Regards, > Pascal > Este mensaje se dirige exclusivamente a su destinatario. Puede consultar nuestra pol?tica de env?o y recepci?n de correo electr?nico en el enlace situado m?s abajo. This message is intended exclusively for its addressee. We only send and receive email on the basis of the terms set out at. http://www.tid.es/ES/PAGINAS/disclaimer.aspx -------------- next part -------------- A non-text attachment was scrubbed... Name: FI-WARE Cross-chapter Architectural topics.pptx Type: application/vnd.openxmlformats-officedocument.presentationml.presentation Size: 141442 bytes Desc: not available URL: From pascal.bisson at thalesgroup.com Wed Dec 21 19:58:54 2011 From: pascal.bisson at thalesgroup.com (BISSON Pascal) Date: Wed, 21 Dec 2011 19:58:54 +0100 Subject: [Fiware-security] FI-WARE - WP8 - Audio conf Message-ID: <10978_1324493939_4EF22C73_10978_8185_1_52d4b00d-52ea-481c-89a7-69ed625ce829@THSONEA01HUB03P.one.grp> Dear All, This just to confirm you our audio conference of Friday 23/12 starting at 10am since we have important things to discuss. On the Agenda: 1. Review of AP as per previous minutes 2. GE APIs (=> GE owners reporting on status) 3. M9 deliverable (approach + report on ongoing work -> Task leads/GE owners) 4. Questions raised by WP10 (=> answer to be given) 5. Outcomes of WPL/WPA audio conf on Architectural issues (approach and issues WP8 can raise) 6. Next GA 7. Sprint 2 (outcomes) & Sprint 3 (plans) 8. Others ? Talk with you on Friday. Best Regards, Pascal Number to dial to join remain unchanged as well as meeting room number (see below). [Meeting room number (unchanged) : 391581] Liste des num?ros LocalConnect: Australia Australia Toll Free 1800 005 574 Australia Sydney +61 (0) 282 239 767 Austria Vienna +43 (0) 2682 205 6609 Belgium Brussels +32 (0) 2 789 8678 Denmark Copenhagen +45 3271 4340 Finland Helsinki +358 (0) 923 142 830 France Lyon +33 (0) 426 840 285 France Marseille +33 (0) 488 915 385 France Paris +33 (0) 170 994 816 Germany Berlin +49 (0) 3072 616 7342 Germany D?sseldorf +49 (0) 2115 407 3902 Germany Frankfurt +49 (0) 6971 044 5635 Germany Hamburg +49 (0) 4080 902 0684 Germany Munich +49 (0) 8924 443 2893 Germany Stuttgart +49 (0) 7111 856 2130 Hong Kong Hong Kong +852 301 145 59 Hungary Budapest +36 (06) 1-889-3286 Ireland Dublin +353 (0) 14 860 780 Israel Israel Toll Free 1809 245 981 Italy Milan +39 0 230 413 017 Italy Rome +39 0 645 217 056 Italy Turin +39 0 112 179 2159 Japan Japan Toll Free 005 311 212 65 Japan Tokyo +81 (0) 357 675 025 Korea, Republic Of Seoul +82 (0) 234 831 224 Luxembourg Luxemburg City +352 2700 41 42 Malaysia Kuala Lumpur +60 (0) 377 124 640 Netherlands Amsterdam +31 (0) 207 948 529 New Zealand Auckland +64 (0) 9 919 2428 Norway Oslo +47 2153 3919 Poland Poland Toll Free 0080 0121 1304 Portugal Portugal Toll Free 800 814 183 Russia Russia Toll Free 81080 02209 4011 Singapore Singapore +65 6622 1068 Spain Barcelona +34 93 492 3235 Spain Madrid +34 91 788 9908 Sweden Stockholm +46 (0) 850 520 145 Switzerland Geneva +41 (0) 225 927 428 United Kingdom Birmingham +44 (0) 121 260 4686 United Kingdom London +44 (0) 207 153 9902 United Kingdom Manchester +44 (0) 161 250 0679 United States USA & Canada Toll Free 1888 249 0050 United States USA Toll +1 954 334 1559 -------------- next part -------------- An HTML attachment was scrubbed... URL: From slim.trabelsi at sap.com Thu Dec 22 10:40:42 2011 From: slim.trabelsi at sap.com (TRABELSI, Slim) Date: Thu, 22 Dec 2011 10:40:42 +0100 Subject: [Fiware-security] FI-WARE - WP8 - Audio conf In-Reply-To: <10978_1324493939_4EF22C73_10978_8185_1_52d4b00d-52ea-481c-89a7-69ed625ce829@THSONEA01HUB03P.one.grp> References: <10978_1324493939_4EF22C73_10978_8185_1_52d4b00d-52ea-481c-89a7-69ed625ce829@THSONEA01HUB03P.one.grp> Message-ID: Hi Pascal, Can we add a point related to summarize the open call topics that will be proposed in WP8. Thank you BR Slim ===================================== Dr Slim Trabelsi Researcher Security & Trust SAP Labs France 805, Avenue du Docteur Maurice Donat BP 1216 - 06254 Mougins Cedex, France T +33 4 92 28 63 45 M + 33 6 11 99 85 79 www.sap.com From: fiware-security-bounces at lists.fi-ware.eu [mailto:fiware-security-bounces at lists.fi-ware.eu] On Behalf Of BISSON Pascal Sent: mercredi 21 d?cembre 2011 19:59 To: fiware-security at lists.fi-ware.eu Subject: [Fiware-security] FI-WARE - WP8 - Audio conf Importance: High Dear All, This just to confirm you our audio conference of Friday 23/12 starting at 10am since we have important things to discuss. On the Agenda: 1. Review of AP as per previous minutes 2. GE APIs (=> GE owners reporting on status) 3. M9 deliverable (approach + report on ongoing work -> Task leads/GE owners) 4. Questions raised by WP10 (=> answer to be given) 5. Outcomes of WPL/WPA audio conf on Architectural issues (approach and issues WP8 can raise) 6. Next GA 7. Sprint 2 (outcomes) & Sprint 3 (plans) 8. Others ? Talk with you on Friday. Best Regards, Pascal Number to dial to join remain unchanged as well as meeting room number (see below). [Meeting room number (unchanged) : 391581] Liste des num?ros LocalConnect: Australia Australia Toll Free 1800 005 574 Australia Sydney +61 (0) 282 239 767 Austria Vienna +43 (0) 2682 205 6609 Belgium Brussels +32 (0) 2 789 8678 Denmark Copenhagen +45 3271 4340 Finland Helsinki +358 (0) 923 142 830 France Lyon +33 (0) 426 840 285 France Marseille +33 (0) 488 915 385 France Paris +33 (0) 170 994 816 Germany Berlin +49 (0) 3072 616 7342 Germany D?sseldorf +49 (0) 2115 407 3902 Germany Frankfurt +49 (0) 6971 044 5635 Germany Hamburg +49 (0) 4080 902 0684 Germany Munich +49 (0) 8924 443 2893 Germany Stuttgart +49 (0) 7111 856 2130 Hong Kong Hong Kong +852 301 145 59 Hungary Budapest +36 (06) 1-889-3286 Ireland Dublin +353 (0) 14 860 780 Israel Israel Toll Free 1809 245 981 Italy Milan +39 0 230 413 017 Italy Rome +39 0 645 217 056 Italy Turin +39 0 112 179 2159 Japan Japan Toll Free 005 311 212 65 Japan Tokyo +81 (0) 357 675 025 Korea, Republic Of Seoul +82 (0) 234 831 224 Luxembourg Luxemburg City +352 2700 41 42 Malaysia Kuala Lumpur +60 (0) 377 124 640 Netherlands Amsterdam +31 (0) 207 948 529 New Zealand Auckland +64 (0) 9 919 2428 Norway Oslo +47 2153 3919 Poland Poland Toll Free 0080 0121 1304 Portugal Portugal Toll Free 800 814 183 Russia Russia Toll Free 81080 02209 4011 Singapore Singapore +65 6622 1068 Spain Barcelona +34 93 492 3235 Spain Madrid +34 91 788 9908 Sweden Stockholm +46 (0) 850 520 145 Switzerland Geneva +41 (0) 225 927 428 United Kingdom Birmingham +44 (0) 121 260 4686 United Kingdom London +44 (0) 207 153 9902 United Kingdom Manchester +44 (0) 161 250 0679 United States USA & Canada Toll Free 1888 249 0050 United States USA Toll +1 954 334 1559 -------------- next part -------------- An HTML attachment was scrubbed... URL: From pascal.bisson at thalesgroup.com Thu Dec 22 10:41:34 2011 From: pascal.bisson at thalesgroup.com (BISSON Pascal) Date: Thu, 22 Dec 2011 10:41:34 +0100 Subject: [Fiware-security] FI-WARE - WP8 - Audio conf In-Reply-To: References: <10978_1324493939_4EF22C73_10978_8185_1_52d4b00d-52ea-481c-89a7-69ed625ce829@THSONEA01HUB03P.one.grp> Message-ID: <3870_1324546895_4EF2FB4F_3870_3200_1_CBBCD6C304123F4AB23FAAE3055C8C0E020642691E2B@THSONEA01CMS04P.one.grp> Yes. Added. De : TRABELSI, Slim [mailto:slim.trabelsi at sap.com] Envoy? : jeudi 22 d?cembre 2011 10:41 ? : BISSON Pascal; fiware-security at lists.fi-ware.eu Objet : RE: FI-WARE - WP8 - Audio conf Hi Pascal, Can we add a point related to summarize the open call topics that will be proposed in WP8. Thank you BR Slim ===================================== Dr Slim Trabelsi Researcher Security & Trust SAP Labs France 805, Avenue du Docteur Maurice Donat BP 1216 - 06254 Mougins Cedex, France T +33 4 92 28 63 45 M + 33 6 11 99 85 79 www.sap.com From: fiware-security-bounces at lists.fi-ware.eu [mailto:fiware-security-bounces at lists.fi-ware.eu] On Behalf Of BISSON Pascal Sent: mercredi 21 d?cembre 2011 19:59 To: fiware-security at lists.fi-ware.eu Subject: [Fiware-security] FI-WARE - WP8 - Audio conf Importance: High Dear All, This just to confirm you our audio conference of Friday 23/12 starting at 10am since we have important things to discuss. On the Agenda: 1. Review of AP as per previous minutes 2. GE APIs (=> GE owners reporting on status) 3. M9 deliverable (approach + report on ongoing work -> Task leads/GE owners) 4. Questions raised by WP10 (=> answer to be given) 5. Outcomes of WPL/WPA audio conf on Architectural issues (approach and issues WP8 can raise) 6. Next GA 7. Sprint 2 (outcomes) & Sprint 3 (plans) 8. Others ? Talk with you on Friday. Best Regards, Pascal Number to dial to join remain unchanged as well as meeting room number (see below). [Meeting room number (unchanged) : 391581] Liste des num?ros LocalConnect: Australia Australia Toll Free 1800 005 574 Australia Sydney +61 (0) 282 239 767 Austria Vienna +43 (0) 2682 205 6609 Belgium Brussels +32 (0) 2 789 8678 Denmark Copenhagen +45 3271 4340 Finland Helsinki +358 (0) 923 142 830 France Lyon +33 (0) 426 840 285 France Marseille +33 (0) 488 915 385 France Paris +33 (0) 170 994 816 Germany Berlin +49 (0) 3072 616 7342 Germany D?sseldorf +49 (0) 2115 407 3902 Germany Frankfurt +49 (0) 6971 044 5635 Germany Hamburg +49 (0) 4080 902 0684 Germany Munich +49 (0) 8924 443 2893 Germany Stuttgart +49 (0) 7111 856 2130 Hong Kong Hong Kong +852 301 145 59 Hungary Budapest +36 (06) 1-889-3286 Ireland Dublin +353 (0) 14 860 780 Israel Israel Toll Free 1809 245 981 Italy Milan +39 0 230 413 017 Italy Rome +39 0 645 217 056 Italy Turin +39 0 112 179 2159 Japan Japan Toll Free 005 311 212 65 Japan Tokyo +81 (0) 357 675 025 Korea, Republic Of Seoul +82 (0) 234 831 224 Luxembourg Luxemburg City +352 2700 41 42 Malaysia Kuala Lumpur +60 (0) 377 124 640 Netherlands Amsterdam +31 (0) 207 948 529 New Zealand Auckland +64 (0) 9 919 2428 Norway Oslo +47 2153 3919 Poland Poland Toll Free 0080 0121 1304 Portugal Portugal Toll Free 800 814 183 Russia Russia Toll Free 81080 02209 4011 Singapore Singapore +65 6622 1068 Spain Barcelona +34 93 492 3235 Spain Madrid +34 91 788 9908 Sweden Stockholm +46 (0) 850 520 145 Switzerland Geneva +41 (0) 225 927 428 United Kingdom Birmingham +44 (0) 121 260 4686 United Kingdom London +44 (0) 207 153 9902 United Kingdom Manchester +44 (0) 161 250 0679 United States USA & Canada Toll Free 1888 249 0050 United States USA Toll +1 954 334 1559 -------------- next part -------------- An HTML attachment was scrubbed... URL: From pascal.bisson at thalesgroup.com Thu Dec 22 13:55:04 2011 From: pascal.bisson at thalesgroup.com (BISSON Pascal) Date: Thu, 22 Dec 2011 13:55:04 +0100 Subject: [Fiware-security] TR: [Fiware] We are on Facebook now! Message-ID: <19320_1324558505_4EF328A9_19320_3794_1_CBBCD6C304123F4AB23FAAE3055C8C0E020642692371@THSONEA01CMS04P.one.grp> FYI FI-WARE is now on Facebook ! -----Message d'origine----- De?: fiware-bounces at lists.fi-ware.eu [mailto:fiware-bounces at lists.fi-ware.eu] De la part de Miguel Carrillo Envoy??: lundi 19 d?cembre 2011 17:08 ??: fiware at lists.fi-ware.eu Cc?: fiware-wpl at lists.fi-ware.eu; fiware-wpa at lists.fi-ware.eu Objet?: [Fiware] We are on Facebook now! Dear all, We have our Facebook page now. You can reach it on: WPL, can you please disseminate this within your respective WPs? http://www.facebook.com/pages/FI-WARE/251366491587242 Please tick on the "I like it" button to help us grow a reasonable number of votes on Facebook. Thanks Miguel -- ---------------------------------------------------------------------- _/ _/_/ Miguel Carrillo Pacheco _/ _/ _/ _/ Telef?nica Distrito C _/ _/_/_/ _/ _/ Investigaci?n y Edifico Oeste 1, Planta 5 _/ _/ _/ _/ Desarrollo Ronda de la Comunicaci?n S/N _/ _/_/ Madrid 28050 (Spain) Tel: (+34) 91 483 26 77 e-mail: mcp at tid.es ---------------------------------------------------------------------- Este mensaje se dirige exclusivamente a su destinatario. Puede consultar nuestra pol?tica de env?o y recepci?n de correo electr?nico en el enlace situado m?s abajo. This message is intended exclusively for its addressee. We only send and receive email on the basis of the terms set out at. http://www.tid.es/ES/PAGINAS/disclaimer.aspx _______________________________________________ Fiware mailing list Fiware at lists.fi-ware.eu http://lists.fi-ware.eu/listinfo/fiware From xavier.aghina at orange.com Thu Dec 22 16:51:05 2011 From: xavier.aghina at orange.com (xavier.aghina at orange.com) Date: Thu, 22 Dec 2011 16:51:05 +0100 Subject: [Fiware-security] audio conf 23/12 Message-ID: Hello everyone, I'm on vacation at the time of the audio conf to be back in early January. If there are any questions, please do not hesitate to contact us by email. Merry Christmas and a happy new year to all of you and your families! Xavier Aghina FT/OLNC/RD/MAPS/STT/NDS Ing?nieur de Recherche en S?curit? t?l. 01 45 29 81 59 xavier.aghina at orange.com -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: image001.gif Type: image/gif Size: 1264 bytes Desc: image001.gif URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: image002.gif Type: image/gif Size: 1081 bytes Desc: image002.gif URL: From pascal.bisson at thalesgroup.com Fri Dec 23 09:46:42 2011 From: pascal.bisson at thalesgroup.com (BISSON Pascal) Date: Fri, 23 Dec 2011 09:46:42 +0100 Subject: [Fiware-security] TR: [Fiware-wpl] IMPORTANT TO SYNC: FI-WARE First Open Call Message-ID: <10877_1324630004_4EF43FF3_10877_13062_1_CBBCD6C304123F4AB23FAAE3055C8C0E0206426E4434@THSONEA01CMS04P.one.grp> FYI on Open Call and outcome of the meeting between FI-WARE and UC project on the topic. See the tw selected topic for 1st Open Call . To be further discussed with you at today's audio. Regards, Pascal De : fiware-wpl-bounces at lists.fi-ware.eu [mailto:fiware-wpl-bounces at lists.fi-ware.eu] De la part de Juanjo Hierro Envoy? : vendredi 23 d?cembre 2011 08:26 ? : fiware-wpl at lists.fi-ware.eu; fiware-wpa at lists.fi-ware.eu Objet : [Fiware-wpl] IMPORTANT TO SYNC: FI-WARE First Open Call Hi all, This is to report to you about the decisions taken regarding topics for the first Open Call in FI-WARE. Please share this info with your respective teams. Going through a sequence of three intensive dedicated confcalls, the FI-PPP AB has came to an agreement on how to handle the higher priority topics raised by the UC projects as well as what will be the topics to be addressed in the first Open Call (a number of topics proposed by FI-WARE have been incorporated in the analysis in respect to this last point). You can get a wrap-up of this exercise summarizing the agreements reached looking at the sheet titled "Wrapup" in the following shared Google docs spreadsheet: https://docs.google.com/spreadsheet/ccc?key=0AqGGeaQGro3fdHFLUXozQU9lem5rWVRBeS02czJmNlE&hl=en_US#gid=1 As you will see, only two topics will be addressed in the first Open Call. Following the advice of our PO, Arian Zwegers, we have decided to split the original first Open Call into two Open Calls, therefore having a total of three Open Calls overall. We have also decided to go for a very short list of topics in this first Open Call. This is because: * Again, following our PO advice, we have to take the opportunity of this Open Call to learn about how to manage the Open Call process so it's better to make it a "small trial" * We had to face the challenge of describing in detail and in collaboration with the UC projects what we will ask for in the description of this first Open Call, which has to be issued by end of January 2012. We have little time/resources to do this for too many topics, overall taking into account that we need to face a number of deliverables by end of January. In addition, many of the high-priority topics that both UC projects and ourselves have in our list (some of them shared) are still described in a too high-level so clearly there is a need to work on further refining them as to distill the actual features we want to support in FI-WARE. This is something that makes sense to afford during Q1 of 2012. Regarding the two particular topics selected for the first Open Call, let me elaborate a bit on them: * Middleware for efficient and QoS/Security-aware invocation of services as well as exchange of messages. There were several UC projects that were asking for this, not just for implementing communication between different parts of the application but for invoking services exposed to applications by the FI-WARE GEs. Therefore, we will have to go for it definitively. However, I see here the opportunity to drive what has to be developed in a way it can become useful in FI-WARE to help a) solving some of the issues we had identified during our Security workshop on November that have to do with managing access control through credentials when handling requests to services, b) dealing with several accountability and traceability issues and c) enabling a technology-neutral definition of GE interfaces. I will elaborate more on what I believe we may push into the definition of requirements for such middleware in the "Glue Middleware" Task Force we agreed to launch in our last joint WPLs/WPAs follow-up confcall. * Business Models and Business Elements (BM & BE) Definition and Simulation This is leveraged in a request made by UC projects to have means for simulating how costs of deploying a given application on top of FI-WARE (not only hosting service costs but costs derived from using other FI-WARE GE services or even third-party application services) could be simulated. Here, I found the opportunity to map this to our critical need to address the development of a BM & BE definition support component in the context of the first Open Call since this will be a base component of the Business Framework Reference Architecture for which an asset hadn't been identified. On the other hand, from my point of view, merging the two things together makes a lot of sense because any party that is able to contribute a product that implements this sort of simulation (which is the ultimate need expressed by the UC projects) may have probably implemented its own tools for defining the basic BM & BE on which simulation is based. Therefore, it makes sense to me to go and adapt our basic BM & BE Model to the one such potential new partner may bring. Regarding the rest of topics some of you had proposed, they where discussed and we agreed that they may go for the second call after their functional description is further defined, which is something that should happen during Q1 2012. Regarding the rest of topics raised by the UC projects, I would like to highlight the following: * Augmented Reality and 3D User Interfaces were brought to the table. Fair enough, these topics are clearly something we were not covering but have to do a lot with the kind of User Experiences someone would expect to see supported in Future Internet Applications. Therefore, I find it rather suitable to cover them through Open Calls which may attract rather specialized partners on the topics. In my view, this may probably lead to definition of a Working Package on User Interface support where, BTW, we may explore whether multi-device and multi-channel access to applications (currently in WP3 and somehow lacking of support) may be collocated. * Many UC projects are looking for means in the platform that will enable them to assure certain QoS at infrastructure level not just at centralized Data Centers but end-to-end. This had been mapped into a number of requests assigned to the I2ND chapter. UC projects do not expect to manage QoS at communication level from the application themselves (other than through the basic middleware targeted in the 1st Open Call). What they expect is to be able to select, configure and contract the SLA linked to an application at configuration&deployment time. SLAs that I see would be expressed in terms of a number of SLOs (Service Level Objectives). In words of one UC project: What would be very nice to have is a service which I can ask: "I need connectivity from A to B", and the service will answer "OK, you have 10 possible paths, price is such, characteristics of connection are such". If this is done properly, my application can then choose the "most reliable", "least expensive", or "most secure" path (and this will be seutp automatically). Next thing would be monitoring to see if the promised characteristics were really delivered (otherwise I don't pay...) I agree this has to be a functionality that has to be provided by FI-WARE but will require a close coordination between the Cloud, I2ND and Apps (Business Framework) chapter, so let's really assign this a high priority in our discussions. BTW, this clearly matches one of the cross-chapter Task Forces we identified during our last joint WPLs/WPAs confcall (Network-aware Cloud Task Force) * Many UC projects also have requirements for distributing their applications partly in the centralized Data Centers and partly in cloud proxies at the network-edge. Many of them wish to see the concept of cloud-proxy generalized as to cover smartphones and other smart but small devices. This comes along the need to be able to describe this distributed taxonomy at the time applications are configured and deployed on FI-WARE as well as the need to define means for handling failures in communication between the Data Center clouds and cloud proxies (periodic synchronizations and the like). This doesn't come as something new to us, but confirms the need to afford the definition of the necessary components at the Cloud chapter that can deal with this and prepare this as a subject for the second Open Call. * Another common requirements have to do with a) being able to assign a level of certainty/trust to data being managed by the application and b) being able to manage access and views to data depending on credentials of the user on behalf of whom an application is trying to get access to data. Both requirements are clearly generic and probably useful for many applications but we agreed we have to explore to what extend this lead to definition and development (through an Open Call) of enablers that can really qualify as generic and go beyond those defined in the Data/Context Management chapter. * Several UC projects also expressed the need for several kind of "data-stream-oriented" GEs. For instance, the notion of Publish/Subscribe but linked to streams rather than to atomic data units. Again, this seems to be something generic and useful enough for many applications but we agreed we have to explore to what extend this lead to definition and development (through an Open Call) of enablers that can really qualify as generic and go beyond those defined in the Data/Context Management chapter. * Rest of requirements were about topics I believe most probably are already in our roadmap or should not be a big issue to include in our roadmap. We agreed to follow them during Q1 2012 as to confirm this or not. Hope this long summary gives you a clear picture. Next steps will mean working on the detailed development of Epics that will be published as part of the first Open Call and will provide an enough detailed description of what we are looking for there. In addition, setting up a number of Task Forces on the topics above, involving UC projects, where we will address identification of Features. Such features will either enrich our current FI-WARE backlog (because we find they would fit within the roadmap of already identified GEs) or will be used for describing what will be requested in the second Open Call. More details will follow in the first weeks of January. I take advantage of this email to wish you all a very nice Christmas and a Happy New Year. Cheers, ------------- Juanjo Hierro Product Development and Innovation (PDI) - Telefonica Digital email: jhierro at tid.es twitter: twitter.com/JuanjoHierro ________________________________ Este mensaje se dirige exclusivamente a su destinatario. Puede consultar nuestra pol?tica de env?o y recepci?n de correo electr?nico en el enlace situado m?s abajo. This message is intended exclusively for its addressee. We only send and receive email on the basis of the terms set out at. http://www.tid.es/ES/PAGINAS/disclaimer.aspx -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- An embedded and charset-unspecified text was scrubbed... Name: ATT00001.txt URL: From pascal.bisson at thalesgroup.com Fri Dec 23 10:09:28 2011 From: pascal.bisson at thalesgroup.com (BISSON Pascal) Date: Fri, 23 Dec 2011 10:09:28 +0100 Subject: [Fiware-security] WP9 Questionnaire Message-ID: <6863_1324631375_4EF4454F_6863_7840_1_87e2089a-d8b7-4cda-b5b2-1d6aab52c374@THSONEA01HUB05P.one.grp> To be discussed at our audio conf and to be filled in with input from each Task lead/GE owners. The sooner the better since we are already behind schedule on this. Thanks in advance. Best Regards, Pascal -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: FI-WARE WP9 Questionnaire v2 (2).doc Type: application/msword Size: 38912 bytes Desc: FI-WARE WP9 Questionnaire v2 (2).doc URL: From slim.trabelsi at sap.com Fri Dec 23 11:12:02 2011 From: slim.trabelsi at sap.com (TRABELSI, Slim) Date: Fri, 23 Dec 2011 11:12:02 +0100 Subject: [Fiware-security] FMC architecture model - interesting reference Message-ID: Dear all, As discussed in the last call here is a reference for using FMC : http://www.fmc-modeling.org/tam_stencils ===================================== Dr Slim Trabelsi Researcher Security & Trust SAP Labs France 805, Avenue du Docteur Maurice Donat BP 1216 - 06254 Mougins Cedex, France T +33 4 92 28 63 45 M + 33 6 11 99 85 79 www.sap.com -------------- next part -------------- An HTML attachment was scrubbed... URL: From mcp at tid.es Fri Dec 23 12:05:00 2011 From: mcp at tid.es (Miguel Carrillo) Date: Fri, 23 Dec 2011 12:05:00 +0100 Subject: [Fiware-security] FMC architecture model - interesting reference In-Reply-To: References: Message-ID: <4EF4605C.70705@tid.es> Dear all, Torsten was so kind as to add a brief installation manual and a template in the Project Handbook. If you are interested you can read it here. https://forge.fi-ware.eu/plugins/mediawiki/wiki/fiware/index.php/How_to_install_FMC_stencils_in_yEd Happy Xmas! Miguel El 23/12/2011 11:12, TRABELSI, Slim escribi?: Dear all, As discussed in the last call here is a reference for using FMC : http://www.fmc-modeling.org/tam_stencils ===================================== Dr Slim Trabelsi Researcher Security & Trust SAP Labs France 805, Avenue du Docteur Maurice Donat BP 1216 - 06254 Mougins Cedex, France T +33 4 92 28 63 45 M + 33 6 11 99 85 79 www.sap.com -- ---------------------------------------------------------------------- _/ _/_/ Miguel Carrillo Pacheco _/ _/ _/ _/ Telef?nica Distrito C _/ _/_/_/ _/ _/ Investigaci?n y Edifico Oeste 1, Planta 5 _/ _/ _/ _/ Desarrollo Ronda de la Comunicaci?n S/N _/ _/_/ Madrid 28050 (Spain) Tel: (+34) 91 483 26 77 e-mail: mcp at tid.es ---------------------------------------------------------------------- ________________________________ Este mensaje se dirige exclusivamente a su destinatario. Puede consultar nuestra pol?tica de env?o y recepci?n de correo electr?nico en el enlace situado m?s abajo. This message is intended exclusively for its addressee. We only send and receive email on the basis of the terms set out at. http://www.tid.es/ES/PAGINAS/disclaimer.aspx -------------- next part -------------- An HTML attachment was scrubbed... URL: From pascal.bisson at thalesgroup.com Fri Dec 23 13:11:47 2011 From: pascal.bisson at thalesgroup.com (BISSON Pascal) Date: Fri, 23 Dec 2011 13:11:47 +0100 Subject: [Fiware-security] FI-WARE - Security - Audio-conf (23/12/2011) Minutes Message-ID: <6863_1324642312_4EF47008_6863_15992_1_e0af3e9d-dfd6-43ca-98b4-449b4b36fac6@THSONEA01HUB03P.one.grp> Dear All, Find hereafter the minutes of per Agenda topic of our last audio conf of Y2011. Thanks to Slim, Francesco, Daniel, Antonio and Wolfgang to have attended it. 1. Review of AP as per previous minutes * Action Point (AP) for those [T8.1/Daniel, ...] who haven't delivered their (short textual report) on Sprint 1 achievement and scope of Sprint 2 work to have it done asap. Also to update Wiki status of work items accordingly. Pascal to work on issues reported regarding changing state. 2. GE APIs (=> GE owners reporting on status) * Each GE owners to report on progress achieved on APIs that will come up with the GEs. It seems that a number of progress have been made on the topic but that they are not yet visible. * AP Task lead/GE owners: each GE owner come up with a textual description of each of the APIs (that may target different stakeholders) that will come with its GE. [Deadline prior to next audio conf 9/01/2012 10am-12am] 3. M9 deliverable (approach + report on ongoing work -> Task leads/GE owners) * Not so much comment except that we may have been proposing an approach better fitting to type of environments we are focusing on within the project (i.e. SOA, cloud-based type of environment...) * SAP suggested to have a look at FMC (http://www.fmc-modeling.org/tam_stencils (AP for ALL except SAP to check) - AP for SAP to have this proposal discussed internally with WP3 Lead and AB co-chair Axel) 4. Questions raised by WP10 (=> answer to be given) * AP for each Task lead and GE owner to answer those questions by 28/12 at the latest 5. Outcomes of WPL/WPA audio conf on Architectural issues (approach and issues WP8 can raise) 6. AP for Task leads/GE owners/Caretakers/Appointed reprsentatives of this team to follow-up activities of other WPs (i.e. Slim/WP3, Daniel G/WP4, Xavier/WP5, Daniel G/WP6, Wolfgang/WP7) to drop an email to WPL & WPA with the most topical architectural issues they'd like to be added to discussion involving WPAs (WPLs). 7. Next GA (23-27/01/2012 - Madrid) * AP for partners planning to attend to drop an email to Pascal * So far participation of Slim, Francesco (SAP), Pascal, Daniel (THA) and Antonio (ATOS) have been confirmed * NSN already confirmed they would not be there. 8. Sprint 2 (outcomes) & Sprint 3 (plans) * AP for Task leads and GE owners to provide the following: * Short textual report on Sprint 2 (December 2011) achievements (update status accordingly on the Wiki) [due 30/12/2011] * State their plans (short text) regarding scoping of Sprint 3 (January) [due 2/01/2012] 9. Others ? * Open Calls * There would be three Open Calls * Topics that will go for the 1st open call have been selected as an outcome of last AB meeting (16/12/2011) where candidate topics were proposed and discussed. The two selected topics are: * Middleware for efficient and QoS/Security-aware invocation of services as well as exchange of messages. * Business Models and Business Elements (BM & BE) Definition and Simulation * SAP (Slim) volunteered to support THA in addressing proper textual description of the topics for what concerns security (this based on input already provided regarding candidate topic on Trsut & Reputation - see latest update performed by SAP of the google spread sheet) * AP Pascal to enroll Slim on this drafting. * Announce withdrawal of TID * Still no answer from TID following email sent by Pascal /Daniel on behalf of WP8 * Lack of involvement of FT-Orange and INRIA * As for TID this has a clear impact on the task to which INRIA and FT-Orange were supposed to contribute. * AP for Task leads (T8.2/Robert - T8.4/Slim) to assess this impact and report to WPL/WPA the same way it has been reported by Thales for TID in T8.1. Also propose backup plans (reallocation of resources to other partners) * AP for INRIA & FT-Orange to clarify their position (and if confirmed participation performed as expected - i.e. deliver not to damage the work of the task and the whole wp:!!) * AP for Thales to bring issues that would not have been solved at the time of the GA to the PCC Meeting. And before that at Virtual PCC meeting if any before As for the rest Will you all a Merry Christmas and Happy New Year !! And many thanks for the great work we already achieved let's continue and improve this work in 2012 !!! Best Regards, Pascal -------------- next part -------------- An HTML attachment was scrubbed... URL: From pascal.bisson at thalesgroup.com Fri Dec 23 13:16:03 2011 From: pascal.bisson at thalesgroup.com (BISSON Pascal) Date: Fri, 23 Dec 2011 13:16:03 +0100 Subject: [Fiware-security] TR: FI-WARE - Security - Audio-conf (23/12/2011) Minutes Message-ID: <6863_1324642565_4EF47105_6863_16158_1_CBBCD6C304123F4AB23FAAE3055C8C0E0206426E4780@THSONEA01CMS04P.one.grp> Dear All, Forgot one more AP for Task lead and GE owners to fill in the Questionnaire received from WP9 (just sent to the mailing list prior to audio conf of today) with their input/answer. AP - Pascal to collect/compile/complete and send it back to WP9 lead. This time my reporting is complete. Apologize to have forgotten this but this indeed important for us to support/orient the work of WP9 and ohers WP10 .. Best Regards, Pascal De : BISSON Pascal Envoy? : vendredi 23 d?cembre 2011 13:12 ? : fiware-security at lists.fi-ware.eu Cc : BISSON Pascal; GIDOIN Daniel Objet : FI-WARE - Security - Audio-conf (23/12/2011) Minutes Importance : Haute Dear All, Find hereafter the minutes of per Agenda topic of our last audio conf of Y2011. Thanks to Slim, Francesco, Daniel, Antonio and Wolfgang to have attended it. 1. Review of AP as per previous minutes ? Action Point (AP) for those [T8.1/Daniel, ...] who haven't delivered their (short textual report) on Sprint 1 achievement and scope of Sprint 2 work to have it done asap. Also to update Wiki status of work items accordingly. Pascal to work on issues reported regarding changing state. 2. GE APIs (=> GE owners reporting on status) ? Each GE owners to report on progress achieved on APIs that will come up with the GEs. It seems that a number of progress have been made on the topic but that they are not yet visible. ? AP Task lead/GE owners: each GE owner come up with a textual description of each of the APIs (that may target different stakeholders) that will come with its GE. [Deadline prior to next audio conf 9/01/2012 10am-12am] 3. M9 deliverable (approach + report on ongoing work -> Task leads/GE owners) ? Not so much comment except that we may have been proposing an approach better fitting to type of environments we are focusing on within the project (i.e. SOA, cloud-based type of environment...) ? SAP suggested to have a look at FMC (http://www.fmc-modeling.org/tam_stencils (AP for ALL except SAP to check) - AP for SAP to have this proposal discussed internally with WP3 Lead and AB co-chair Axel) 4. Questions raised by WP10 (=> answer to be given) ? AP for each Task lead and GE owner to answer those questions by 28/12 at the latest 5. Outcomes of WPL/WPA audio conf on Architectural issues (approach and issues WP8 can raise) 6. AP for Task leads/GE owners/Caretakers/Appointed reprsentatives of this team to follow-up activities of other WPs (i.e. Slim/WP3, Daniel G/WP4, Xavier/WP5, Daniel G/WP6, Wolfgang/WP7) to drop an email to WPL & WPA with the most topical architectural issues they'd like to be added to discussion involving WPAs (WPLs). 7. Next GA (23-27/01/2012 - Madrid) ? AP for partners planning to attend to drop an email to Pascal ? So far participation of Slim, Francesco (SAP), Pascal, Daniel (THA) and Antonio (ATOS) have been confirmed ? NSN already confirmed they would not be there. 8. Sprint 2 (outcomes) & Sprint 3 (plans) ? AP for Task leads and GE owners to provide the following: ? Short textual report on Sprint 2 (December 2011) achievements (update status accordingly on the Wiki) [due 30/12/2011] ? State their plans (short text) regarding scoping of Sprint 3 (January) [due 2/01/2012] 9. Others ? ? Open Calls ? There would be three Open Calls ? Topics that will go for the 1st open call have been selected as an outcome of last AB meeting (16/12/2011) where candidate topics were proposed and discussed. The two selected topics are: * Middleware for efficient and QoS/Security-aware invocation of services as well as exchange of messages. * Business Models and Business Elements (BM & BE) Definition and Simulation * SAP (Slim) volunteered to support THA in addressing proper textual description of the topics for what concerns security (this based on input already provided regarding candidate topic on Trsut & Reputation - see latest update performed by SAP of the google spread sheet) * AP Pascal to enroll Slim on this drafting. * Announce withdrawal of TID * Still no answer from TID following email sent by Pascal /Daniel on behalf of WP8 * Lack of involvement of FT-Orange and INRIA * As for TID this has a clear impact on the task to which INRIA and FT-Orange were supposed to contribute. * AP for Task leads (T8.2/Robert - T8.4/Slim) to assess this impact and report to WPL/WPA the same way it has been reported by Thales for TID in T8.1. Also propose backup plans (reallocation of resources to other partners) * AP for INRIA & FT-Orange to clarify their position (and if confirmed participation performed as expected - i.e. deliver not to damage the work of the task and the whole wp:!!) * AP for Thales to bring issues that would not have been solved at the time of the GA to the PCC Meeting. And before that at Virtual PCC meeting if any before As for the rest Will you all a Merry Christmas and Happy New Year !! And many thanks for the great work we already achieved let's continue and improve this work in 2012 !!! Best Regards, Pascal -------------- next part -------------- An HTML attachment was scrubbed... URL: From francesco.di.cerbo at sap.com Fri Dec 23 18:35:43 2011 From: francesco.di.cerbo at sap.com (DI CERBO, Francesco) Date: Fri, 23 Dec 2011 18:35:43 +0100 Subject: [Fiware-security] DBAnonymizer API 1st Draft Message-ID: <71C0C7C7A712EE4CA636EDFD663B4E270368D1454D@DEWDFECCR09.wdf.sap.corp> Dear All, Please find the 1st draft of DBAnonymizer API. It is obviously subject to changes! Merry Christmas to all of you! Francesco ___ Francesco Di Cerbo, PhD SAP Labs France 805, avenue Maurice Donat Font de l'Orme BP 1216 06250 Mougins Cedex France Tel. +33 4 92 28 64 45 e-mail: Francesco.Di.Cerbo at sap.com -------------- next part -------------- A non-text attachment was scrubbed... Name: dbanonymize-documentation-v1.doc Type: application/msword Size: 39424 bytes Desc: dbanonymize-documentation-v1.doc URL: