From JCA at zurich.ibm.com Fri Jul 1 10:36:50 2011 From: JCA at zurich.ibm.com (Jan Camenisch) Date: Fri, 1 Jul 2011 10:36:50 +0200 Subject: [Fiware-security] FI-WARE - WP6 Security issues (check & review) - Audio conf In-Reply-To: <18837_1309443914_4E0C874A_18837_5897_1_f2946bd5-25ce-4c41-8119-e1776af23209@THSONEA01HUB02P.one.grp> References: <2799_1309360849_4E0B42D1_2799_16951_1_48a10564-2320-4d8d-aa26-86061193b04c@THSONEA01HUB04P.one.grp> <5AD8F637-00D5-4C06-A5F3-E19826E321CB@zurich.ibm.com> <18837_1309443914_4E0C874A_18837_5897_1_f2946bd5-25ce-4c41-8119-e1776af23209@THSONEA01HUB02P.one.grp> Message-ID: <35C52DF3-0572-41C2-B478-C5F04C47FD58@zurich.ibm.com> Hej Daniel, and here an update version with some more security issues on WP6. (done with openoffice and change tracking, I hope the format works.) Best, Jan On 30.06.2011, at 16:25, GIDOIN Daniel wrote: > Thank Jan. I agree. We introduce it into the WP8 high-level document update. > > Daniel > > > > De : Jan Camenisch [mailto:JCA at zurich.ibm.com] > Envoy? : jeudi 30 juin 2011 13:58 > ? : GIDOIN Daniel > Cc : robert.seidl at nsn.com; Marton, Gabor (NSN - HU/Budapest); Antonio Garcia Vazquez; osb at zurich.ibm.com; Daniel Le Metayer; Wolfgang.Steigerwald at telekom.de; xavier.aghina at orange-ftgroup.com; EGAN Richard; slim.trabelsi at sap.com; Fiware-security at lists.fi-ware.eu; BISSON Pascal > Objet : Re: FI-WARE - WP6 Security issues (check & review) - Audio conf > > Hej, > > Here a paragraph for the question mark section for integration into the WP8 High-Level Document. > > Question Mark > The identity, trust, and privacy management component is concerned with authorization and authentication. This includes a (credential requirements) policy language to define with attributes (roles, identity, etc) and credentials are requested to grant access to a resources. It further include a (data handling) policy language that defines how the requested data (attributes, credentials,...) is handled and to whom it is passed on. Finally, it includes the means to release and verify such attributes and credentials. That raises three issues: > 1. The integration of the two policy languages into the access control system (e.g., XACML) of the FI-platform; > 2. The definition of the interfaces of the Generic Security Enabler; > 3. The integration of the different assets into components that realise the generic security enables interfaces. > > > Best, > Jan > > > > > On 29.06.2011, at 17:20, GIDOIN Daniel wrote: > > > Dear colleagues, > > Pascal had planned an audio conf in the middle of week. I apologize but I must to move it in next Tuesday from 2 pm till 4 pm. > This postponement is justified on one hand by unexpected strong constraints in my professional diary, on the other hand because we remain pending, Pascal and I, of numerous contributions (to refer to the last mails sent by Pascal and check if you are concerned). > > Of course, it is very important that the delays are respected and we count on the best efforts of every one for it > > Hearing from all action owners. > > Best Regards, > > Daniel > > > > > Dr. Jan Camenisch > Member, IBM Academy of Technology > IBM Research - Zurich > www.zurich.ibm.com/~jca > tel: +41 44 724 8279 > fax: +41 44 724 8953 > > http://twitter.com/#!/dtiIeynt_xreMi > Dr. Jan Camenisch Member, IBM Academy of Technology IBM Research - Zurich www.zurich.ibm.com/~jca tel: +41 44 724 8279 fax: +41 44 724 8953 http://twitter.com/#!/dtiIeynt_xreMi -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: FI-WARE-Security Issues WP6 - WP8 input document THA-ATOS-NSN v1.0.doc Type: application/msword Size: 40448 bytes Desc: not available URL: -------------- next part -------------- An HTML attachment was scrubbed... URL: From pascal.bisson at thalesgroup.com Fri Jul 1 18:02:48 2011 From: pascal.bisson at thalesgroup.com (BISSON Pascal) Date: Fri, 1 Jul 2011 18:02:48 +0200 Subject: [Fiware-security] FI-WARE - WP6 Security issues (check & review) - Audio conf In-Reply-To: <5AD8F637-00D5-4C06-A5F3-E19826E321CB@zurich.ibm.com> References: <2799_1309360849_4E0B42D1_2799_16951_1_48a10564-2320-4d8d-aa26-86061193b04c@THSONEA01HUB04P.one.grp> <5AD8F637-00D5-4C06-A5F3-E19826E321CB@zurich.ibm.com> Message-ID: <10868_1309536168_4E0DEFA8_10868_3988_1_df1af327-60a1-4800-ace9-ae5d7aa1ebd2@THSONEA01HUB01P.one.grp> Thanks Jan for this add-on will update the document accordingly. Regards, Pascal De : Jan Camenisch [mailto:JCA at zurich.ibm.com] Envoy? : jeudi 30 juin 2011 13:58 ? : GIDOIN Daniel Cc : robert.seidl at nsn.com; Marton, Gabor (NSN - HU/Budapest); Antonio Garcia Vazquez; osb at zurich.ibm.com; Daniel Le Metayer; Wolfgang.Steigerwald at telekom.de; xavier.aghina at orange-ftgroup.com; EGAN Richard; slim.trabelsi at sap.com; Fiware-security at lists.fi-ware.eu; BISSON Pascal Objet : Re: FI-WARE - WP6 Security issues (check & review) - Audio conf Hej, Here a paragraph for the question mark section for integration into the WP8 High-Level Document. Question Mark The identity, trust, and privacy management component is concerned with authorization and authentication. This includes a (credential requirements) policy language to define with attributes (roles, identity, etc) and credentials are requested to grant access to a resources. It further include a (data handling) policy language that defines how the requested data (attributes, credentials,...) is handled and to whom it is passed on. Finally, it includes the means to release and verify such attributes and credentials. That raises three issues: 1. The integration of the two policy languages into the access control system (e.g., XACML) of the FI-platform; 2. The definition of the interfaces of the Generic Security Enabler; 3. The integration of the different assets into components that realise the generic security enables interfaces. Best, Jan On 29.06.2011, at 17:20, GIDOIN Daniel wrote: Dear colleagues, Pascal had planned an audio conf in the middle of week. I apologize but I must to move it in next Tuesday from 2 pm till 4 pm. This postponement is justified on one hand by unexpected strong constraints in my professional diary, on the other hand because we remain pending, Pascal and I, of numerous contributions (to refer to the last mails sent by Pascal and check if you are concerned). Of course, it is very important that the delays are respected and we count on the best efforts of every one for it Hearing from all action owners. Best Regards, Daniel Dr. Jan Camenisch Member, IBM Academy of Technology IBM Research - Zurich www.zurich.ibm.com/~jca tel: +41 44 724 8279 fax: +41 44 724 8953 http://twitter.com/#!/dtiIeynt_xreMi -------------- next part -------------- An HTML attachment was scrubbed... URL: From daniel.gidoin at thalesgroup.com Fri Jul 1 18:24:39 2011 From: daniel.gidoin at thalesgroup.com (GIDOIN Daniel) Date: Fri, 1 Jul 2011 18:24:39 +0200 Subject: [Fiware-security] FI-WARE - WP6 Security issues (check & review) - Audio conf In-Reply-To: <35C52DF3-0572-41C2-B478-C5F04C47FD58@zurich.ibm.com> References: <2799_1309360849_4E0B42D1_2799_16951_1_48a10564-2320-4d8d-aa26-86061193b04c@THSONEA01HUB04P.one.grp> <5AD8F637-00D5-4C06-A5F3-E19826E321CB@zurich.ibm.com> <18837_1309443914_4E0C874A_18837_5897_1_f2946bd5-25ce-4c41-8119-e1776af23209@THSONEA01HUB02P.one.grp> <35C52DF3-0572-41C2-B478-C5F04C47FD58@zurich.ibm.com> Message-ID: <30300_1309537484_4E0DF4CC_30300_3986_1_e7cef892-7092-4639-aacf-fb65adaf3cda@THSONEA01HUB04P.one.grp> Thank a lot. Daniel De : Jan Camenisch [mailto:JCA at zurich.ibm.com] Envoy? : vendredi 1 juillet 2011 10:37 ? : GIDOIN Daniel Cc : robert.seidl at nsn.com; Marton, Gabor (NSN - HU/Budapest); Antonio Garcia Vazquez; osb at zurich.ibm.com; Daniel Le Metayer; Wolfgang.Steigerwald at telekom.de; xavier.aghina at orange-ftgroup.com; EGAN Richard; slim.trabelsi at sap.com; Fiware-security at lists.fi-ware.eu; BISSON Pascal Objet : Re: FI-WARE - WP6 Security issues (check & review) - Audio conf Hej Daniel, and here an update version with some more security issues on WP6. (done with openoffice and change tracking, I hope the format works.) Best, Jan -------------- next part -------------- An HTML attachment was scrubbed... URL: From pascal.bisson at thalesgroup.com Fri Jul 1 18:27:16 2011 From: pascal.bisson at thalesgroup.com (BISSON Pascal) Date: Fri, 1 Jul 2011 18:27:16 +0200 Subject: [Fiware-security] FI-WARE - Security issues identified in WP7 input doc. In-Reply-To: References: <2983_1309275528_4E09F588_2983_13738_1_3f074002-d809-48c8-8ef3-bead11d46724@THSONEA01HUB01P.one.grp> Message-ID: <30300_1309537634_4E0DF562_30300_4049_1_CBBCD6C304123F4AB23FAAE3055C8C0E02014B2D433F@THSONEA01CMS04P.one.grp> Hi Wolfgang, Many thanks for your document on Security issues you derived from WP7. I check/review and we will discuss at our next audio conf (next Tuesday - will sent details to the mailing list) Keep you posted. Regards, Pascal De : Wolfgang.Steigerwald at telekom.de [mailto:Wolfgang.Steigerwald at telekom.de] Envoy? : jeudi 30 juin 2011 16:29 ? : BISSON Pascal Cc : jpv at tid.es; Fiware-security at lists.fi-ware.eu Objet : AW: FI-WARE - Security issues identified in WP7 input doc. Hello Pascal, find attached the security issues which I have extracted from the WP7 document. Best regards / Mit freundlichen Gr??en Wolfgang Deutsche Telekom AG T-Labs (Research & Development) Wolfgang Steigerwald Winterfeldtstra?e 21, 10781 Berlin +49 30 8353 54287 (Tel.) +49 171 5664350 (Mobil) E-Mail: wolfgang.steigerwald at telekom.de www.telekom.com Erleben, was verbindet. Deutsche Telekom AG Aufsichtsrat: Prof. Dr. Ulrich Lehner (Vorsitzender) Vorstand: Ren? Obermann (Vorsitzender), Dr. Manfred Balz, Reinhard Clemens, Niek Jan van Damme, Timotheus H?ttges, Edward R. Kozel, Thomas Sattelberger Handelsregister: Amtsgericht Bonn HRB 6794 Sitz der Gesellschaft Bonn WEEE-Reg.-Nr. DE50478376 Gro?e Ver?nderungen fangen klein an - Ressourcen schonen und nicht jede E-Mail drucken. ________________________________ Von: BISSON Pascal [mailto:pascal.bisson at thalesgroup.com] Gesendet: Dienstag, 28. Juni 2011 17:39 An: Steigerwald, Wolfgang Cc: BISSON Pascal; JULIAN PEREZ VILA; GIDOIN Daniel; LELEU Philippe Betreff: FI-WARE - Security issues identified in WP7 input doc. Wichtigkeit: Hoch Dear Wolfgang, Could you please urgently send me (cc Daniel and the mailing list) the security issues you identified and also text you (and appointed WP8 colleagues - aka Julian - to monitor WP7 activities ) proposed to be inserted by WP7. As for the rest would be nice to have it discussed and agreed at our next WP8 audio conf before having it discussed and finally agreed by both WP7 & WP8 (WP7 doing the insertion of joint text agreed). To speed up things please enter discussion with your colleagues involved in WP7. Hearing from you. Best Regards, Pascal -------------- next part -------------- An HTML attachment was scrubbed... URL: From pascal.bisson at thalesgroup.com Fri Jul 1 18:30:35 2011 From: pascal.bisson at thalesgroup.com (BISSON Pascal) Date: Fri, 1 Jul 2011 18:30:35 +0200 Subject: [Fiware-security] FI-WARE - WP6 Security issues (check & review) In-Reply-To: <7C4B894F-5051-431A-9631-F173CD01D420@inria.fr> References: <2983_1309266444_4E09D20B_2983_5706_1_3933b54c-cca4-4fdd-a175-9260b595fad8@THSONEA01HUB06P.one.grp> <7C4B894F-5051-431A-9631-F173CD01D420@inria.fr> Message-ID: <30300_1309537834_4E0DF62A_30300_4103_1_d414229f-4f6b-4b39-b62b-6d31927a84ce@THSONEA01HUB06P.one.grp> Thanks Olivier for your check and completion. As other input document it would be discussed at our next audio conf (05/07/11 - details will follow) Regards, Pscal De : Olivier Festor [mailto:Olivier.Festor at inria.fr] Envoy? : jeudi 30 juin 2011 17:20 ? : BISSON Pascal Cc : robert.seidl at nsn.com; Marton, Gabor (NSN - HU/Budapest); Antonio Garcia Vazquez; Jan Camenisch; osb at zurich.ibm.com; Daniel Le Metayer; Wolfgang.Steigerwald at telekom.de; xavier.aghina at orange-ftgroup.com; EGAN Richard; slim.trabelsi at sap.com; Fiware-security at lists.fi-ware.eu Objet : Re: [Fiware-security] FI-WARE - WP6 Security issues (check & review) Dear Pascal I have added 2 issues linked to our expertise in fuzzing regarding input data/events sanitization/tracing/validation. The updated list is attached to the mail. Best Regards -------------- next part -------------- An HTML attachment was scrubbed... URL: From slim.trabelsi at sap.com Fri Jul 1 19:03:44 2011 From: slim.trabelsi at sap.com (TRABELSI, Slim) Date: Fri, 1 Jul 2011 19:03:44 +0200 Subject: [Fiware-security] FI-WARE - WP8 URGENT - Security issues identified from WP3 In-Reply-To: <14748_1309331367_4E0ACFA7_14748_11305_1_149ad176-741e-493c-9e30-08ad045f336c@THSONEA01HUB06P.one.grp> References: <20095_1309275852_4E09F6CC_20095_13419_1_c8babd93-1ceb-47a4-b756-956848e32161@THSONEA01HUB06P.one.grp> <14748_1309331367_4E0ACFA7_14748_11305_1_149ad176-741e-493c-9e30-08ad045f336c@THSONEA01HUB06P.one.grp> Message-ID: Hi Pascal, Here is the list of security issues related to WP3. I had a discussion with my colleagues working in this WP, they were really enthusiastic about our security analysis. We will have a meeting next week to refine this list and integrated to their deliverable. Sorry again for this late contribution. Thank you Best regards Slim From: BISSON Pascal [mailto:pascal.bisson at thalesgroup.com] Sent: mercredi 29 juin 2011 09:09 To: TRABELSI, Slim Cc: GIDOIN Daniel; BISSON Pascal Subject: RE: FI-WARE - WP8 URGENT - Security issues identified from WP3 Dear Slim, Deadline as per last WP8 audio conf minutes was set to 27/06/11 to have a document at WP8 to be discussed with WP3 on the 28-29 in order to have something on which we can agree from both sides (WP3&WP8) by 30/06/11 or 1/7/11 at the latest. Counting on you to catch up on time. Regards, Pasca De : TRABELSI, Slim [mailto:slim.trabelsi at sap.com] Envoy? : mardi 28 juin 2011 18:37 ? : BISSON Pascal Objet : RE: FI-WARE - WP8 URGENT - Security issues identified from WP3 Hi Pascal, When is the dead-line for this list ? Thank you Regards Slim From: BISSON Pascal [mailto:pascal.bisson at thalesgroup.com] Sent: mardi 28 juin 2011 17:44 To: TRABELSI, Slim Cc: GIDOIN Daniel; BISSON Pascal Subject: FI-WARE - WP8 URGENT - Security issues identified from WP3 Importance: High Dear Slim, Could you please urgently send me (cc Daniel and the mailing list) the security issues you identified and also text you (and appointed WP8 colleagues - aka Daniel & I - to monitor WP3 activities ) proposed to be inserted by WP3. As for the rest we would it discussed it and agreed on it at our next WP8 audio conf before having it discussed and finally agreed by both WP3 & WP8 (WP3 doing the insertion of joint text agreed). In the meantime and to speed up things please enter discussions if not done already with your colleague involved in /leading WP3 to come check and come up with an agreement on what to insert. Hearing from you. Best Regards, Pascal -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: WP3 - Security requirements.docx Type: application/vnd.openxmlformats-officedocument.wordprocessingml.document Size: 18303 bytes Desc: WP3 - Security requirements.docx URL: From pascal.bisson at thalesgroup.com Fri Jul 1 19:08:30 2011 From: pascal.bisson at thalesgroup.com (BISSON Pascal) Date: Fri, 1 Jul 2011 19:08:30 +0200 Subject: [Fiware-security] FI-WARE - WP8 URGENT - Security issues identified from WP3 In-Reply-To: References: <20095_1309275852_4E09F6CC_20095_13419_1_c8babd93-1ceb-47a4-b756-956848e32161@THSONEA01HUB06P.one.grp> <14748_1309331367_4E0ACFA7_14748_11305_1_149ad176-741e-493c-9e30-08ad045f336c@THSONEA01HUB06P.one.grp> Message-ID: <1885_1309540109_4E0DFF0D_1885_19802_1_cc632c30-4dde-474e-91bf-69f5c47f2c13@THSONEA01HUB02P.one.grp> Many thanks Slim for your contribution regarding Security issues you identified. To be further discuss at our next audio conf 05/07/2011 - (if you can't make please let me if someone associated to production of this document will replace you ) Hearing from you. Regards, Pascal De : TRABELSI, Slim [mailto:slim.trabelsi at sap.com] Envoy? : vendredi 1 juillet 2011 19:04 ? : BISSON Pascal Cc : GIDOIN Daniel; Fiware-security at lists.fi-ware.eu Objet : RE: FI-WARE - WP8 URGENT - Security issues identified from WP3 Hi Pascal, Here is the list of security issues related to WP3. I had a discussion with my colleagues working in this WP, they were really enthusiastic about our security analysis. We will have a meeting next week to refine this list and integrated to their deliverable. Sorry again for this late contribution. Thank you Best regards Slim From: BISSON Pascal [mailto:pascal.bisson at thalesgroup.com] Sent: mercredi 29 juin 2011 09:09 To: TRABELSI, Slim Cc: GIDOIN Daniel; BISSON Pascal Subject: RE: FI-WARE - WP8 URGENT - Security issues identified from WP3 Dear Slim, Deadline as per last WP8 audio conf minutes was set to 27/06/11 to have a document at WP8 to be discussed with WP3 on the 28-29 in order to have something on which we can agree from both sides (WP3&WP8) by 30/06/11 or 1/7/11 at the latest. Counting on you to catch up on time. Regards, Pasca De : TRABELSI, Slim [mailto:slim.trabelsi at sap.com] Envoy? : mardi 28 juin 2011 18:37 ? : BISSON Pascal Objet : RE: FI-WARE - WP8 URGENT - Security issues identified from WP3 Hi Pascal, When is the dead-line for this list ? Thank you Regards Slim From: BISSON Pascal [mailto:pascal.bisson at thalesgroup.com] Sent: mardi 28 juin 2011 17:44 To: TRABELSI, Slim Cc: GIDOIN Daniel; BISSON Pascal Subject: FI-WARE - WP8 URGENT - Security issues identified from WP3 Importance: High Dear Slim, Could you please urgently send me (cc Daniel and the mailing list) the security issues you identified and also text you (and appointed WP8 colleagues - aka Daniel & I - to monitor WP3 activities ) proposed to be inserted by WP3. As for the rest we would it discussed it and agreed on it at our next WP8 audio conf before having it discussed and finally agreed by both WP3 & WP8 (WP3 doing the insertion of joint text agreed). In the meantime and to speed up things please enter discussions if not done already with your colleague involved in /leading WP3 to come check and come up with an agreement on what to insert. Hearing from you. Best Regards, Pascal -------------- next part -------------- An HTML attachment was scrubbed... URL: From pascal.bisson at thalesgroup.com Fri Jul 1 22:36:43 2011 From: pascal.bisson at thalesgroup.com (BISSON Pascal) Date: Fri, 1 Jul 2011 22:36:43 +0200 Subject: [Fiware-security] FI-WARE - Security AT - Audio conf announcemnt (05/07/11) & details [11:30am-1pm] Message-ID: <10868_1309552601_4E0E2FD9_10868_7727_1_f607b212-b24b-468e-9263-7ebc59fe8099@THSONEA01HUB01P.one.grp> Dear All, Being said there was no audio conf this week and that we have to finalize our WP8 work for M2 deliverable, let me inform you that our next WP8 audio conf will be next Tuesday so 05/07/11 starting at 11:30am till 1pm(max). As usual counting on you to make it and if you can't please find a replacement and provide me with his/her name. On the Agenda: ? Review of Security issues identified by appointed members of this team to monitor other TWPs (WP3,WP4,WP5,WP6 & WP7)/ATs. Please check prior to this audio those issues and text which have been proposed for integration. o Here I would urge Xavier (FT-Orange) and Richard (TRT-UK) to send me/us prior to our audio their consolidated document for what concerns Security issues identified within WP5 (IoT). ? Review of latest changes performed to WP8 contrib to M2 ? Report on interaction with WP2 and other WPs for what concerns integration of the various WP8 contribs. ? Others: o Report on last virtual AB o Status of ongoing paper for ServiceWave 2011 o ... o Next audio-conf. Here are the details to join: Meeting room number: 391581 LocalConnect number to join: Australia Australia Toll Free 1800 005 574 Australia Sydney +61 (0) 282 239 767 Austria Vienna +43 (0) 2682 205 6609 Belgium Brussels +32 (0) 2 789 8678 Denmark Copenhagen +45 3271 4340 Finland Helsinki +358 (0) 923 142 830 France Lyon +33 (0) 426 840 285 France Marseille +33 (0) 488 915 385 France Paris +33 (0) 170 994 816 Germany Berlin +49 (0) 3072 616 7342 Germany D?sseldorf +49 (0) 2115 407 3902 Germany Frankfurt +49 (0) 6971 044 5635 Germany Hamburg +49 (0) 4080 902 0684 Germany Munich +49 (0) 8924 443 2893 Germany Stuttgart +49 (0) 7111 856 2130 Hong Kong Hong Kong +852 301 145 59 Hungary Budapest +36 (06) 1-889-3286 Ireland Dublin +353 (0) 14 860 780 Israel Israel Toll Free 1809 245 981 Italy Milan +39 0 230 413 017 Italy Rome +39 0 645 217 056 Italy Turin +39 0 112 179 2159 Japan Japan Toll Free 005 311 212 65 Japan Tokyo +81 (0) 357 675 025 Korea, Republic Of Seoul +82 (0) 234 831 224 Luxembourg Luxemburg City +352 2700 41 42 Malaysia Kuala Lumpur +60 (0) 377 124 640 Netherlands Amsterdam +31 (0) 207 948 529 New Zealand Auckland +64 (0) 9 919 2428 Norway Oslo +47 2153 3919 Poland Poland Toll Free 0080 0121 1304 Portugal Portugal Toll Free 800 814 183 Russia Russia Toll Free 81080 02209 4011 Singapore Singapore +65 6622 1068 Spain Barcelona +34 93 492 3235 Spain Madrid +34 91 788 9908 Sweden Stockholm +46 (0) 850 520 145 Switzerland Geneva +41 (0) 225 927 428 United Kingdom Birmingham +44 (0) 121 260 4686 United Kingdom London +44 (0) 207 153 9902 United Kingdom Manchester +44 (0) 161 250 0679 United States USA & Canada Toll Free 1888 249 0050 United States USA Toll +1 954 334 1559 -------------- next part -------------- An HTML attachment was scrubbed... URL: From slim.trabelsi at sap.com Mon Jul 4 18:23:57 2011 From: slim.trabelsi at sap.com (TRABELSI, Slim) Date: Mon, 4 Jul 2011 18:23:57 +0200 Subject: [Fiware-security] FI-WARE - WP8 URGENT - Security issues identified from WP3 In-Reply-To: <1885_1309540109_4E0DFF0D_1885_19802_1_cc632c30-4dde-474e-91bf-69f5c47f2c13@THSONEA01HUB02P.one.grp> References: <20095_1309275852_4E09F6CC_20095_13419_1_c8babd93-1ceb-47a4-b756-956848e32161@THSONEA01HUB06P.one.grp> <14748_1309331367_4E0ACFA7_14748_11305_1_149ad176-741e-493c-9e30-08ad045f336c@THSONEA01HUB06P.one.grp> <1885_1309540109_4E0DFF0D_1885_19802_1_cc632c30-4dde-474e-91bf-69f5c47f2c13@THSONEA01HUB02P.one.grp> Message-ID: Hi Pascal, As announced I will not be able to join the call tomorrow because I will be on an SAP internal event in Germany, all SAP research will be there, so no one can replace me for this call. Thank you Regards Slim From: BISSON Pascal [mailto:pascal.bisson at thalesgroup.com] Sent: vendredi 1 juillet 2011 19:09 To: TRABELSI, Slim Cc: GIDOIN Daniel; Fiware-security at lists.fi-ware.eu Subject: RE: FI-WARE - WP8 URGENT - Security issues identified from WP3 Many thanks Slim for your contribution regarding Security issues you identified. To be further discuss at our next audio conf 05/07/2011 - (if you can't make please let me if someone associated to production of this document will replace you ) Hearing from you. Regards, Pascal De : TRABELSI, Slim [mailto:slim.trabelsi at sap.com] Envoy? : vendredi 1 juillet 2011 19:04 ? : BISSON Pascal Cc : GIDOIN Daniel; Fiware-security at lists.fi-ware.eu Objet : RE: FI-WARE - WP8 URGENT - Security issues identified from WP3 Hi Pascal, Here is the list of security issues related to WP3. I had a discussion with my colleagues working in this WP, they were really enthusiastic about our security analysis. We will have a meeting next week to refine this list and integrated to their deliverable. Sorry again for this late contribution. Thank you Best regards Slim From: BISSON Pascal [mailto:pascal.bisson at thalesgroup.com] Sent: mercredi 29 juin 2011 09:09 To: TRABELSI, Slim Cc: GIDOIN Daniel; BISSON Pascal Subject: RE: FI-WARE - WP8 URGENT - Security issues identified from WP3 Dear Slim, Deadline as per last WP8 audio conf minutes was set to 27/06/11 to have a document at WP8 to be discussed with WP3 on the 28-29 in order to have something on which we can agree from both sides (WP3&WP8) by 30/06/11 or 1/7/11 at the latest. Counting on you to catch up on time. Regards, Pasca De : TRABELSI, Slim [mailto:slim.trabelsi at sap.com] Envoy? : mardi 28 juin 2011 18:37 ? : BISSON Pascal Objet : RE: FI-WARE - WP8 URGENT - Security issues identified from WP3 Hi Pascal, When is the dead-line for this list ? Thank you Regards Slim From: BISSON Pascal [mailto:pascal.bisson at thalesgroup.com] Sent: mardi 28 juin 2011 17:44 To: TRABELSI, Slim Cc: GIDOIN Daniel; BISSON Pascal Subject: FI-WARE - WP8 URGENT - Security issues identified from WP3 Importance: High Dear Slim, Could you please urgently send me (cc Daniel and the mailing list) the security issues you identified and also text you (and appointed WP8 colleagues - aka Daniel & I - to monitor WP3 activities ) proposed to be inserted by WP3. As for the rest we would it discussed it and agreed on it at our next WP8 audio conf before having it discussed and finally agreed by both WP3 & WP8 (WP3 doing the insertion of joint text agreed). In the meantime and to speed up things please enter discussions if not done already with your colleague involved in /leading WP3 to come check and come up with an agreement on what to insert. Hearing from you. Best Regards, Pascal -------------- next part -------------- An HTML attachment was scrubbed... URL: From pascal.bisson at thalesgroup.com Tue Jul 5 09:34:41 2011 From: pascal.bisson at thalesgroup.com (BISSON Pascal) Date: Tue, 5 Jul 2011 09:34:41 +0200 Subject: [Fiware-security] FI-WARE - WP8 URGENT - Security issues identified from WP3 In-Reply-To: References: <20095_1309275852_4E09F6CC_20095_13419_1_c8babd93-1ceb-47a4-b756-956848e32161@THSONEA01HUB06P.one.grp> <14748_1309331367_4E0ACFA7_14748_11305_1_149ad176-741e-493c-9e30-08ad045f336c@THSONEA01HUB06P.one.grp> <1885_1309540109_4E0DFF0D_1885_19802_1_cc632c30-4dde-474e-91bf-69f5c47f2c13@THSONEA01HUB02P.one.grp> Message-ID: <21166_1309851275_4E12BE8B_21166_7845_1_9b1ae4aa-5e2d-4b42-bd30-47c493898e4d@THSONEA01HUB06P.one.grp> Ok fine being said you sent us your contrib. De : TRABELSI, Slim [mailto:slim.trabelsi at sap.com] Envoy? : lundi 4 juillet 2011 18:24 ? : BISSON Pascal Cc : GIDOIN Daniel; Fiware-security at lists.fi-ware.eu Objet : RE: FI-WARE - WP8 URGENT - Security issues identified from WP3 Hi Pascal, As announced I will not be able to join the call tomorrow because I will be on an SAP internal event in Germany, all SAP research will be there, so no one can replace me for this call. Thank you Regards Slimcase From: BISSON Pascal [mailto:pascal.bisson at thalesgroup.com] Sent: vendredi 1 juillet 2011 19:09 To: TRABELSI, Slim Cc: GIDOIN Daniel; Fiware-security at lists.fi-ware.eu Subject: RE: FI-WARE - WP8 URGENT - Security issues identified from WP3 Many thanks Slim for your contribution regarding Security issues you identified. To be further discuss at our next audio conf 05/07/2011 - (if you can't make please let me if someone associated to production of this document will replace you ) Hearing from you. Regards, Pascal De : TRABELSI, Slim [mailto:slim.trabelsi at sap.com] Envoy? : vendredi 1 juillet 2011 19:04 ? : BISSON Pascal Cc : GIDOIN Daniel; Fiware-security at lists.fi-ware.eu Objet : RE: FI-WARE - WP8 URGENT - Security issues identified from WP3 Hi Pascal, Here is the list of security issues related to WP3. I had a discussion with my colleagues working in this WP, they were really enthusiastic about our security analysis. We will have a meeting next week to refine this list and integrated to their deliverable. Sorry again for this late contribution. Thank you Best regards Slim From: BISSON Pascal [mailto:pascal.bisson at thalesgroup.com] Sent: mercredi 29 juin 2011 09:09 To: TRABELSI, Slim Cc: GIDOIN Daniel; BISSON Pascal Subject: RE: FI-WARE - WP8 URGENT - Security issues identified from WP3 Dear Slim, Deadline as per last WP8 audio conf minutes was set to 27/06/11 to have a document at WP8 to be discussed with WP3 on the 28-29 in order to have something on which we can agree from both sides (WP3&WP8) by 30/06/11 or 1/7/11 at the latest. Counting on you to catch up on time. Regards, Pasca De : TRABELSI, Slim [mailto:slim.trabelsi at sap.com] Envoy? : mardi 28 juin 2011 18:37 ? : BISSON Pascal Objet : RE: FI-WARE - WP8 URGENT - Security issues identified from WP3 Hi Pascal, When is the dead-line for this list ? Thank you Regards Slim From: BISSON Pascal [mailto:pascal.bisson at thalesgroup.com] Sent: mardi 28 juin 2011 17:44 To: TRABELSI, Slim Cc: GIDOIN Daniel; BISSON Pascal Subject: FI-WARE - WP8 URGENT - Security issues identified from WP3 Importance: High Dear Slim, Could you please urgently send me (cc Daniel and the mailing list) the security issues you identified and also text you (and appointed WP8 colleagues - aka Daniel & I - to monitor WP3 activities ) proposed to be inserted by WP3. As for the rest we would it discussed it and agreed on it at our next WP8 audio conf before having it discussed and finally agreed by both WP3 & WP8 (WP3 doing the insertion of joint text agreed). In the meantime and to speed up things please enter discussions if not done already with your colleague involved in /leading WP3 to come check and come up with an agreement on what to insert. Hearing from you. Best Regards, Pascal -------------- next part -------------- An HTML attachment was scrubbed... URL: From pascal.bisson at thalesgroup.com Tue Jul 5 12:13:36 2011 From: pascal.bisson at thalesgroup.com (BISSON Pascal) Date: Tue, 5 Jul 2011 12:13:36 +0200 Subject: [Fiware-security] TR: Next Fi-ware meeting Message-ID: <21011_1309860818_4E12E3D2_21011_4428_3_CBBCD6C304123F4AB23FAAE3055C8C0E02014B373CA5@THSONEA01CMS04P.one.grp> FYI So we would have to cancel the meeting we had planned so far at SAP in Sophia Antipolis on 14/09/11 Regards, Pascal De : fiware-bounces at lists.fi-ware.eu [mailto:fiware-bounces at lists.fi-ware.eu] De la part de JOSE JIMENEZ DELGADO Envoy? : lundi 4 juillet 2011 08:50 ? : 'fiware at lists.fi-ware.eu' Objet : [Fiware] Next Fi-ware meeting Dear all Next meeting of Fi-ware shall take place in Turin from 13 September (from 14:00 CET) to 16 September (ends at 15:00 CET). We would like to thank Telecom Italy and particularly Pierangelo for providing the facilities. He would provide extra information in case it is needed. Best regards ---- Jose Jimenez Telefonica I+D jimenez at tid.es tf +34 91 4832660 ________________________________ Este mensaje se dirige exclusivamente a su destinatario. Puede consultar nuestra pol?tica de env?o y recepci?n de correo electr?nico en el enlace situado m?s abajo. This message is intended exclusively for its addressee. We only send and receive email on the basis of the terms set out at. http://www.tid.es/ES/PAGINAS/disclaimer.aspx -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- An embedded and charset-unspecified text was scrubbed... Name: ATT00001.txt URL: From Richard.Egan at thalesgroup.com Tue Jul 5 12:59:54 2011 From: Richard.Egan at thalesgroup.com (Egan, Richard ) Date: Tue, 5 Jul 2011 11:59:54 +0100 Subject: [Fiware-security] FIWARE: update to WP5-WP8 Security issues Message-ID: <28665_1309863601_4E12EEB1_28665_19316_1_B90E0206899B3442BB5B86F32CADFFA423A645@nts013.uk.trt.thales> Pascal, I checked the latest version of the WP5 (IoT) document (V0.9) that I could find and slightly updated the extraction of security issues in the document below (you can delete V0.1 from the repository now). https://forge.fi-ware.eu/docman/view.php/19/228/FI-WARE-Security+Issues+WP5+ -+WP8+input+document+v0.2.doc I will contact Xavier (Orange) now and ask him to also comment. Richard Please consider the environment before printing a hard copy of this e-mail. The information contained in this e-mail is confidential. It is intended only for the stated addressee(s) and access to it by any other person is unauthorised. If you are not an addressee, you must not disclose, copy, circulate or in any other way use or rely on the information contained in this e-mail. Such unauthorised use may be unlawful. If you have received this e-mail in error, please inform us immediately on +44 (0)118 986 8601 and delete it and all copies from your system. Thales Research and Technology (UK) Limited. A company registered in England and Wales. Registered Office: 2 Dashwood Lang Road, The Bourne Business Park, Addlestone, Weybridge, Surrey KT15 2NX. Registered Number: 774298 Thales UK Limited. A company registered in England and Wales. Registered Office: 2 Dashwood Lang Road, The Bourne Business Park, Addlestone, Weybridge, Surrey KT15 2NX. Registered Number: 868273 -------------- next part -------------- An HTML attachment was scrubbed... URL: From pascal.bisson at thalesgroup.com Tue Jul 5 13:03:01 2011 From: pascal.bisson at thalesgroup.com (BISSON Pascal) Date: Tue, 5 Jul 2011 13:03:01 +0200 Subject: [Fiware-security] FIWARE: update to WP5-WP8 Security issues In-Reply-To: References: Message-ID: <28665_1309863785_4E12EF69_28665_19429_1_e5661674-628e-492b-a56b-4722b8df0903@THSONEA01HUB05P.one.grp> Many Thanks. @Xavier counting on you to check/complete and team with Richard and send me by EOB today consolidated version on which you have agreement and that I could send on our WP8 behalf to WP5 lead (Thierry ..) Regards, Pascal De : Egan, Richard [mailto:Richard.Egan at thalesgroup.com] Envoy? : mardi 5 juillet 2011 13:00 ? : BISSON Pascal Cc : Fiware-Security (fiware-security at lists.fi-ware.eu) Objet : FIWARE: update to WP5-WP8 Security issues Pascal, I checked the latest version of the WP5 (IoT) document (V0.9) that I could find and slightly updated the extraction of security issues in the document below (you can delete V0.1 from the repository now). https://forge.fi-ware.eu/docman/view.php/19/228/FI-WARE-Security+Issues+WP5+-+WP8+input+document+v0.2.doc I will contact Xavier (Orange) now and ask him to also comment. Richard Please consider the environment before printing a hard copy of this e-mail. The information contained in this e-mail is confidential. It is intended only for the stated addressee(s) and access to it by any other person is unauthorised. If you are not an addressee, you must not disclose, copy, circulate or in any other way use or rely on the information contained in this e-mail. Such unauthorised use may be unlawful. If you have received this e-mail in error, please inform us immediately on +44 (0)118 986 8601 and delete it and all copies from your system. Thales Research and Technology (UK) Limited. A company registered in England and Wales. Registered Office: 2 Dashwood Lang Road, The Bourne Business Park, Addlestone, Weybridge, Surrey KT15 2NX. Registered Number: 774298 Thales UK Limited. A company registered in England and Wales. Registered Office: 2 Dashwood Lang Road, The Bourne Business Park, Addlestone, Weybridge, Surrey KT15 2NX. Registered Number: 868273 -------------- next part -------------- An HTML attachment was scrubbed... URL: From pascal.bisson at thalesgroup.com Fri Jul 8 09:35:44 2011 From: pascal.bisson at thalesgroup.com (BISSON Pascal) Date: Fri, 8 Jul 2011 09:35:44 +0200 Subject: [Fiware-security] TR: [Fiware-wpl] Status of FI-WARE High-level Description Deliverable Message-ID: <20069_1310110545_4E16B351_20069_11549_1_CBBCD6C304123F4AB23FAAE3055C8C0E02014B4242D1@THSONEA01CMS04P.one.grp> FYI Don't forge tour weekly audio conf of today to discuss things (even briefly) To join our audio conf of today please use the phone details of the previous one (there are still the same !) -----Message d'origine----- De?: fiware-wpl-bounces at lists.fi-ware.eu [mailto:fiware-wpl-bounces at lists.fi-ware.eu] De la part de Juanjo Hierro Envoy??: mercredi 6 juillet 2011 09:47 ??: fiware-wpl at lists.fi-ware.eu; fiware-wpa at lists.fi-ware.eu; fiware at lists.fi-ware.eu Objet?: [Fiware-wpl] Status of FI-WARE High-level Description Deliverable Hi all, Just an update on this. I managed to generate an integrated draft with all the revised chapters. I would uploaded it, as well as each of the individual chapter files to the FusionForge ... but suddenly it has fallen :-) We are fixing this and I hope FusionForge will be soon up and running. I'm not sending the document into an attachment because the .pdf file is more than 5 Mb and the .doc is more than 10 Mb ... So we'll have to wait until I can upload it and pass you the link. At this point, I would kindly ask you to consider that ALL chapters are in pending status. This is mainly because I made a lot of a adjustments in the formats and I would like that you continue working from this newly formatted versions. Besides, one of the editorial changes that I made was to transform each Architecture chapter into an actual chapter within the document. This decision implied that all section headers go a level higher. However, for a document 227 pages long (yes, believe me :-) it didn't make so much sense to keep 90% of its contents in just one single page. Let me take this opportunity to give you my congratulations for the great job that WPLs and WP teams have done. Honestly speaking, I believe the produced material is of high quality, overall considering we have managed to produce such a comprehensive and complete picture in just two months !! One thought comes to my mind when I read the document (and hopefully when others will read it as well): If we managed to deliver a platform that implements all these functionalities and does this in an integrated manner, we would have something big which actually can make an impact. Something nobody has today on the Internet even Google. May not be "rocket science" but I tell you that we would be giving something rather powerful for Application Developers today. Something, as said before, nobody is giving them in such an integrated way. Please remember that this is our first integrated draft. Now, we should organize a number of peer reviews and have to continue working in everything that was pending as to be able to deliver a final official release by mid July. I'll send a plan this afternoon to all WPLs. Best regards, -- Juanjo Este mensaje se dirige exclusivamente a su destinatario. Puede consultar nuestra pol?tica de env?o y recepci?n de correo electr?nico en el enlace situado m?s abajo. This message is intended exclusively for its addressee. We only send and receive email on the basis of the terms set out at. http://www.tid.es/ES/PAGINAS/disclaimer.aspx -------------- next part -------------- A non-text attachment was scrubbed... Name: jhierro.vcf Type: text/x-vcard Size: 443 bytes Desc: jhierro.vcf URL: -------------- next part -------------- An embedded and charset-unspecified text was scrubbed... Name: ATT00001.txt URL: From pascal.bisson at thalesgroup.com Fri Jul 8 09:41:28 2011 From: pascal.bisson at thalesgroup.com (BISSON Pascal) Date: Fri, 8 Jul 2011 09:41:28 +0200 Subject: [Fiware-security] TR: [Fiware-data] Fwd: DRAFT of FI-WARE High-level Description deliverable available Message-ID: <18617_1310110890_4E16B4AA_18617_11009_1_CBBCD6C304123F4AB23FAAE3055C8C0E02014B4242F8@THSONEA01CMS04P.one.grp> FYI De : fiware-data-bounces at lists.fi-ware.eu [mailto:fiware-data-bounces at lists.fi-ware.eu] De la part de Juanjo Hierro Envoy? : mercredi 6 juillet 2011 10:58 ? : fiware-wpl at lists.fi-ware.eu; fiware-wpa at lists.fi-ware.eu; fiware at lists.fi-ware.eu Objet : [Fiware-data] Fwd: DRAFT of FI-WARE High-level Description deliverable available FYI, -- Juanjo -------- Original Message -------- Subject: DRAFT of FI-WARE High-level Description deliverable available Date: Wed, 06 Jul 2011 10:57:49 +0200 From: Juanjo Hierro To: ab at fi-ppp.eu Dear colleagues, I'm proud to announce the delivery of the integrated draft of the FI-WARE High-level Description document (product vision) You can download it from the following URL: https://forge.fi-ware.eu/docman/view.php/7/232/FI-WARE+High-Level+Description+integrated+draft+0.1+11-07-06.pdf Note that this is still a draft. We plan to deliver the first official release of this deliverable by mid July. However, you will notice that there is a lot of content already that would allow you to get a rather accurate idea of what we intend to deliver. Indeed, we will mainly devoted to perform some fine-tuning and cover some small gaps in order to produce the final deliverable from the current draft. We will have the opportunity to present the FI-WARE High-level Description during our f2f meeting next week in Madrid. It would be great if you can make a first reading of the document before the meeting and provide some early feedback. Of course, I understand it can only be very early feedback. I hope you have time for this first reading during the coming days. This document should not be disclosed outside the PPP program. Note that the first release (in no more than 15 days) will be available to the general public. Let me finish sharing with you that I rather believe that what we plan to deliver in FI-WARE may achieve a great impact. If we manage to deliver a platform that implements all the described functionalities and does this in such an integrated manner, we would be delivering something nobody offers today on the Internet (even Google). And it would we something rather powerful for Application Developers today. It's my honest opinion. Hope also yours after reading the document. Best regards, -- Juanjo ________________________________ Este mensaje se dirige exclusivamente a su destinatario. Puede consultar nuestra pol?tica de env?o y recepci?n de correo electr?nico en el enlace situado m?s abajo. This message is intended exclusively for its addressee. We only send and receive email on the basis of the terms set out at. http://www.tid.es/ES/PAGINAS/disclaimer.aspx -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: jhierro.vcf Type: text/x-vcard Size: 443 bytes Desc: jhierro.vcf URL: -------------- next part -------------- An embedded and charset-unspecified text was scrubbed... Name: ATT00001.txt URL: From pascal.bisson at thalesgroup.com Fri Jul 8 09:44:20 2011 From: pascal.bisson at thalesgroup.com (BISSON Pascal) Date: Fri, 8 Jul 2011 09:44:20 +0200 Subject: [Fiware-security] TR: [Fiware-wpl] Contents of chapters available and planning until official deliverable Message-ID: <20069_1310111062_4E16B556_20069_12074_1_CBBCD6C304123F4AB23FAAE3055C8C0E02014B42431F@THSONEA01CMS04P.one.grp> FYI De : fiware-wpl-bounces at lists.fi-ware.eu [mailto:fiware-wpl-bounces at lists.fi-ware.eu] De la part de Juanjo Hierro Envoy? : mercredi 6 juillet 2011 12:27 ? : fiware-wpl at lists.fi-ware.eu; fiware-wpa at lists.fi-ware.eu Objet : [Fiware-wpl] Contents of chapters available and planning until official deliverable Dear colleagues, You will find the .doc files of each of your chapters in the usual placeholders. Now, the name associated to each of them adopts the following convention: "FI-WARE High-level Description - Chapter v." The integrated draft is available at: https://forge.fi-ware.eu/docman/view.php/7/235/FI-WARE+High-Level+Description+integrated+draft+0.1+11-07-06.doc But we should keep working with separated files per chapter. I first action I would kindly ask all of you to perform is to check that all your stuff is there and I didn't miss anything during the integration :-) If you find something missing, please let me know. Now, we should NOT relax and keep going to get the official release of the deliverable on time. This was announced for mid July ... what mid July means is up to us, but I would suggest making it available on July 19th. What I would suggest now is that we carry out a peer review of each chapter, involving members of a given WP in reviewing the contents of those chapter with whom more inter dependencies may exist. In parallel, each group should try to finish what couldn't make for this first draft. I know that the analysis of Security aspects, just to mention an example, is not closed for all the chapters. I will try to send a summary of what I see pending per chapter later today. In respect to peer reviews, here you have my suggestions for a first round. We would try to make another round before the deadline: Chapter Chief editors Contacts Suggested peer reviewer (team) Cloud Hosting IBM GLIKSON at il.ibm.com Interfaces to Networks & Devices Data/Context Management TID jhierro at tid.es IoT Services Enablement Apps/Services Ecosystem & Delivery SAP andreas.friesen at sap.com, torsten.leidig at sap.com Security IoT Services Enablement Orange & NSN Thierry.nagellen at orange-ftgroup.com, lorant.farkas at nsn.com Data/Context Management Interfaces to Networks & Devices TI &DT pierangelo.garino at telecomitalia.it, Hans.Einsiedler at telekom.de Cloud Hosting Security Thales pascal.bisson at thalesgroup.com, daniel.gidoin at thalesgroup.com Apps/Services Ecosystem & Delivery I would suggest that we define the following milestones linked to this first round unless I hear any objection: * July 11 EOB, reviewers to send their comments (I suggest word files with changes under control) * July 13 EOB, revision of comments by editors of each chapter and upload of new version by chief editors on FusionForge If you believe that there would be a better assignment for you, please also let me know and we'll try together to see if there is an alternative arrangement. Chief editors in the table above matches the WPLs and WPAs as you may already know. WPLs are entitled to contact the chief editor of the chapter his team has been assigned to review so that you can agree on how to proceed. We can keep the procedure of managing the editor token by playing with the states linked to documents in the docman system so that whenever one file is in "pending" state means somebody is editing it. Whenever one changes the state of a given document to "pending" it should announce it to the people involved. Anyway, you should always download the last version from FusionForge (or check that the version you have is downloadable) whenever you decide to start editing a document and change it to "pending". A good strategy in some cases is that you split the chapter in several files, so that you keep control of those pieces that you believe are unstable and leave the rest for review. If you have still pending points, this procedure won't be perfect so each editor should probably edit his version in parallel someone is reviewing it, then manage how to integrate the comments. But there is no much better ways to proceed unless you have a better idea. There are other things that we should start hard because we are behind the schedule. An important part has to do with starting to bring content to the website and blogs. It won't be that difficult now that we have quite a bit of content and nice stories to talk about :-) I'll send an email with a plan proposal on the matter either today or tomorrow. ONE FINAL WORD AND RATHER IMPORTANT: PLEASE respect the styles and procedures for editing describing at the front matter of the documents. Some of you have tried to respect them, and integration was rather easy. BUT I HAVE TO SAY THAT OTHERS HAVE NOT. And this creates a lot of burden. I can tell you that I have lost almost one hour with one of the chapters just fixing the formats while I have spent just 15 mins with the chapters from those who followed the rules. FOR THE NEXT ROUND, take it seriously, I will reject any file that contains prohibited styles or broken styles. I know that it's pretty easy just to copy&paste from another document you may have written before or apart of this project or a web page, but that action breaks everything and has unpredictable consequences in MS Word. It is also easier to create bullet lists or numbered lists using the buttons for doing so that MS Word offers to you at the upper tool bar, but that also has unpredictable consequences and means breaking an homogeneous style across the whole document (I will indeed try to find out how to prevent these buttons to appear :-) And that's all for this very long mail, I want to again thank you for all your efforts, good attitude and, overall, patience with my requests. Best regards, -- Juanjo ________________________________ Este mensaje se dirige exclusivamente a su destinatario. Puede consultar nuestra pol?tica de env?o y recepci?n de correo electr?nico en el enlace situado m?s abajo. This message is intended exclusively for its addressee. We only send and receive email on the basis of the terms set out at. http://www.tid.es/ES/PAGINAS/disclaimer.aspx -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: jhierro.vcf Type: text/x-vcard Size: 443 bytes Desc: jhierro.vcf URL: -------------- next part -------------- An embedded and charset-unspecified text was scrubbed... Name: ATT00001.txt URL: From pascal.bisson at thalesgroup.com Fri Jul 8 10:24:56 2011 From: pascal.bisson at thalesgroup.com (BISSON Pascal) Date: Fri, 8 Jul 2011 10:24:56 +0200 Subject: [Fiware-security] FI-WARE - Audio conf of today Message-ID: <29108_1310113497_4E16BED9_29108_12967_1_CBBCD6C304123F4AB23FAAE3055C8C0E02014B463603@THSONEA01CMS04P.one.grp> Dear All, As per audio conf of today here is the link of the Security chapter with comments we got and need to address. Please have a look and provide with your input (if any) to answer this comments (at least the ones relevant to you and input). https://forge.fi-ware.eu/docman/view.php/7/190/FI-WARE+High-Level+Description+-+Security+chapter+-+v1.0.doc This as soon as possible (preferably by Monday before 10am) Regards, Pascal -------------- next part -------------- An HTML attachment was scrubbed... URL: From antonio.garcia at atosresearch.eu Fri Jul 8 14:37:22 2011 From: antonio.garcia at atosresearch.eu (Antonio Garcia Vazquez) Date: Fri, 8 Jul 2011 14:37:22 +0200 Subject: [Fiware-security] ServiceWave Paper Message-ID: <0385F69C47D8694EA885D34BE18BCCC402FB6AA2@INTMAIL02.es.int.atosorigin.com> Dear all, See attached the paper prepared by Atos, Thales and SAP to be presented in this event. About the dates We?ve talked in today?s conference 1) These are Service Wave deadlines: - Draft paper by end of June - The final version will be needed by end-July, so the camera ready copy can be included in the proceedings 2) Internet of services will take place in Brussels (28th and 29th of September) Sorry but I?m afraid I?ve mixed dates from the two events in the conference. Best Regards ************************************ * Antonio Garc?a V?zquez * * (+34) 91 214 9384 * * antonio.garcia at atosresearch.eu * ************************************ ------------------------------------------------------------------ This e-mail and the documents attached are confidential and intended solely for the addressee; it may also be privileged. If you receive this e-mail in error, please notify the sender immediately and destroy it. As its integrity cannot be secured on the Internet, the Atos group liability cannot be triggered for the message content. Although the sender endeavours to maintain a computer virus-free network, the sender does not warrant that this transmission is virus-free and will not be liable for any damages resulting from any virus transmitted. Este mensaje y los ficheros adjuntos pueden contener informacion confidencial destinada solamente a la(s) persona(s) mencionadas anteriormente pueden estar protegidos por secreto profesional. Si usted recibe este correo electronico por error, gracias por informar inmediatamente al remitente y destruir el mensaje. Al no estar asegurada la integridad de este mensaje sobre la red, Atos no se hace responsable por su contenido. Su contenido no constituye ningun compromiso para el grupo Atos, salvo ratificacion escrita por ambas partes. Aunque se esfuerza al maximo por mantener su red libre de virus, el emisor no puede garantizar nada al respecto y no sera responsable de cualesquiera danos que puedan resultar de una transmision de virus. ------------------------------------------------------------------ -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: FI-WARE Security Paper_v2.0.doc Type: application/msword Size: 347136 bytes Desc: FI-WARE Security Paper_v2.0.doc URL: From pascal.bisson at thalesgroup.com Fri Jul 8 16:55:18 2011 From: pascal.bisson at thalesgroup.com (BISSON Pascal) Date: Fri, 8 Jul 2011 16:55:18 +0200 Subject: [Fiware-security] TR: Fi-ware security GE - Review Message-ID: <8168_1310136924_4E171A5C_8168_14436_1_489956e8-c2fa-46f1-aad2-688a97ceb90f@THSONEA01HUB03P.one.grp> Dear All, Here are the comments we got from the peer-review of our Security chapter which was performed by WP3 (Horst Stein/DT) In view of the comments I would ask each of the Task leaders and/or GE enablers to which they are targeted to provide me with their answer in order to interact with them and elaborate shared and agreed answer we can give (this including some redrafting which might be needed to clarify things and so improve overall quality of our Chapter) Useless to say any of you is more than welcome to contribute/participate to the answers to be given here. So hearing from the task leads and you all to improve our Security chapter in view of the comments raised by WP3 reviewer. Best Regards, Pascal De : fiware-apps-bounces at lists.fi-ware.eu [mailto:fiware-apps-bounces at lists.fi-ware.eu] De la part de Horst.Stein at telekom.de Envoy? : vendredi 8 juillet 2011 15:14 ? : fiware-apps at lists.fi-ware.eu Objet : [Fiware-apps] Fi-ware security GE - Review Hi Andreas and all, Here are some comments on the Security chapter with respect to WP3 issues: Security Monitoring Enabler It is not clear which interfaces to services and composition environments are needed for the monitoring process. Infos provided on pg 7 are very general: Firewalls, Intrusion Detection Systems, Security and Event Managers, ... wireless events agents ... Especially business risk impact evaluation sounds interesting, but it is not part of the figure 3 and not clear how a relationship with a real business application produced e.g. by our composition tools could be realised. At this level of description it's unclear how e.g. a sql intrusion attack on application level is monitored or the business risk is evaluated. Identity Management Are there also some group functionalities or are there only single identities for users and things? PPL Engine Is there an own grafical user interface for the end user to control his attributes? What are the interfaces to applications or services? Context-based security and compliance Not clear if this is related to WP3: Is it filter of security enablers (which one?) to fit with "very specific regulatory constraints" and monitoring of system performance? If this is an USDL extension, what is the influence on applications which are described in USDL and consumed via the marketplace? Optional security service enabler Not understood, is it an extension of USDL with security features (see above)? "The goal is to make easily extendible the security service description for customized services. This functionality will encourage all developers to define and describe their won services through the USDL standard by adding new functionalities .." pg18 Are there any relations to applications and composition tools, what are the effects on applications or user security? Best regards and nice weekend Horst ________________________________________________ Deutsche Telekom AG Laboratories Dr. Horst Stein Winterfeldtstrasse 21, D-10781 Berlin +49 30 835358637 (Tel) +49 391 53477987 +49 1605326264 (Mobil) http://www.laboratories.telekom.com E-Mail: horst.stein at telekom.de Erleben, was verbindet. Deutsche Telekom AG Aufsichtsrat: Prof. Dr. Ulrich Lehner (Vorsitzender) Vorstand: Ren? Obermann (Vorsitzender), Hamid Akhavan, Dr. Manfred Balz, Reinhard Clemens, Niek Jan van Damme, Timotheus H?ttges, Guido Kerkhoff, Thomas Sattelberger Handelsregister: Amtsgericht Bonn HRB 6794 Sitz der Gesellschaft: Bonn WEEE-Reg.-Nr. DE50478376 -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- An embedded and charset-unspecified text was scrubbed... Name: ATT00001.txt URL: From pascal.bisson at thalesgroup.com Fri Jul 8 16:59:29 2011 From: pascal.bisson at thalesgroup.com (BISSON Pascal) Date: Fri, 8 Jul 2011 16:59:29 +0200 Subject: [Fiware-security] ServiceWave Paper In-Reply-To: <0385F69C47D8694EA885D34BE18BCCC402FB6AA2@INTMAIL02.es.int.atosorigin.com> References: <0385F69C47D8694EA885D34BE18BCCC402FB6AA2@INTMAIL02.es.int.atosorigin.com> Message-ID: <23054_1310137171_4E171B53_23054_6611_1_CBBCD6C304123F4AB23FAAE3055C8C0E0203F57CA3C7@THSONEA01CMS04P.one.grp> Thanks Antonio ! De : fiware-security-bounces at lists.fi-ware.eu [mailto:fiware-security-bounces at lists.fi-ware.eu] De la part de Antonio Garcia Vazquez Envoy? : vendredi 8 juillet 2011 14:37 ? : Fiware-security at lists.fi-ware.eu Objet : [Fiware-security] ServiceWave Paper Dear all, See attached the paper prepared by Atos, Thales and SAP to be presented in this event. About the dates We?ve talked in today?s conference 1) These are Service Wave deadlines: - Draft paper by end of June - The final version will be needed by end-July, so the camera ready copy can be included in the proceedings 2) Internet of services will take place in Brussels (28th and 29th of September) Sorry but I?m afraid I?ve mixed dates from the two events in the conference. Best Regards ************************************ * Antonio Garc?a V?zquez * * (+34) 91 214 9384 * * antonio.garcia at atosresearch.eu * ************************************ ------------------------------------------------------------------ This e-mail and the documents attached are confidential and intended solely for the addressee; it may also be privileged. If you receive this e-mail in error, please notify the sender immediately and destroy it. As its integrity cannot be secured on the Internet, the Atos group liability cannot be triggered for the message content. Although the sender endeavours to maintain a computer virus-free network, the sender does not warrant that this transmission is virus-free and will not be liable for any damages resulting from any virus transmitted. Este mensaje y los ficheros adjuntos pueden contener informacion confidencial destinada solamente a la(s) persona(s) mencionadas anteriormente pueden estar protegidos por secreto profesional. Si usted recibe este correo electronico por error, gracias por informar inmediatamente al remitente y destruir el mensaje. Al no estar asegurada la integridad de este mensaje sobre la red, Atos no se hace responsable por su contenido. Su contenido no constituye ningun compromiso para el grupo Atos, salvo ratificacion escrita por ambas partes. Aunque se esfuerza al maximo por mantener su red libre de virus, el emisor no puede garantizar nada al respecto y no sera responsable de cualesquiera danos que puedan resultar de una transmision de virus. ------------------------------------------------------------------ -------------- next part -------------- An HTML attachment was scrubbed... URL: From pascal.bisson at thalesgroup.com Fri Jul 8 17:56:48 2011 From: pascal.bisson at thalesgroup.com (BISSON Pascal) Date: Fri, 8 Jul 2011 17:56:48 +0200 Subject: [Fiware-security] FI-WARE - Security AT - Minutes of our audio conf Message-ID: <8168_1310140613_4E1728C5_8168_17049_1_3b132346-0ea1-43a8-8de0-858f5dd7c353@THSONEA01HUB02P.one.grp> Dear All, Find attached to this email the minutes of our audio conf of today. Please check and perform actions which have been requested (try also to meet the set deadlines even if short just because we have to close asap our work on M2 deliverable) As for the rest I also attached to this email the minutes of our previous audio conf that I couldn't send to you before since travelling. In any case, this has now been repaired. As said counting on you to go through the minutes and perform duties. Hearing from you Best Regards, PS: Bear in mind next audio conf is planned Next Tuesday so Tuesday 12 (10am-12am max) same number as usual to join -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: FI-WARE-WP8 audio conf 2011-07-08 minutes .doc Type: application/msword Size: 44032 bytes Desc: FI-WARE-WP8 audio conf 2011-07-08 minutes .doc URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: FI-WARE-WP8 audio conf 2011-07-05 minutes .doc Type: application/msword Size: 45056 bytes Desc: FI-WARE-WP8 audio conf 2011-07-05 minutes .doc URL: From pascal.bisson at thalesgroup.com Mon Jul 11 09:48:32 2011 From: pascal.bisson at thalesgroup.com (BISSON Pascal) Date: Mon, 11 Jul 2011 09:48:32 +0200 Subject: [Fiware-security] FI-WARE - WP8 - Security issues raised by other AT Chapters Message-ID: <18617_1310370519_4E1AAAD7_18617_14901_2_05355d7d-f512-4247-8e43-9b27713e5fcb@THSONEA01HUB06P.one.grp> Dear WP8 colleagues, Please find attached to this document my review of the Security issues of each of the other AT Chapters. This as per D2.2a document assembled by Juanjo and sent to all. I did it for each of the other AT Chapters except IoT Chapter where Security issues section was not yet filled in. Please check and complete with your own review/reading (comments, remarks, suggested changes add-ons). As said this has also to be put back into perspective of security issues we had identified for each of this chapter (information provided to each of the other WPL). To be further discussed at our WP8 audio conf of tomorrow (10am). Best Regards, Pascal -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: Review of Security Issues sections of D2.2a - THA V0.1.doc Type: application/msword Size: 59904 bytes Desc: Review of Security Issues sections of D2.2a - THA V0.1.doc URL: From robert.seidl at nsn.com Mon Jul 11 12:07:18 2011 From: robert.seidl at nsn.com (Seidl, Robert (NSN - DE/Munich)) Date: Mon, 11 Jul 2011 12:07:18 +0200 Subject: [Fiware-security] TR: Fi-ware security GE - Review In-Reply-To: <8168_1310136924_4E171A5C_8168_14436_1_489956e8-c2fa-46f1-aad2-688a97ceb90f@THSONEA01HUB03P.one.grp> References: <8168_1310136924_4E171A5C_8168_14436_1_489956e8-c2fa-46f1-aad2-688a97ceb90f@THSONEA01HUB03P.one.grp> Message-ID: <70B7C2744D52BB4282F0E0D3DC965E0C0514B97B@DEMUEXC006.nsn-intra.net> Hi Pascal, coming back to the question: "Identity Management Are there also some group functionalities or are there only single identities for users and things?" To my knowledge we are dealing so far with single identities, but the partner contributions can be extended to support group functionalities. Issue is what is special to a group functionality, or does it basically comes back to the behaviour of a single identity? We can discuss this tomorrow. Greetings Robert ________________________________ From: fiware-security-bounces at lists.fi-ware.eu [mailto:fiware-security-bounces at lists.fi-ware.eu] On Behalf Of ext BISSON Pascal Sent: Friday, July 08, 2011 4:55 PM To: Fiware-Security (fiware-security at lists.fi-ware.eu) Subject: [Fiware-security] TR: Fi-ware security GE - Review Dear All, Here are the comments we got from the peer-review of our Security chapter which was performed by WP3 (Horst Stein/DT) In view of the comments I would ask each of the Task leaders and/or GE enablers to which they are targeted to provide me with their answer in order to interact with them and elaborate shared and agreed answer we can give (this including some redrafting which might be needed to clarify things and so improve overall quality of our Chapter) Useless to say any of you is more than welcome to contribute/participate to the answers to be given here. So hearing from the task leads and you all to improve our Security chapter in view of the comments raised by WP3 reviewer. Best Regards, Pascal De : fiware-apps-bounces at lists.fi-ware.eu [mailto:fiware-apps-bounces at lists.fi-ware.eu] De la part de Horst.Stein at telekom.de Envoy? : vendredi 8 juillet 2011 15:14 ? : fiware-apps at lists.fi-ware.eu Objet : [Fiware-apps] Fi-ware security GE - Review Hi Andreas and all, Here are some comments on the Security chapter with respect to WP3 issues: Security Monitoring Enabler It is not clear which interfaces to services and composition environments are needed for the monitoring process. Infos provided on pg 7 are very general: Firewalls, Intrusion Detection Systems, Security and Event Managers, ... wireless events agents ... Especially business risk impact evaluation sounds interesting, but it is not part of the figure 3 and not clear how a relationship with a real business application produced e.g. by our composition tools could be realised. At this level of description it's unclear how e.g. a sql intrusion attack on application level is monitored or the business risk is evaluated. Identity Management Are there also some group functionalities or are there only single identities for users and things? PPL Engine Is there an own grafical user interface for the end user to control his attributes? What are the interfaces to applications or services? Context-based security and compliance Not clear if this is related to WP3: Is it filter of security enablers (which one?) to fit with "very specific regulatory constraints" and monitoring of system performance? If this is an USDL extension, what is the influence on applications which are described in USDL and consumed via the marketplace? Optional security service enabler Not understood, is it an extension of USDL with security features (see above)? "The goal is to make easily extendible the security service description for customized services. This functionality will encourage all developers to define and describe their won services through the USDL standard by adding new functionalities .." pg18 Are there any relations to applications and composition tools, what are the effects on applications or user security? Best regards and nice weekend Horst ________________________________________________ Deutsche Telekom AG Laboratories Dr. Horst Stein Winterfeldtstrasse 21, D-10781 Berlin +49 30 835358637 (Tel) +49 391 53477987 +49 1605326264 (Mobil) http://www.laboratories.telekom.com E-Mail: horst.stein at telekom.de Erleben, was verbindet. Deutsche Telekom AG Aufsichtsrat: Prof. Dr. Ulrich Lehner (Vorsitzender) Vorstand: Ren? Obermann (Vorsitzender), Hamid Akhavan, Dr. Manfred Balz, Reinhard Clemens, Niek Jan van Damme, Timotheus H?ttges, Guido Kerkhoff, Thomas Sattelberger Handelsregister: Amtsgericht Bonn HRB 6794 Sitz der Gesellschaft: Bonn WEEE-Reg.-Nr. DE50478376 -------------- next part -------------- An HTML attachment was scrubbed... URL: From Wolfgang.Steigerwald at telekom.de Mon Jul 11 13:43:42 2011 From: Wolfgang.Steigerwald at telekom.de (Wolfgang.Steigerwald at telekom.de) Date: Mon, 11 Jul 2011 13:43:42 +0200 Subject: [Fiware-security] FI-WARE - Audio conf of today In-Reply-To: <29108_1310113497_4E16BED9_29108_12967_1_CBBCD6C304123F4AB23FAAE3055C8C0E02014B463603@THSONEA01CMS04P.one.grp> References: <29108_1310113497_4E16BED9_29108_12967_1_CBBCD6C304123F4AB23FAAE3055C8C0E02014B463603@THSONEA01CMS04P.one.grp> Message-ID: Hello Pascal, see attached the review of the security chapter. I inserted all issues as comments so they are easy to find. What I mist is the chapter to "User and profile management" which will be part of our "White label IdP" Best regards Wolfgang Deutsche Telekom AG T-Labs (Research & Development) Wolfgang Steigerwald Winterfeldtstra?e 21, 10781 Berlin +49 30 8353 54287 (Tel.) +49 171 5664350 (Mobil) E-Mail: wolfgang.steigerwald at telekom.de www.telekom.com Erleben, was verbindet. Deutsche Telekom AG Aufsichtsrat: Prof. Dr. Ulrich Lehner (Vorsitzender) Vorstand: Ren? Obermann (Vorsitzender), Dr. Manfred Balz, Reinhard Clemens, Niek Jan van Damme, Timotheus H?ttges, Edward R. Kozel, Thomas Sattelberger Handelsregister: Amtsgericht Bonn HRB 6794 Sitz der Gesellschaft Bonn Gro?e Ver?nderungen fangen klein an - Ressourcen schonen und nicht jede E-Mail drucken. ________________________________ Von: fiware-security-bounces at lists.fi-ware.eu [mailto:fiware-security-bounces at lists.fi-ware.eu] Im Auftrag von BISSON Pascal Gesendet: Freitag, 8. Juli 2011 10:25 An: Fiware-Security (fiware-security at lists.fi-ware.eu) Betreff: [Fiware-security] FI-WARE - Audio conf of today Dear All, As per audio conf of today here is the link of the Security chapter with comments we got and need to address. Please have a look and provide with your input (if any) to answer this comments (at least the ones relevant to you and input). https://forge.fi-ware.eu/docman/view.php/7/190/FI-WARE+High-Level+Description+-+Security+chapter+-+v1.0.doc This as soon as possible (preferably by Monday before 10am) Regards, Pascal -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: FI-WARE High-Level Description - Security chapter - v1.0-DT.doc Type: application/msword Size: 1535488 bytes Desc: FI-WARE High-Level Description - Security chapter - v1.0-DT.doc URL: From pascal.bisson at thalesgroup.com Mon Jul 11 14:29:16 2011 From: pascal.bisson at thalesgroup.com (BISSON Pascal) Date: Mon, 11 Jul 2011 14:29:16 +0200 Subject: [Fiware-security] Review of the security chapter by Apps/Services Ecosystem and delivery In-Reply-To: <92E1E76787317A4E876E7A444ABC390213F009C5A6@DEWDFECCR08.wdf.sap.corp> References: <92E1E76787317A4E876E7A444ABC390213F009C5A6@DEWDFECCR08.wdf.sap.corp> Message-ID: <7851_1310387361_4E1AECA1_7851_1180_1_e5e4221f-7375-4ff6-a084-3100c4d5f139@THSONEA01HUB04P.one.grp> Dear Andreas, Thanks to have organized at WP3 level, review of our Security Chapter to D2.2b. I already received the WP3 comments from DT. As for the ones coming from SAP and UDE I will have a look at them with the rest of the Security team and answer them to you. As for what you says regarding Security monitoring components that in your view don't directly relate to FI-WARE let me fully object here just because it would benefit to each of the other ATs( including yours although not limited to it) and is also highly desired for what concerns usage areas we know and are targeting (Smart City, Smart Grid, Smart Transport, ...). This without saying it is part of the approved DoW so this is directly related to FI-WARE and the major innovations which may result of the FI-WARE Project. Best regards, Pascal De : Friesen, Andreas [mailto:andreas.friesen at sap.com] Envoy? : lundi 11 juillet 2011 13:04 ? : BISSON Pascal Cc : GIDOIN Daniel; Juanjo Hierro; TRABELSI, Slim; Leidig, Torsten Objet : Review of the security chapter by Apps/Services Ecosystem and delivery Dear Pascal, I asked all WP3 partners feeling qualified to build an opinion about security to review the security chapter and received some feedback in the meantime. I will forward to you any additional reviews until today EOB should I receive them during the day. Please find attached the reviewed security chapter from SAP and UDE. We did not change the text just added comments. In general, the comments are mainly focused on getting a common understanding what will security chapter offer to other FI-WARE chapters in the end. As you will see from the comments (except for the enablers corresponding to "2 Generic Security Enablers" in Fig.2 dealing with authentication, authorization, identity management, privacy, etc.) it is very difficult to assess (at least from the perspective of apps/services ecosystems so maybe an additional review from a different WP could be useful for you) at the moment how the rest of the security WP contributes to/can be used by other chapters in FI-WARE. Many of the described components are either too low level (e.g., database risk evaluation and anonymization service) or not directly related to FI-WARE (e.g., the security monitoring components). Here are also some comments on the Security chapter with respect to WP3 issues provided by DT: Security Monitoring Enabler It is not clear which interfaces to services and composition environments are needed for the monitoring process. Infos provided on pg 7 are very general: Firewalls, Intrusion Detection Systems, Security and Event Managers, ... wireless events agents ... Especially business risk impact evaluation sounds interesting, but it is not part of the figure 3 and not clear how a relationship with a real business application produced e.g. by our composition tools could be realised. At this level of description it's unclear how e.g. a sql intrusion attack on application level is monitored or the business risk is evaluated. Identity Management Are there also some group functionalities or are there only single identities for users and things? PPL Engine Is there an own grafical user interface for the end user to control his attributes? What are the interfaces to applications or services? Context-based security and compliance Not clear if this is related to WP3: Is it filter of security enablers (which one?) to fit with "very specific regulatory constraints" and monitoring of system performance? If this is an USDL extension, what is the influence on applications which are described in USDL and consumed via the marketplace? Optional security service enabler Not understood, is it an extension of USDL with security features (see above)? "The goal is to make easily extendible the security service description for customized services. This functionality will encourage all developers to define and describe their won services through the USDL standard by adding new functionalities .." pg18 Are there any relations to applications and composition tools, what are the effects on applications or user security? Best regards, Andreas From: fiware-wpl-bounces at lists.fi-ware.eu [mailto:fiware-wpl-bounces at lists.fi-ware.eu] On Behalf Of Juanjo Hierro Sent: Mittwoch, 6. Juli 2011 12:27 To: fiware-wpl at lists.fi-ware.eu; fiware-wpa at lists.fi-ware.eu Subject: [Fiware-wpl] Contents of chapters available and planning until official deliverable Dear colleagues, You will find the .doc files of each of your chapters in the usual placeholders. Now, the name associated to each of them adopts the following convention: "FI-WARE High-level Description - Chapter v." The integrated draft is available at: https://forge.fi-ware.eu/docman/view.php/7/235/FI-WARE+High-Level+Description+integrated+draft+0.1+11-07-06.doc But we should keep working with separated files per chapter. I first action I would kindly ask all of you to perform is to check that all your stuff is there and I didn't miss anything during the integration :-) If you find something missing, please let me know. Now, we should NOT relax and keep going to get the official release of the deliverable on time. This was announced for mid July ... what mid July means is up to us, but I would suggest making it available on July 19th. What I would suggest now is that we carry out a peer review of each chapter, involving members of a given WP in reviewing the contents of those chapter with whom more inter dependencies may exist. In parallel, each group should try to finish what couldn't make for this first draft. I know that the analysis of Security aspects, just to mention an example, is not closed for all the chapters. I will try to send a summary of what I see pending per chapter later today. In respect to peer reviews, here you have my suggestions for a first round. We would try to make another round before the deadline: Chapter Chief editors Contacts Suggested peer reviewer (team) Cloud Hosting IBM GLIKSON at il.ibm.com Interfaces to Networks & Devices Data/Context Management TID jhierro at tid.es IoT Services Enablement Apps/Services Ecosystem & Delivery SAP andreas.friesen at sap.com, torsten.leidig at sap.com Security IoT Services Enablement Orange & NSN Thierry.nagellen at orange-ftgroup.com, lorant.farkas at nsn.com Data/Context Management Interfaces to Networks & Devices TI &DT pierangelo.garino at telecomitalia.it, Hans.Einsiedler at telekom.de Cloud Hosting Security Thales pascal.bisson at thalesgroup.com, daniel.gidoin at thalesgroup.com Apps/Services Ecosystem & Delivery I would suggest that we define the following milestones linked to this first round unless I hear any objection: * July 11 EOB, reviewers to send their comments (I suggest word files with changes under control) * July 13 EOB, revision of comments by editors of each chapter and upload of new version by chief editors on FusionForge If you believe that there would be a better assignment for you, please also let me know and we'll try together to see if there is an alternative arrangement. Chief editors in the table above matches the WPLs and WPAs as you may already know. WPLs are entitled to contact the chief editor of the chapter his team has been assigned to review so that you can agree on how to proceed. We can keep the procedure of managing the editor token by playing with the states linked to documents in the docman system so that whenever one file is in "pending" state means somebody is editing it. Whenever one changes the state of a given document to "pending" it should announce it to the people involved. Anyway, you should always download the last version from FusionForge (or check that the version you have is downloadable) whenever you decide to start editing a document and change it to "pending". A good strategy in some cases is that you split the chapter in several files, so that you keep control of those pieces that you believe are unstable and leave the rest for review. If you have still pending points, this procedure won't be perfect so each editor should probably edit his version in parallel someone is reviewing it, then manage how to integrate the comments. But there is no much better ways to proceed unless you have a better idea. There are other things that we should start hard because we are behind the schedule. An important part has to do with starting to bring content to the website and blogs. It won't be that difficult now that we have quite a bit of content and nice stories to talk about :-) I'll send an email with a plan proposal on the matter either today or tomorrow. ONE FINAL WORD AND RATHER IMPORTANT: PLEASE respect the styles and procedures for editing describing at the front matter of the documents. Some of you have tried to respect them, and integration was rather easy. BUT I HAVE TO SAY THAT OTHERS HAVE NOT. And this creates a lot of burden. I can tell you that I have lost almost one hour with one of the chapters just fixing the formats while I have spent just 15 mins with the chapters from those who followed the rules. FOR THE NEXT ROUND, take it seriously, I will reject any file that contains prohibited styles or broken styles. I know that it's pretty easy just to copy&paste from another document you may have written before or apart of this project or a web page, but that action breaks everything and has unpredictable consequences in MS Word. It is also easier to create bullet lists or numbered lists using the buttons for doing so that MS Word offers to you at the upper tool bar, but that also has unpredictable consequences and means breaking an homogeneous style across the whole document (I will indeed try to find out how to prevent these buttons to appear :-) And that's all for this very long mail, I want to again thank you for all your efforts, good attitude and, overall, patience with my requests. Best regards, -- Juanjo ________________________________ Este mensaje se dirige exclusivamente a su destinatario. Puede consultar nuestra pol?tica de env?o y recepci?n de correo electr?nico en el enlace situado m?s abajo. This message is intended exclusively for its addressee. We only send and receive email on the basis of the terms set out at. http://www.tid.es/ES/PAGINAS/disclaimer.aspx -------------- next part -------------- An HTML attachment was scrubbed... URL: From pascal.bisson at thalesgroup.com Mon Jul 11 14:31:22 2011 From: pascal.bisson at thalesgroup.com (BISSON Pascal) Date: Mon, 11 Jul 2011 14:31:22 +0200 Subject: [Fiware-security] TR: Fi-ware security GE - Review In-Reply-To: <70B7C2744D52BB4282F0E0D3DC965E0C0514B97B@DEMUEXC006.nsn-intra.net> References: <8168_1310136924_4E171A5C_8168_14436_1_489956e8-c2fa-46f1-aad2-688a97ceb90f@THSONEA01HUB03P.one.grp> <70B7C2744D52BB4282F0E0D3DC965E0C0514B97B@DEMUEXC006.nsn-intra.net> Message-ID: <4077_1310387483_4E1AED1B_4077_17035_1_CBBCD6C304123F4AB23FAAE3055C8C0E0203F5DF1D1C@THSONEA01CMS04P.one.grp> My view on this is that we probably have to be prepared to cover both. (if you look at the Cloud chapter it is clear we will have groups to deal with ...) To be further discussed with you tomorrow. Regards, Pascal De : Seidl, Robert (NSN - DE/Munich) [mailto:robert.seidl at nsn.com] Envoy? : lundi 11 juillet 2011 12:07 ? : BISSON Pascal Cc : fiware-security at lists.fi-ware.eu Objet : RE: [Fiware-security] TR: Fi-ware security GE - Review Hi Pascal, coming back to the question: "Identity Management Are there also some group functionalities or are there only single identities for users and things?" To my knowledge we are dealing so far with single identities, but the partner contributions can be extended to support group functionalities. Issue is what is special to a group functionality, or does it basically comes back to the behaviour of a single identity? We can discuss this tomorrow. Greetings Robert ________________________________ From: fiware-security-bounces at lists.fi-ware.eu [mailto:fiware-security-bounces at lists.fi-ware.eu] On Behalf Of ext BISSON Pascal Sent: Friday, July 08, 2011 4:55 PM To: Fiware-Security (fiware-security at lists.fi-ware.eu) Subject: [Fiware-security] TR: Fi-ware security GE - Review Dear All, Here are the comments we got from the peer-review of our Security chapter which was performed by WP3 (Horst Stein/DT) In view of the comments I would ask each of the Task leaders and/or GE enablers to which they are targeted to provide me with their answer in order to interact with them and elaborate shared and agreed answer we can give (this including some redrafting which might be needed to clarify things and so improve overall quality of our Chapter) Useless to say any of you is more than welcome to contribute/participate to the answers to be given here. So hearing from the task leads and you all to improve our Security chapter in view of the comments raised by WP3 reviewer. Best Regards, Pascal De : fiware-apps-bounces at lists.fi-ware.eu [mailto:fiware-apps-bounces at lists.fi-ware.eu] De la part de Horst.Stein at telekom.de Envoy? : vendredi 8 juillet 2011 15:14 ? : fiware-apps at lists.fi-ware.eu Objet : [Fiware-apps] Fi-ware security GE - Review Hi Andreas and all, Here are some comments on the Security chapter with respect to WP3 issues: Security Monitoring Enabler It is not clear which interfaces to services and composition environments are needed for the monitoring process. Infos provided on pg 7 are very general: Firewalls, Intrusion Detection Systems, Security and Event Managers, ... wireless events agents ... Especially business risk impact evaluation sounds interesting, but it is not part of the figure 3 and not clear how a relationship with a real business application produced e.g. by our composition tools could be realised. At this level of description it's unclear how e.g. a sql intrusion attack on application level is monitored or the business risk is evaluated. Identity Management Are there also some group functionalities or are there only single identities for users and things? PPL Engine Is there an own grafical user interface for the end user to control his attributes? What are the interfaces to applications or services? Context-based security and compliance Not clear if this is related to WP3: Is it filter of security enablers (which one?) to fit with "very specific regulatory constraints" and monitoring of system performance? If this is an USDL extension, what is the influence on applications which are described in USDL and consumed via the marketplace? Optional security service enabler Not understood, is it an extension of USDL with security features (see above)? "The goal is to make easily extendible the security service description for customized services. This functionality will encourage all developers to define and describe their won services through the USDL standard by adding new functionalities .." pg18 Are there any relations to applications and composition tools, what are the effects on applications or user security? Best regards and nice weekend Horst ________________________________________________ Deutsche Telekom AG Laboratories Dr. Horst Stein Winterfeldtstrasse 21, D-10781 Berlin +49 30 835358637 (Tel) +49 391 53477987 +49 1605326264 (Mobil) http://www.laboratories.telekom.com E-Mail: horst.stein at telekom.de Erleben, was verbindet. Deutsche Telekom AG Aufsichtsrat: Prof. Dr. Ulrich Lehner (Vorsitzender) Vorstand: Ren? Obermann (Vorsitzender), Hamid Akhavan, Dr. Manfred Balz, Reinhard Clemens, Niek Jan van Damme, Timotheus H?ttges, Guido Kerkhoff, Thomas Sattelberger Handelsregister: Amtsgericht Bonn HRB 6794 Sitz der Gesellschaft: Bonn WEEE-Reg.-Nr. DE50478376 -------------- next part -------------- An HTML attachment was scrubbed... URL: From pascal.bisson at thalesgroup.com Tue Jul 12 09:39:10 2011 From: pascal.bisson at thalesgroup.com (BISSON Pascal) Date: Tue, 12 Jul 2011 09:39:10 +0200 Subject: [Fiware-security] FI-WARE - WP8 - Weekly audio conf of today (details & Agenda) Message-ID: <16378_1310456354_4E1BFA22_16378_17218_1_5b7f5011-5e8a-4e14-ba23-48cf0396eb53@THSONEA01HUB06P.one.grp> Dear All, Here are the details for our audio conf of tomorrow Friday (24/06/11) starting at 10am sharp. Counting on each organization involved in WP8 to be represented. On the Agenda of this audio conf: ? Security chapter as integrated in D2.2a ? Answer to comments from TID and reviewers (SAP, UDE & DT) ? Next steps ? Other topics Here are the details to join: Meeting room number would be the following one : 391581 LocalConnect number to join: Australia Australia Toll Free 1800 005 574 Australia Sydney +61 (0) 282 239 767 Austria Vienna +43 (0) 2682 205 6609 Belgium Brussels +32 (0) 2 789 8678 Denmark Copenhagen +45 3271 4340 Finland Helsinki +358 (0) 923 142 830 France Lyon +33 (0) 426 840 285 France Marseille +33 (0) 488 915 385 France Paris +33 (0) 170 994 816 Germany Berlin +49 (0) 3072 616 7342 Germany D?sseldorf +49 (0) 2115 407 3902 Germany Frankfurt +49 (0) 6971 044 5635 Germany Hamburg +49 (0) 4080 902 0684 Germany Munich +49 (0) 8924 443 2893 Germany Stuttgart +49 (0) 7111 856 2130 Hong Kong Hong Kong +852 301 145 59 Hungary Budapest +36 (06) 1-889-3286 Ireland Dublin +353 (0) 14 860 780 Israel Israel Toll Free 1809 245 981 Italy Milan +39 0 230 413 017 Italy Rome +39 0 645 217 056 Italy Turin +39 0 112 179 2159 Japan Japan Toll Free 005 311 212 65 Japan Tokyo +81 (0) 357 675 025 Korea, Republic Of Seoul +82 (0) 234 831 224 Luxembourg Luxemburg City +352 2700 41 42 Malaysia Kuala Lumpur +60 (0) 377 124 640 Netherlands Amsterdam +31 (0) 207 948 529 New Zealand Auckland +64 (0) 9 919 2428 Norway Oslo +47 2153 3919 Poland Poland Toll Free 0080 0121 1304 Portugal Portugal Toll Free 800 814 183 Russia Russia Toll Free 81080 02209 4011 Singapore Singapore +65 6622 1068 Spain Barcelona +34 93 492 3235 Spain Madrid +34 91 788 9908 Sweden Stockholm +46 (0) 850 520 145 Switzerland Geneva +41 (0) 225 927 428 United Kingdom Birmingham +44 (0) 121 260 4686 United Kingdom London +44 (0) 207 153 9902 United Kingdom Manchester +44 (0) 161 250 0679 United States USA & Canada Toll Free 1888 249 0050 United States USA Toll +1 954 334 1559 -------------- next part -------------- An HTML attachment was scrubbed... URL: From pascal.bisson at thalesgroup.com Tue Jul 12 09:41:57 2011 From: pascal.bisson at thalesgroup.com (BISSON Pascal) Date: Tue, 12 Jul 2011 09:41:57 +0200 Subject: [Fiware-security] FI-WARE - WP8 - Weekly audio conf of today (details & Agenda) In-Reply-To: References: Message-ID: <16378_1310456522_4E1BFACA_16378_17355_1_5a8b591f-bbd6-476d-b4e0-29f5277063d0@THSONEA01HUB02P.one.grp> Will open this Audio conf at 10am. So talk to you in few minutes. Regards, Pascal De : BISSON Pascal Envoy? : mardi 12 juillet 2011 09:39 ? : fiware-security at lists.fi-ware.eu Cc : BISSON Pascal; GIDOIN Daniel; LELEU Philippe; SIEUX Corinne Objet : FI-WARE - WP8 - Weekly audio conf of today (details & Agenda) Dear All, Here are the details for our audio conf of tomorrow Friday (24/06/11) starting at 10am sharp. Counting on each organization involved in WP8 to be represented. On the Agenda of this audio conf: ? Security chapter as integrated in D2.2a ? Answer to comments from TID and reviewers (SAP, UDE & DT) ? Next steps ? Other topics Here are the details to join: Meeting room number would be the following one : 391581 LocalConnect number to join: Australia Australia Toll Free 1800 005 574 Australia Sydney +61 (0) 282 239 767 Austria Vienna +43 (0) 2682 205 6609 Belgium Brussels +32 (0) 2 789 8678 Denmark Copenhagen +45 3271 4340 Finland Helsinki +358 (0) 923 142 830 France Lyon +33 (0) 426 840 285 France Marseille +33 (0) 488 915 385 France Paris +33 (0) 170 994 816 Germany Berlin +49 (0) 3072 616 7342 Germany D?sseldorf +49 (0) 2115 407 3902 Germany Frankfurt +49 (0) 6971 044 5635 Germany Hamburg +49 (0) 4080 902 0684 Germany Munich +49 (0) 8924 443 2893 Germany Stuttgart +49 (0) 7111 856 2130 Hong Kong Hong Kong +852 301 145 59 Hungary Budapest +36 (06) 1-889-3286 Ireland Dublin +353 (0) 14 860 780 Israel Israel Toll Free 1809 245 981 Italy Milan +39 0 230 413 017 Italy Rome +39 0 645 217 056 Italy Turin +39 0 112 179 2159 Japan Japan Toll Free 005 311 212 65 Japan Tokyo +81 (0) 357 675 025 Korea, Republic Of Seoul +82 (0) 234 831 224 Luxembourg Luxemburg City +352 2700 41 42 Malaysia Kuala Lumpur +60 (0) 377 124 640 Netherlands Amsterdam +31 (0) 207 948 529 New Zealand Auckland +64 (0) 9 919 2428 Norway Oslo +47 2153 3919 Poland Poland Toll Free 0080 0121 1304 Portugal Portugal Toll Free 800 814 183 Russia Russia Toll Free 81080 02209 4011 Singapore Singapore +65 6622 1068 Spain Barcelona +34 93 492 3235 Spain Madrid +34 91 788 9908 Sweden Stockholm +46 (0) 850 520 145 Switzerland Geneva +41 (0) 225 927 428 United Kingdom Birmingham +44 (0) 121 260 4686 United Kingdom London +44 (0) 207 153 9902 United Kingdom Manchester +44 (0) 161 250 0679 United States USA & Canada Toll Free 1888 249 0050 United States USA Toll +1 954 334 1559 -------------- next part -------------- An HTML attachment was scrubbed... URL: From daniel.gidoin at thalesgroup.com Tue Jul 12 09:46:54 2011 From: daniel.gidoin at thalesgroup.com (GIDOIN Daniel) Date: Tue, 12 Jul 2011 09:46:54 +0200 Subject: [Fiware-security] Review of the security chapter by Apps/Services Ecosystem and delivery In-Reply-To: <92E1E76787317A4E876E7A444ABC390213F009C895@DEWDFECCR08.wdf.sap.corp> References: <92E1E76787317A4E876E7A444ABC390213F009C5A6@DEWDFECCR08.wdf.sap.corp> <7851_1310387361_4E1AECA1_7851_1180_1_e5e4221f-7375-4ff6-a084-3100c4d5f139@THSONEA01HUB04P.one.grp> <92E1E76787317A4E876E7A444ABC390213F009C895@DEWDFECCR08.wdf.sap.corp> Message-ID: <16378_1310456817_4E1BFBF1_16378_17616_1_4ab0131e-8c91-42a1-a72d-659e84f62bfe@THSONEA01HUB03P.one.grp> Dear Andreas, We should have no fear regarding integration/interaction with other FI-WARE components. Indeed, the interactions are very strong. On the one hand, the security monitoring GE exploits the events generated by these components. It's a big difference with a conventional monitoring, only focused on events from the network and security components. On the other hand, generated countermeasures applies to these FI-WARE components, according to their criticality. Also, It raises alerts dedicated to these FI-WARE components. Best regards Daniel. De : Friesen, Andreas [mailto:andreas.friesen at sap.com] Envoy? : lundi 11 juillet 2011 15:47 ? : BISSON Pascal Cc : GIDOIN Daniel; Juanjo Hierro; TRABELSI, Slim; Leidig, Torsten; Fiware-security at lists.fi-ware.eu; LELEU Philippe; SIEUX Corinne Objet : RE: Review of the security chapter by Apps/Services Ecosystem and delivery Dear Pascal, please don't get me wrong what concerns security monitoring. I don't say it is unnecessary, dispensable or useless. I only said that it is not FI-WARE related (in the sense that there are no explicitly mentioned specific integration/interaction points with other FI-WARE components) because from what I could read in the chapter it seems to rely on inputs from Intrusion Detection Systems, Firewalls, etc. At least in my understanding, security monitoring, as it is described in the security chapter, can be used to monitor any kind of system/network node protected by Intrusion Detection Systems, Firewalls or other security-relevant systems belonging to a deployment context of a software system to be protected. Hence, my assumption is that it can be developed by security WP without further interaction with other FI-WARE WPs because it monitors the deployment context of a system and not the system itself. Is this assumption correct? Best regards, Andreas From: BISSON Pascal [mailto:pascal.bisson at thalesgroup.com] Sent: Montag, 11. Juli 2011 14:29 To: Friesen, Andreas Cc: GIDOIN Daniel; Juanjo Hierro; TRABELSI, Slim; Leidig, Torsten; Fiware-security at lists.fi-ware.eu; LELEU Philippe; SIEUX Corinne Subject: RE: Review of the security chapter by Apps/Services Ecosystem and delivery Dear Andreas, Thanks to have organized at WP3 level, review of our Security Chapter to D2.2b. I already received the WP3 comments from DT. As for the ones coming from SAP and UDE I will have a look at them with the rest of the Security team and answer them to you. As for what you says regarding Security monitoring components that in your view don't directly relate to FI-WARE let me fully object here just because it would benefit to each of the other ATs( including yours although not limited to it) and is also highly desired for what concerns usage areas we know and are targeting (Smart City, Smart Grid, Smart Transport, ...). This without saying it is part of the approved DoW so this is directly related to FI-WARE and the major innovations which may result of the FI-WARE Project. Best regards, Pascal De : Friesen, Andreas [mailto:andreas.friesen at sap.com] Envoy? : lundi 11 juillet 2011 13:04 ? : BISSON Pascal Cc : GIDOIN Daniel; Juanjo Hierro; TRABELSI, Slim; Leidig, Torsten Objet : Review of the security chapter by Apps/Services Ecosystem and delivery Dear Pascal, I asked all WP3 partners feeling qualified to build an opinion about security to review the security chapter and received some feedback in the meantime. I will forward to you any additional reviews until today EOB should I receive them during the day. Please find attached the reviewed security chapter from SAP and UDE. We did not change the text just added comments. In general, the comments are mainly focused on getting a common understanding what will security chapter offer to other FI-WARE chapters in the end. As you will see from the comments (except for the enablers corresponding to "2 Generic Security Enablers" in Fig.2 dealing with authentication, authorization, identity management, privacy, etc.) it is very difficult to assess (at least from the perspective of apps/services ecosystems so maybe an additional review from a different WP could be useful for you) at the moment how the rest of the security WP contributes to/can be used by other chapters in FI-WARE. Many of the described components are either too low level (e.g., database risk evaluation and anonymization service) or not directly related to FI-WARE (e.g., the security monitoring components). Here are also some comments on the Security chapter with respect to WP3 issues provided by DT: Security Monitoring Enabler It is not clear which interfaces to services and composition environments are needed for the monitoring process. Infos provided on pg 7 are very general: Firewalls, Intrusion Detection Systems, Security and Event Managers, ... wireless events agents ... Especially business risk impact evaluation sounds interesting, but it is not part of the figure 3 and not clear how a relationship with a real business application produced e.g. by our composition tools could be realised. At this level of description it's unclear how e.g. a sql intrusion attack on application level is monitored or the business risk is evaluated. Identity Management Are there also some group functionalities or are there only single identities for users and things? PPL Engine Is there an own grafical user interface for the end user to control his attributes? What are the interfaces to applications or services? Context-based security and compliance Not clear if this is related to WP3: Is it filter of security enablers (which one?) to fit with "very specific regulatory constraints" and monitoring of system performance? If this is an USDL extension, what is the influence on applications which are described in USDL and consumed via the marketplace? Optional security service enabler Not understood, is it an extension of USDL with security features (see above)? "The goal is to make easily extendible the security service description for customized services. This functionality will encourage all developers to define and describe their won services through the USDL standard by adding new functionalities .." pg18 Are there any relations to applications and composition tools, what are the effects on applications or user security? Best regards, Andreas From: fiware-wpl-bounces at lists.fi-ware.eu [mailto:fiware-wpl-bounces at lists.fi-ware.eu] On Behalf Of Juanjo Hierro Sent: Mittwoch, 6. Juli 2011 12:27 To: fiware-wpl at lists.fi-ware.eu; fiware-wpa at lists.fi-ware.eu Subject: [Fiware-wpl] Contents of chapters available and planning until official deliverable Dear colleagues, You will find the .doc files of each of your chapters in the usual placeholders. Now, the name associated to each of them adopts the following convention: "FI-WARE High-level Description - Chapter v." The integrated draft is available at: https://forge.fi-ware.eu/docman/view.php/7/235/FI-WARE+High-Level+Description+integrated+draft+0.1+11-07-06.doc But we should keep working with separated files per chapter. I first action I would kindly ask all of you to perform is to check that all your stuff is there and I didn't miss anything during the integration :-) If you find something missing, please let me know. Now, we should NOT relax and keep going to get the official release of the deliverable on time. This was announced for mid July ... what mid July means is up to us, but I would suggest making it available on July 19th. What I would suggest now is that we carry out a peer review of each chapter, involving members of a given WP in reviewing the contents of those chapter with whom more inter dependencies may exist. In parallel, each group should try to finish what couldn't make for this first draft. I know that the analysis of Security aspects, just to mention an example, is not closed for all the chapters. I will try to send a summary of what I see pending per chapter later today. In respect to peer reviews, here you have my suggestions for a first round. We would try to make another round before the deadline: Chapter Chief editors Contacts Suggested peer reviewer (team) Cloud Hosting IBM GLIKSON at il.ibm.com Interfaces to Networks & Devices Data/Context Management TID jhierro at tid.es IoT Services Enablement Apps/Services Ecosystem & Delivery SAP andreas.friesen at sap.com, torsten.leidig at sap.com Security IoT Services Enablement Orange & NSN Thierry.nagellen at orange-ftgroup.com, lorant.farkas at nsn.com Data/Context Management Interfaces to Networks & Devices TI &DT pierangelo.garino at telecomitalia.it, Hans.Einsiedler at telekom.de Cloud Hosting Security Thales pascal.bisson at thalesgroup.com, daniel.gidoin at thalesgroup.com Apps/Services Ecosystem & Delivery I would suggest that we define the following milestones linked to this first round unless I hear any objection: * July 11 EOB, reviewers to send their comments (I suggest word files with changes under control) * July 13 EOB, revision of comments by editors of each chapter and upload of new version by chief editors on FusionForge If you believe that there would be a better assignment for you, please also let me know and we'll try together to see if there is an alternative arrangement. Chief editors in the table above matches the WPLs and WPAs as you may already know. WPLs are entitled to contact the chief editor of the chapter his team has been assigned to review so that you can agree on how to proceed. We can keep the procedure of managing the editor token by playing with the states linked to documents in the docman system so that whenever one file is in "pending" state means somebody is editing it. Whenever one changes the state of a given document to "pending" it should announce it to the people involved. Anyway, you should always download the last version from FusionForge (or check that the version you have is downloadable) whenever you decide to start editing a document and change it to "pending". A good strategy in some cases is that you split the chapter in several files, so that you keep control of those pieces that you believe are unstable and leave the rest for review. If you have still pending points, this procedure won't be perfect so each editor should probably edit his version in parallel someone is reviewing it, then manage how to integrate the comments. But there is no much better ways to proceed unless you have a better idea. There are other things that we should start hard because we are behind the schedule. An important part has to do with starting to bring content to the website and blogs. It won't be that difficult now that we have quite a bit of content and nice stories to talk about :-) I'll send an email with a plan proposal on the matter either today or tomorrow. ONE FINAL WORD AND RATHER IMPORTANT: PLEASE respect the styles and procedures for editing describing at the front matter of the documents. Some of you have tried to respect them, and integration was rather easy. BUT I HAVE TO SAY THAT OTHERS HAVE NOT. And this creates a lot of burden. I can tell you that I have lost almost one hour with one of the chapters just fixing the formats while I have spent just 15 mins with the chapters from those who followed the rules. FOR THE NEXT ROUND, take it seriously, I will reject any file that contains prohibited styles or broken styles. I know that it's pretty easy just to copy&paste from another document you may have written before or apart of this project or a web page, but that action breaks everything and has unpredictable consequences in MS Word. It is also easier to create bullet lists or numbered lists using the buttons for doing so that MS Word offers to you at the upper tool bar, but that also has unpredictable consequences and means breaking an homogeneous style across the whole document (I will indeed try to find out how to prevent these buttons to appear :-) And that's all for this very long mail, I want to again thank you for all your efforts, good attitude and, overall, patience with my requests. Best regards, -- Juanjo ________________________________ Este mensaje se dirige exclusivamente a su destinatario. Puede consultar nuestra pol?tica de env?o y recepci?n de correo electr?nico en el enlace situado m?s abajo. This message is intended exclusively for its addressee. We only send and receive email on the basis of the terms set out at. http://www.tid.es/ES/PAGINAS/disclaimer.aspx -------------- next part -------------- An HTML attachment was scrubbed... URL: From daniel.gidoin at thalesgroup.com Tue Jul 12 09:53:39 2011 From: daniel.gidoin at thalesgroup.com (GIDOIN Daniel) Date: Tue, 12 Jul 2011 09:53:39 +0200 Subject: [Fiware-security] TR: Fi-ware security GE - Review Message-ID: <24506_1310457221_4E1BFD85_24506_7658_1_8F1D40232A0E68409E3FC23A30C326620162DA25F228@THSONEA01CMS04P.one.grp> Dear All, I apologize. By mistake, I've not relayed this message. Daniel De : GIDOIN Daniel Envoy? : lundi 11 juillet 2011 14:59 ? : 'Horst.Stein at telekom.de'; fiware-apps at lists.fi-ware.eu Cc : fiware-apps at lists.fi-ware.eu; BISSON Pascal Objet : RE: Fi-ware security GE - Review Dear Horst, Thank a lot for your very excellent comments. Please find below further information on the security monitoring topic. Security Monitoring Enabler It is not clear which interfaces to services and composition environments are needed for the monitoring. The Monitoring Security Enabler will exploit the security events logged by the services (I.e. non-Authorized access attempts, service disabling, denial of service attempt..). process. Infos provided on pg 7 are very general: Firewalls, Intrusion Detection Systems, Security and Event Managers, ... wireless events agents ... yes, this list is delivered as an example. It must be developed Especially business risk impact evaluation sounds interesting, but it is not part of the figure 3 and not clear how a relationship with a real business application produced e.g. by our composition tools could be realised. Risk analysis includes the business risk impact. Of course, it's not easy to evaluate the business impact without to mention urbanization map or complex business processe;, but it is probably possible to identify critical services and sensitive data and to establish some priorities and adapted countermeasures. At this level of description it's unclear how e.g. a sql intrusion attack on application level is monitored or the business risk is evaluated. In the context of SaaS, many application (i.e. ERP, DB..) log security events. We will exploit them to detect an intrusion. Please let me know if you need any further information. Bests regards Daniel De : fiware-apps-bounces at lists.fi-ware.eu [mailto:fiware-apps-bounces at lists.fi-ware.eu] De la part de Horst.Stein at telekom.de Envoy? : vendredi 8 juillet 2011 15:14 ? : fiware-apps at lists.fi-ware.eu Objet : [Fiware-apps] Fi-ware security GE - Review Hi Andreas and all, Here are some comments on the Security chapter with respect to WP3 issues: Security Monitoring Enabler It is not clear which interfaces to services and composition environments are needed for the monitoring process. Infos provided on pg 7 are very general: Firewalls, Intrusion Detection Systems, Security and Event Managers, ... wireless events agents ... Especially business risk impact evaluation sounds interesting, but it is not part of the figure 3 and not clear how a relationship with a real business application produced e.g. by our composition tools could be realised. At this level of description it's unclear how e.g. a sql intrusion attack on application level is monitored or the business risk is evaluated. Identity Management Are there also some group functionalities or are there only single identities for users and things? PPL Engine Is there an own grafical user interface for the end user to control his attributes? What are the interfaces to applications or services? Context-based security and compliance Not clear if this is related to WP3: Is it filter of security enablers (which one?) to fit with "very specific regulatory constraints" and monitoring of system performance? If this is an USDL extension, what is the influence on applications which are described in USDL and consumed via the marketplace? Optional security service enabler Not understood, is it an extension of USDL with security features (see above)? "The goal is to make easily extendible the security service description for customized services. This functionality will encourage all developers to define and describe their won services through the USDL standard by adding new functionalities .." pg18 Are there any relations to applications and composition tools, what are the effects on applications or user security? Best regards and nice weekend Horst ________________________________________________ Deutsche Telekom AG Laboratories Dr. Horst Stein Winterfeldtstrasse 21, D-10781 Berlin +49 30 835358637 (Tel) +49 391 53477987 +49 1605326264 (Mobil) http://www.laboratories.telekom.com E-Mail: horst.stein at telekom.de Erleben, was verbindet. Deutsche Telekom AG Aufsichtsrat: Prof. Dr. Ulrich Lehner (Vorsitzender) Vorstand: Ren? Obermann (Vorsitzender), Hamid Akhavan, Dr. Manfred Balz, Reinhard Clemens, Niek Jan van Damme, Timotheus H?ttges, Guido Kerkhoff, Thomas Sattelberger Handelsregister: Amtsgericht Bonn HRB 6794 Sitz der Gesellschaft: Bonn WEEE-Reg.-Nr. DE50478376 -------------- next part -------------- An HTML attachment was scrubbed... URL: From antonio.garcia at atosresearch.eu Tue Jul 12 10:02:34 2011 From: antonio.garcia at atosresearch.eu (Antonio Garcia Vazquez) Date: Tue, 12 Jul 2011 10:02:34 +0200 Subject: [Fiware-security] TR: Fi-ware security GE - Review In-Reply-To: <8168_1310136924_4E171A5C_8168_14436_1_489956e8-c2fa-46f1-aad2-688a97ceb90f@THSONEA01HUB03P.one.grp> References: <8168_1310136924_4E171A5C_8168_14436_1_489956e8-c2fa-46f1-aad2-688a97ceb90f@THSONEA01HUB03P.one.grp> Message-ID: <0385F69C47D8694EA885D34BE18BCCC402FFEDD0@INTMAIL02.es.int.atosorigin.com> Dear All, My comments about Context-based security and compliance : 1) Not clear if this is related to WP3: There is no relation with WP3, but the extension of the USDL protocol which is also used by WP3. I think this point is clear enough in our text. Perhaps we could change this paragraph: ?Extend standard USDL 3.0 by implementing a new module security oriented where security specifications may be referred to existing standards like WS-SecurityPolicy and even management to Common Base Event? Into this one: ?? Define a USDL-Sec protocol as a new module security oriented extension of standard USDL 3.0 where security specifications may be referred to existing standards like WS-SecurityPolicy and even management to Common Base Event? To be more specific. 2) Is it filter of security enablers (which one?) to fit with "very specific regulatory constraints" and monitoring of system performance? I think we are clear enough in next paragraph: ?The GE will accept security request from a client application and will select the best Optional Security Enabler to fulfil it.? 3) If this is an USDL extension, what is the influence on applications which are described in USDL and consumed via the marketplace? The relationship between USDL-SEC and USDL will be the same as the already implemented relationship between existing USDL modules (see http://www.internet-of-services.com/index.php?id=570&L=0) On the other hand I?m agree with Stein. As USDL-SEC will be an extension of USDL ; the optional security GE market could be defined as an extension of the serviced market they are defining in WP3. So some kind of interaction in this field could be needed I also send a Word version with the modifications implemented Best Regards ************************************ * Antonio Garc?a V?zquez * * (+34) 91 214 9384 * * antonio.garcia at atosresearch.eu * ************************************ From: fiware-security-bounces at lists.fi-ware.eu [mailto:fiware-security-bounces at lists.fi-ware.eu] On Behalf Of BISSON Pascal Sent: viernes, 08 de julio de 2011 16:55 To: Fiware-Security (fiware-security at lists.fi-ware.eu) Subject: [Fiware-security] TR: Fi-ware security GE - Review Dear All, Here are the comments we got from the peer-review of our Security chapter which was performed by WP3 (Horst Stein/DT) In view of the comments I would ask each of the Task leaders and/or GE enablers to which they are targeted to provide me with their answer in order to interact with them and elaborate shared and agreed answer we can give (this including some redrafting which might be needed to clarify things and so improve overall quality of our Chapter) Useless to say any of you is more than welcome to contribute/participate to the answers to be given here. So hearing from the task leads and you all to improve our Security chapter in view of the comments raised by WP3 reviewer. Best Regards, Pascal De : fiware-apps-bounces at lists.fi-ware.eu [mailto:fiware-apps-bounces at lists.fi-ware.eu] De la part de Horst.Stein at telekom.de Envoy? : vendredi 8 juillet 2011 15:14 ? : fiware-apps at lists.fi-ware.eu Objet : [Fiware-apps] Fi-ware security GE - Review Hi Andreas and all, Here are some comments on the Security chapter with respect to WP3 issues: Security Monitoring Enabler It is not clear which interfaces to services and composition environments are needed for the monitoring process. Infos provided on pg 7 are very general: Firewalls, Intrusion Detection Systems, Security and Event Managers, ? wireless events agents ? Especially business risk impact evaluation sounds interesting, but it is not part of the figure 3 and not clear how a relationship with a real business application produced e.g. by our composition tools could be realised. At this level of description it's unclear how e.g. a sql intrusion attack on application level is monitored or the business risk is evaluated. Identity Management Are there also some group functionalities or are there only single identities for users and things? PPL Engine Is there an own grafical user interface for the end user to control his attributes? What are the interfaces to applications or services? Context-based security and compliance Not clear if this is related to WP3: Is it filter of security enablers (which one?) to fit with "very specific regulatory constraints" and monitoring of system performance? If this is an USDL extension, what is the influence on applications which are described in USDL and consumed via the marketplace? Optional security service enabler Not understood, is it an extension of USDL with security features (see above)? "The goal is to make easily extendible the security service description for customized services. This functionality will encourage all developers to define and describe their won services through the USDL standard by adding new functionalities .." pg18 Are there any relations to applications and composition tools, what are the effects on applications or user security? Best regards and nice weekend Horst ________________________________________________ Deutsche Telekom AG Laboratories Dr. Horst Stein Winterfeldtstrasse 21, D-10781 Berlin +49 30 835358637 (Tel) +49 391 53477987 +49 1605326264 (Mobil) http://www.laboratories.telekom.com E-Mail: horst.stein at telekom.de Erleben, was verbindet. Deutsche Telekom AG Aufsichtsrat: Prof. Dr. Ulrich Lehner (Vorsitzender) Vorstand: Ren? Obermann (Vorsitzender), Hamid Akhavan, Dr. Manfred Balz, Reinhard Clemens, Niek Jan van Damme, Timotheus H?ttges, Guido Kerkhoff, Thomas Sattelberger Handelsregister: Amtsgericht Bonn HRB 6794 Sitz der Gesellschaft: Bonn WEEE-Reg.-Nr. DE50478376 ------------------------------------------------------------------ This e-mail and the documents attached are confidential and intended solely for the addressee; it may also be privileged. If you receive this e-mail in error, please notify the sender immediately and destroy it. As its integrity cannot be secured on the Internet, the Atos group liability cannot be triggered for the message content. Although the sender endeavours to maintain a computer virus-free network, the sender does not warrant that this transmission is virus-free and will not be liable for any damages resulting from any virus transmitted. Este mensaje y los ficheros adjuntos pueden contener informacion confidencial destinada solamente a la(s) persona(s) mencionadas anteriormente pueden estar protegidos por secreto profesional. Si usted recibe este correo electronico por error, gracias por informar inmediatamente al remitente y destruir el mensaje. Al no estar asegurada la integridad de este mensaje sobre la red, Atos no se hace responsable por su contenido. Su contenido no constituye ningun compromiso para el grupo Atos, salvo ratificacion escrita por ambas partes. Aunque se esfuerza al maximo por mantener su red libre de virus, el emisor no puede garantizar nada al respecto y no sera responsable de cualesquiera danos que puedan resultar de una transmision de virus. ------------------------------------------------------------------ -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: FI-WARE High-Level Description Security v2.1 11-06-22 valid until 11-07-05(Atos Rev).doc Type: application/msword Size: 1497600 bytes Desc: FI-WARE High-Level Description Security v2.1 11-06-22 valid until 11-07-05(Atos Rev).doc URL: From pascal.bisson at thalesgroup.com Tue Jul 12 11:26:14 2011 From: pascal.bisson at thalesgroup.com (BISSON Pascal) Date: Tue, 12 Jul 2011 11:26:14 +0200 Subject: [Fiware-security] Review of the security chapter by Apps/Services Ecosystem and delivery In-Reply-To: <92E1E76787317A4E876E7A444ABC390213F021EC5D@DEWDFECCR08.wdf.sap.corp> References: <92E1E76787317A4E876E7A444ABC390213F009C5A6@DEWDFECCR08.wdf.sap.corp> <7851_1310387361_4E1AECA1_7851_1180_1_e5e4221f-7375-4ff6-a084-3100c4d5f139@THSONEA01HUB04P.one.grp> <92E1E76787317A4E876E7A444ABC390213F009C895@DEWDFECCR08.wdf.sap.corp> <16378_1310456817_4E1BFBF1_16378_17616_1_4ab0131e-8c91-42a1-a72d-659e84f62bfe@THSONEA01HUB03P.one.grp> <92E1E76787317A4E876E7A444ABC390213F021EC5D@DEWDFECCR08.wdf.sap.corp> Message-ID: <4674_1310462776_4E1C1338_4674_3195_1_b500f7b8-44b8-4506-85a5-28516277f8c7@THSONEA01HUB05P.one.grp> Dear Andreas, We have just finished our weekly audio conference on WP8 where we discussed among other comments you provided us with as per WP3 review (SAP, UDE & DT). In the meantime I also asked my colleague Daniel as T8.1 Leader and Security Monitoring GE owner to answer concerns you had raised from your side with respect to this enabler. I'm pleased to see things have now been clarified from your side to some extent. As for the rest we also agree as an outcome of our audio conf of today to add a question mark to M2 deliverable to clearly state we would be further working on the topic in the coming months to definitely clarify things for what concerns USDL-Sec and event mangers in the context of security monitoring. So we can we say we have agreement on this and would be willing to have a joint WP3-WP8 meeting starting first at next plenary meeting in September. Hope you support and it would feasible form an organization perspective. If not we would have to go for a separate meeting after this plenary. To be further discussed with you according to what best suit you. Best Regards, Pascal De : Friesen, Andreas [mailto:andreas.friesen at sap.com] Envoy? : mardi 12 juillet 2011 10:50 ? : GIDOIN Daniel; BISSON Pascal Cc : Juanjo Hierro; TRABELSI, Slim; Leidig, Torsten; Fiware-security at lists.fi-ware.eu; LELEU Philippe; SIEUX Corinne; Calin Curescu Objet : RE: Review of the security chapter by Apps/Services Ecosystem and delivery Dear Daniel, many thanks for the clarification. Indeed, the security monitoring system you are striving to develop will be more powerful than conventional monitoring systems if it will be able to consume security-relevant information from FI-WARE specific event managers. For the M5 deliverable, we will have to develop a deeper understanding about the kinds of FI-WARE specific event managers you have in mind and the role of USDL-SEC (mentioned in Fig 3) in the context of security monitoring. Perhaps, it would be a good idea to add this as a question mark to the M2 deliverable. With respect to Apps/Services Ecosystem and delivery, I would like to propose to address this issue in one of our regular meetings with the security WP. Best regards, Andreas From: GIDOIN Daniel [mailto:daniel.gidoin at thalesgroup.com] Sent: Dienstag, 12. Juli 2011 09:47 To: Friesen, Andreas; BISSON Pascal Cc: Juanjo Hierro; TRABELSI, Slim; Leidig, Torsten; Fiware-security at lists.fi-ware.eu; LELEU Philippe; SIEUX Corinne Subject: RE: Review of the security chapter by Apps/Services Ecosystem and delivery Dear Andreas, We should have no fear regarding integration/interaction with other FI-WARE components. Indeed, the interactions are very strong. On the one hand, the security monitoring GE exploits the events generated by these components. It's a big difference with a conventional monitoring, only focused on events from the network and security components. On the other hand, generated countermeasures applies to these FI-WARE components, according to their criticality. Also, It raises alerts dedicated to these FI-WARE components. Best regards Daniel. De : Friesen, Andreas [mailto:andreas.friesen at sap.com] Envoy? : lundi 11 juillet 2011 15:47 ? : BISSON Pascal Cc : GIDOIN Daniel; Juanjo Hierro; TRABELSI, Slim; Leidig, Torsten; Fiware-security at lists.fi-ware.eu; LELEU Philippe; SIEUX Corinne Objet : RE: Review of the security chapter by Apps/Services Ecosystem and delivery Dear Pascal, please don't get me wrong what concerns security monitoring. I don't say it is unnecessary, dispensable or useless. I only said that it is not FI-WARE related (in the sense that there are no explicitly mentioned specific integration/interaction points with other FI-WARE components) because from what I could read in the chapter it seems to rely on inputs from Intrusion Detection Systems, Firewalls, etc. At least in my understanding, security monitoring, as it is described in the security chapter, can be used to monitor any kind of system/network node protected by Intrusion Detection Systems, Firewalls or other security-relevant systems belonging to a deployment context of a software system to be protected. Hence, my assumption is that it can be developed by security WP without further interaction with other FI-WARE WPs because it monitors the deployment context of a system and not the system itself. Is this assumption correct? Best regards, Andreas From: BISSON Pascal [mailto:pascal.bisson at thalesgroup.com] Sent: Montag, 11. Juli 2011 14:29 To: Friesen, Andreas Cc: GIDOIN Daniel; Juanjo Hierro; TRABELSI, Slim; Leidig, Torsten; Fiware-security at lists.fi-ware.eu; LELEU Philippe; SIEUX Corinne Subject: RE: Review of the security chapter by Apps/Services Ecosystem and delivery Dear Andreas, Thanks to have organized at WP3 level, review of our Security Chapter to D2.2b. I already received the WP3 comments from DT. As for the ones coming from SAP and UDE I will have a look at them with the rest of the Security team and answer them to you. As for what you says regarding Security monitoring components that in your view don't directly relate to FI-WARE let me fully object here just because it would benefit to each of the other ATs( including yours although not limited to it) and is also highly desired for what concerns usage areas we know and are targeting (Smart City, Smart Grid, Smart Transport, ...). This without saying it is part of the approved DoW so this is directly related to FI-WARE and the major innovations which may result of the FI-WARE Project. Best regards, Pascal De : Friesen, Andreas [mailto:andreas.friesen at sap.com] Envoy? : lundi 11 juillet 2011 13:04 ? : BISSON Pascal Cc : GIDOIN Daniel; Juanjo Hierro; TRABELSI, Slim; Leidig, Torsten Objet : Review of the security chapter by Apps/Services Ecosystem and delivery Dear Pascal, I asked all WP3 partners feeling qualified to build an opinion about security to review the security chapter and received some feedback in the meantime. I will forward to you any additional reviews until today EOB should I receive them during the day. Please find attached the reviewed security chapter from SAP and UDE. We did not change the text just added comments. In general, the comments are mainly focused on getting a common understanding what will security chapter offer to other FI-WARE chapters in the end. As you will see from the comments (except for the enablers corresponding to "2 Generic Security Enablers" in Fig.2 dealing with authentication, authorization, identity management, privacy, etc.) it is very difficult to assess (at least from the perspective of apps/services ecosystems so maybe an additional review from a different WP could be useful for you) at the moment how the rest of the security WP contributes to/can be used by other chapters in FI-WARE. Many of the described components are either too low level (e.g., database risk evaluation and anonymization service) or not directly related to FI-WARE (e.g., the security monitoring components). Here are also some comments on the Security chapter with respect to WP3 issues provided by DT: Security Monitoring Enabler It is not clear which interfaces to services and composition environments are needed for the monitoring process. Infos provided on pg 7 are very general: Firewalls, Intrusion Detection Systems, Security and Event Managers, ... wireless events agents ... Especially business risk impact evaluation sounds interesting, but it is not part of the figure 3 and not clear how a relationship with a real business application produced e.g. by our composition tools could be realised. At this level of description it's unclear how e.g. a sql intrusion attack on application level is monitored or the business risk is evaluated. Identity Management Are there also some group functionalities or are there only single identities for users and things? PPL Engine Is there an own grafical user interface for the end user to control his attributes? What are the interfaces to applications or services? Context-based security and compliance Not clear if this is related to WP3: Is it filter of security enablers (which one?) to fit with "very specific regulatory constraints" and monitoring of system performance? If this is an USDL extension, what is the influence on applications which are described in USDL and consumed via the marketplace? Optional security service enabler Not understood, is it an extension of USDL with security features (see above)? "The goal is to make easily extendible the security service description for customized services. This functionality will encourage all developers to define and describe their won services through the USDL standard by adding new functionalities .." pg18 Are there any relations to applications and composition tools, what are the effects on applications or user security? Best regards, Andreas From: fiware-wpl-bounces at lists.fi-ware.eu [mailto:fiware-wpl-bounces at lists.fi-ware.eu] On Behalf Of Juanjo Hierro Sent: Mittwoch, 6. Juli 2011 12:27 To: fiware-wpl at lists.fi-ware.eu; fiware-wpa at lists.fi-ware.eu Subject: [Fiware-wpl] Contents of chapters available and planning until official deliverable Dear colleagues, You will find the .doc files of each of your chapters in the usual placeholders. Now, the name associated to each of them adopts the following convention: "FI-WARE High-level Description - Chapter v." The integrated draft is available at: https://forge.fi-ware.eu/docman/view.php/7/235/FI-WARE+High-Level+Description+integrated+draft+0.1+11-07-06.doc But we should keep working with separated files per chapter. I first action I would kindly ask all of you to perform is to check that all your stuff is there and I didn't miss anything during the integration :-) If you find something missing, please let me know. Now, we should NOT relax and keep going to get the official release of the deliverable on time. This was announced for mid July ... what mid July means is up to us, but I would suggest making it available on July 19th. What I would suggest now is that we carry out a peer review of each chapter, involving members of a given WP in reviewing the contents of those chapter with whom more inter dependencies may exist. In parallel, each group should try to finish what couldn't make for this first draft. I know that the analysis of Security aspects, just to mention an example, is not closed for all the chapters. I will try to send a summary of what I see pending per chapter later today. In respect to peer reviews, here you have my suggestions for a first round. We would try to make another round before the deadline: Chapter Chief editors Contacts Suggested peer reviewer (team) Cloud Hosting IBM GLIKSON at il.ibm.com Interfaces to Networks & Devices Data/Context Management TID jhierro at tid.es IoT Services Enablement Apps/Services Ecosystem & Delivery SAP andreas.friesen at sap.com, torsten.leidig at sap.com Security IoT Services Enablement Orange & NSN Thierry.nagellen at orange-ftgroup.com, lorant.farkas at nsn.com Data/Context Management Interfaces to Networks & Devices TI &DT pierangelo.garino at telecomitalia.it, Hans.Einsiedler at telekom.de Cloud Hosting Security Thales pascal.bisson at thalesgroup.com, daniel.gidoin at thalesgroup.com Apps/Services Ecosystem & Delivery I would suggest that we define the following milestones linked to this first round unless I hear any objection: * July 11 EOB, reviewers to send their comments (I suggest word files with changes under control) * July 13 EOB, revision of comments by editors of each chapter and upload of new version by chief editors on FusionForge If you believe that there would be a better assignment for you, please also let me know and we'll try together to see if there is an alternative arrangement. Chief editors in the table above matches the WPLs and WPAs as you may already know. WPLs are entitled to contact the chief editor of the chapter his team has been assigned to review so that you can agree on how to proceed. We can keep the procedure of managing the editor token by playing with the states linked to documents in the docman system so that whenever one file is in "pending" state means somebody is editing it. Whenever one changes the state of a given document to "pending" it should announce it to the people involved. Anyway, you should always download the last version from FusionForge (or check that the version you have is downloadable) whenever you decide to start editing a document and change it to "pending". A good strategy in some cases is that you split the chapter in several files, so that you keep control of those pieces that you believe are unstable and leave the rest for review. If you have still pending points, this procedure won't be perfect so each editor should probably edit his version in parallel someone is reviewing it, then manage how to integrate the comments. But there is no much better ways to proceed unless you have a better idea. There are other things that we should start hard because we are behind the schedule. An important part has to do with starting to bring content to the website and blogs. It won't be that difficult now that we have quite a bit of content and nice stories to talk about :-) I'll send an email with a plan proposal on the matter either today or tomorrow. ONE FINAL WORD AND RATHER IMPORTANT: PLEASE respect the styles and procedures for editing describing at the front matter of the documents. Some of you have tried to respect them, and integration was rather easy. BUT I HAVE TO SAY THAT OTHERS HAVE NOT. And this creates a lot of burden. I can tell you that I have lost almost one hour with one of the chapters just fixing the formats while I have spent just 15 mins with the chapters from those who followed the rules. FOR THE NEXT ROUND, take it seriously, I will reject any file that contains prohibited styles or broken styles. I know that it's pretty easy just to copy&paste from another document you may have written before or apart of this project or a web page, but that action breaks everything and has unpredictable consequences in MS Word. It is also easier to create bullet lists or numbered lists using the buttons for doing so that MS Word offers to you at the upper tool bar, but that also has unpredictable consequences and means breaking an homogeneous style across the whole document (I will indeed try to find out how to prevent these buttons to appear :-) And that's all for this very long mail, I want to again thank you for all your efforts, good attitude and, overall, patience with my requests. Best regards, -- Juanjo ________________________________ Este mensaje se dirige exclusivamente a su destinatario. Puede consultar nuestra pol?tica de env?o y recepci?n de correo electr?nico en el enlace situado m?s abajo. This message is intended exclusively for its addressee. We only send and receive email on the basis of the terms set out at. http://www.tid.es/ES/PAGINAS/disclaimer.aspx -------------- next part -------------- An HTML attachment was scrubbed... URL: From pascal.bisson at thalesgroup.com Tue Jul 12 12:02:10 2011 From: pascal.bisson at thalesgroup.com (BISSON Pascal) Date: Tue, 12 Jul 2011 12:02:10 +0200 Subject: [Fiware-security] FI-WARE - Weekly audio conf of today (minutes) Message-ID: <24502_1310464936_4E1C1BA8_24502_1499_1_af506641-05ac-49dd-a262-41258295a14d@THSONEA01HUB03P.one.grp> Dear All, Find hereafter the minutes of our audio conf of today: Security chapter ? Comments from TID revision of Security Chapter have been processed and sent back to TID (Juanjo) ? Comments from per review of WP3 (SAP,UDE,DT) have been discussed as well as some answers which were provided (e.g. ATOS) o Action: all who proposed some redrafting of Security chapter to address comments would have to send their text no later than by 13/07/11 at 11am to Daniel (cc. Pascal) o Action: SAP to initiate additional question on USDL-SEC and work that need to be engaged in the coming months to further align ongoing work at the level of other team (e.g. WP3 with USDL). ATOS to contribute to the text of this question mark. Thales (Daniel) to check and integrate to Security chapter update and final release. o Action: Daniel to update the Security chapter accordingly and send it by 13/07/11 Lunch time on behalf of WP8 Lead back to TID for integration to final version of M2 deliverable ? Actions to ALL in view of Summer period: o Please report to Thales you vacation plans and replacement if any ? [Needed first and foremost for what concerns Caretakers and Task leaders] Review of Security sections of other WPs ? Review provided by WPL ? No additional remark/comment/suggested changed from the rest of the team ? Still not reviewed Security section of IoT (Still missing input here from FT-Orange Xavier ??) Next steps ? Features backlog (Pascal to catch up with Juanjo on the topic on next Monday to further discuss with the Security team at next audio) Next audio-conf: Next Friday 22/07/11 o Others to be announced via Outlook -------------- next part -------------- An HTML attachment was scrubbed... URL: From Olivier.Festor at inria.fr Tue Jul 12 16:04:19 2011 From: Olivier.Festor at inria.fr (Olivier Festor) Date: Tue, 12 Jul 2011 16:04:19 +0200 Subject: [Fiware-security] FI-WARE - Audio conf of today In-Reply-To: <29108_1310113497_4E16BED9_29108_12967_1_CBBCD6C304123F4AB23FAAE3055C8C0E02014B463603@THSONEA01CMS04P.one.grp> References: <29108_1310113497_4E16BED9_29108_12967_1_CBBCD6C304123F4AB23FAAE3055C8C0E02014B463603@THSONEA01CMS04P.one.grp> Message-ID: <6638A0A5-F1CB-43C6-9C88-9F6BCC28A473@inria.fr> Dear Pascal please find below my comments on the Security chapter. I had to take a day off yesterday, and being traveling today, thus the delay. For the current version of the security part, the comments are minor. However, the varying level of maturity and details of the different enablers envisioned in the Security WP may become a concern in the next iteration. As an example, the Identity management part is already well advanced while the security monitoring GE is functionnaly more rich but also much more abstract at this stage and may be very difficult to link to actual applications (I'll come to this point later on in the detailed document analysis). Section 3.1 : Overview - Overall OK section. Although the threat in the 5th paragraph is centered on "Cyber Terrorism" and "Weapons of mass disruption". While these threats re highly relevant, I believe that as a Service platform, fiware should on the security part equally cover and mention more common threats, like toll-fraud, impersonation, service highjacking, ... The chapter identifies 4 Core modules : Monitoring Mechanisms, Identity and Privacy, Context-based Security and compliance, and discoverable optional generic enablers, while in the chapter, (section 3.2), 6 Core elements are presented. To unite the descriptions, either group (3.2.2, 3.2.3 and 3.2.4) or split in the Overview, Identity and Privacy. Section 3.2 : Security Monitoring - The functional blocks of the overall architecture are sound and generic. According to the description, the monitoring Generic enablers includes also the counter measures and decision making (Figure 3). However, no interface to actually push the configurations to the devices to activate the counter-measures is provided on the schema. The next step for this Generic enabler is propably to instanciate the interfaces among the different blocks. In this context, what is foreseen (if any) as a configuration interfaces ? I doubt that, Fiware can enforce a single one covering the whole scope from sensors/actuators to map-reduce cloud services. -Normalization of Heterogeneous Events and Correlation The document advocates the foreseen benefit of "Tag-based AI algorithms for event correlation". In this section, at least a couple of biblographic reference to these "Tag-based AI algorithms" should be provided, especially to references assessing this superiority. Section 3.3 : Identity Management - Overall OK. However, reading this section raised the question in my mind on whether Fi-ware has a generic enabler addressing accounting ? Section 3.3 : Context Several typos in the text + Figure 8 has a typo (Framework) Regarding Optional Generic Enabler, I was surprised not to see our proposal on smartphone-based flow-monitoring there. Is it part of the whole fulll Generic Enabler ? In general, Monitoring and Context-based security are described at a much higher level than Identify management components where the actual technologies and solutions are already mentioned. This is the case on the monitoring framework only for the OVAL part which is well identified. Thats all for this document. Again sorry for the 24 hours delay of delivery. I cannot attend the any audio-conference since I am traveling through Germany today. Best Regards /Olivier Festor INRIA On Jul 8, 2011, at 10:24 AM, BISSON Pascal wrote: > Dear All, > > As per audio conf of today here is the link of the Security chapter with comments we got and need to address. Please have a look and provide with your input (if any) to answer this comments (at least the ones relevant to you and input). > > > https://forge.fi-ware.eu/docman/view.php/7/190/FI-WARE+High-Level+Description+-+Security+chapter+-+v1.0.doc > > > This as soon as possible (preferably by Monday before 10am) > > Regards, > > Pascal > _______________________________________________ > Fiware-security mailing list > Fiware-security at lists.fi-ware.eu > http://lists.fi-ware.eu/listinfo/fiware-security -------------- next part -------------- An HTML attachment was scrubbed... URL: From Olivier.Festor at inria.fr Tue Jul 12 16:47:00 2011 From: Olivier.Festor at inria.fr (Olivier Festor) Date: Tue, 12 Jul 2011 16:47:00 +0200 Subject: [Fiware-security] FI-WARE - Audio conf of today In-Reply-To: <29108_1310113497_4E16BED9_29108_12967_1_CBBCD6C304123F4AB23FAAE3055C8C0E02014B463603@THSONEA01CMS04P.one.grp> References: <29108_1310113497_4E16BED9_29108_12967_1_CBBCD6C304123F4AB23FAAE3055C8C0E02014B463603@THSONEA01CMS04P.one.grp> Message-ID: Dear Pascal please find below my comments on the Security chapter. I had to take a day off yesterday, and being traveling today, thus the delay. For the current version of the security part, the comments are minor. However, the varying level of maturity and details of the different enablers envisioned in the Security WP may become a concern in the next iteration. As an example, the Identity management part is already well advanced while the security monitoring GE is functionnaly more rich but also much more abstract at this stage and may be very difficult to link to actual applications (I'll come to this point later on in the detailed document analysis). Section 3.1 : Overview - Overall OK section. Although the threat in the 5th paragraph is centered on "Cyber Terrorism" and "Weapons of mass disruption". While these threats re highly relevant, I believe that as a Service platform, fiware should on the security part equally cover and mention more common threats, like toll-fraud, impersonation, service highjacking, ... The chapter identifies 4 Core modules : Monitoring Mechanisms, Identity and Privacy, Context-based Security and compliance, and discoverable optional generic enablers, while in the chapter, (section 3.2), 6 Core elements are presented. To unite the descriptions, either group (3.2.2, 3.2.3 and 3.2.4) or split in the Overview, Identity and Privacy. Section 3.2 : Security Monitoring - The functional blocks of the overall architecture are sound and generic. According to the description, the monitoring Generic enablers includes also the counter measures and decision making (Figure 3). However, no interface to actually push the configurations to the devices to activate the counter-measures is provided on the schema. The next step for this Generic enabler is propably to instanciate the interfaces among the different blocks. In this context, what is foreseen (if any) as a configuration interfaces ? I doubt that, Fiware can enforce a single one covering the whole scope from sensors/actuators to map-reduce cloud services. -Normalization of Heterogeneous Events and Correlation The document advocates the foreseen benefit of "Tag-based AI algorithms for event correlation". In this section, at least a couple of biblographic reference to these "Tag-based AI algorithms" should be provided, especially to references assessing this superiority. Section 3.3 : Identity Management - Overall OK. However, reading this section raised the question in my mind on whether Fi-ware has a generic enabler addressing accounting ? Section 3.3 : Context Several typos in the text + Figure 8 has a typo (Framework) Regarding Optional Generic Enabler, I was surprised not to see our proposal on smartphone-based flow-monitoring there. Is it part of the whole fulll Generic Enabler ? In general, Monitoring and Context-based security are described at a much higher level than Identify management components where the actual technologies and solutions are already mentioned. This is the case on the monitoring framework only for the OVAL part which is well identified. Thats all for this document. Again sorry for the 24 hours delay of delivery. I cannot attend the any audio-conference since I am traveling through Germany today. Best Regards /Olivier Festor INRIA On Jul 8, 2011, at 10:24 AM, BISSON Pascal wrote: > Dear All, > > As per audio conf of today here is the link of the Security chapter with comments we got and need to address. Please have a look and provide with your input (if any) to answer this comments (at least the ones relevant to you and input). > > > https://forge.fi-ware.eu/docman/view.php/7/190/FI-WARE+High-Level+Description+-+Security+chapter+-+v1.0.doc > > > This as soon as possible (preferably by Monday before 10am) > > Regards, > > Pascal > _______________________________________________ > Fiware-security mailing list > Fiware-security at lists.fi-ware.eu > http://lists.fi-ware.eu/listinfo/fiware-security -------------- next part -------------- An HTML attachment was scrubbed... URL: From slim.trabelsi at sap.com Wed Jul 13 08:40:45 2011 From: slim.trabelsi at sap.com (TRABELSI, Slim) Date: Wed, 13 Jul 2011 08:40:45 +0200 Subject: [Fiware-security] TR: Fi-ware security GE - Review In-Reply-To: <0385F69C47D8694EA885D34BE18BCCC402FFEDD0@INTMAIL02.es.int.atosorigin.com> References: <8168_1310136924_4E171A5C_8168_14436_1_489956e8-c2fa-46f1-aad2-688a97ceb90f@THSONEA01HUB03P.one.grp> <0385F69C47D8694EA885D34BE18BCCC402FFEDD0@INTMAIL02.es.int.atosorigin.com> Message-ID: Dear all, Here is the question mark text that I propose to answer to the comment of WP3 related to USDL-SEC. The current version of the USDL-SEC specification is a very early draft designed before the beginning of the Fi-Ware project. It does not reflect yet the security capabilities proposed in the generic security enablers exposed in WP8. The main task of the WP8 in the next months is to list these security capabilities and map them to a new version of the USDL-SEC specification in order to be able to publish correctly all the security services and make them available for any service deployed in the Fi-Ware plateform. I hope that this explanation is sufficient to address this comment. Thank you Regards Slim From: fiware-security-bounces at lists.fi-ware.eu [mailto:fiware-security-bounces at lists.fi-ware.eu] On Behalf Of Antonio Garcia Vazquez Sent: mardi 12 juillet 2011 10:03 To: fiware-security at lists.fi-ware.eu Subject: Re: [Fiware-security] TR: Fi-ware security GE - Review Dear All, My comments about Context-based security and compliance : 1) Not clear if this is related to WP3: There is no relation with WP3, but the extension of the USDL protocol which is also used by WP3. I think this point is clear enough in our text. Perhaps we could change this paragraph: ?Extend standard USDL 3.0 by implementing a new module security oriented where security specifications may be referred to existing standards like WS-SecurityPolicy and even management to Common Base Event? Into this one: ?? Define a USDL-Sec protocol as a new module security oriented extension of standard USDL 3.0 where security specifications may be referred to existing standards like WS-SecurityPolicy and even management to Common Base Event? To be more specific. 2) Is it filter of security enablers (which one?) to fit with "very specific regulatory constraints" and monitoring of system performance? I think we are clear enough in next paragraph: ?The GE will accept security request from a client application and will select the best Optional Security Enabler to fulfil it.? 3) If this is an USDL extension, what is the influence on applications which are described in USDL and consumed via the marketplace? The relationship between USDL-SEC and USDL will be the same as the already implemented relationship between existing USDL modules (see http://www.internet-of-services.com/index.php?id=570&L=0) On the other hand I?m agree with Stein. As USDL-SEC will be an extension of USDL ; the optional security GE market could be defined as an extension of the serviced market they are defining in WP3. So some kind of interaction in this field could be needed I also send a Word version with the modifications implemented Best Regards ************************************ * Antonio Garc?a V?zquez * * (+34) 91 214 9384 * * antonio.garcia at atosresearch.eu * ************************************ From: fiware-security-bounces at lists.fi-ware.eu [mailto:fiware-security-bounces at lists.fi-ware.eu] On Behalf Of BISSON Pascal Sent: viernes, 08 de julio de 2011 16:55 To: Fiware-Security (fiware-security at lists.fi-ware.eu) Subject: [Fiware-security] TR: Fi-ware security GE - Review Dear All, Here are the comments we got from the peer-review of our Security chapter which was performed by WP3 (Horst Stein/DT) In view of the comments I would ask each of the Task leaders and/or GE enablers to which they are targeted to provide me with their answer in order to interact with them and elaborate shared and agreed answer we can give (this including some redrafting which might be needed to clarify things and so improve overall quality of our Chapter) Useless to say any of you is more than welcome to contribute/participate to the answers to be given here. So hearing from the task leads and you all to improve our Security chapter in view of the comments raised by WP3 reviewer. Best Regards, Pascal De : fiware-apps-bounces at lists.fi-ware.eu [mailto:fiware-apps-bounces at lists.fi-ware.eu] De la part de Horst.Stein at telekom.de Envoy? : vendredi 8 juillet 2011 15:14 ? : fiware-apps at lists.fi-ware.eu Objet : [Fiware-apps] Fi-ware security GE - Review Hi Andreas and all, Here are some comments on the Security chapter with respect to WP3 issues: Security Monitoring Enabler It is not clear which interfaces to services and composition environments are needed for the monitoring process. Infos provided on pg 7 are very general: Firewalls, Intrusion Detection Systems, Security and Event Managers, ? wireless events agents ? Especially business risk impact evaluation sounds interesting, but it is not part of the figure 3 and not clear how a relationship with a real business application produced e.g. by our composition tools could be realised. At this level of description it's unclear how e.g. a sql intrusion attack on application level is monitored or the business risk is evaluated. Identity Management Are there also some group functionalities or are there only single identities for users and things? PPL Engine Is there an own grafical user interface for the end user to control his attributes? What are the interfaces to applications or services? Context-based security and compliance Not clear if this is related to WP3: Is it filter of security enablers (which one?) to fit with "very specific regulatory constraints" and monitoring of system performance? If this is an USDL extension, what is the influence on applications which are described in USDL and consumed via the marketplace? Optional security service enabler Not understood, is it an extension of USDL with security features (see above)? "The goal is to make easily extendible the security service description for customized services. This functionality will encourage all developers to define and describe their won services through the USDL standard by adding new functionalities .." pg18 Are there any relations to applications and composition tools, what are the effects on applications or user security? Best regards and nice weekend Horst ________________________________________________ Deutsche Telekom AG Laboratories Dr. Horst Stein Winterfeldtstrasse 21, D-10781 Berlin +49 30 835358637 (Tel) +49 391 53477987 +49 1605326264 (Mobil) http://www.laboratories.telekom.com E-Mail: horst.stein at telekom.de Erleben, was verbindet. Deutsche Telekom AG Aufsichtsrat: Prof. Dr. Ulrich Lehner (Vorsitzender) Vorstand: Ren? Obermann (Vorsitzender), Hamid Akhavan, Dr. Manfred Balz, Reinhard Clemens, Niek Jan van Damme, Timotheus H?ttges, Guido Kerkhoff, Thomas Sattelberger Handelsregister: Amtsgericht Bonn HRB 6794 Sitz der Gesellschaft: Bonn WEEE-Reg.-Nr. DE50478376 ------------------------------------------------------------------ This e-mail and the documents attached are confidential and intended solely for the addressee; it may also be privileged. If you receive this e-mail in error, please notify the sender immediately and destroy it. As its integrity cannot be secured on the Internet, the Atos group liability cannot be triggered for the message content. Although the sender endeavours to maintain a computer virus-free network, the sender does not warrant that this transmission is virus-free and will not be liable for any damages resulting from any virus transmitted. Este mensaje y los ficheros adjuntos pueden contener informacion confidencial destinada solamente a la(s) persona(s) mencionadas anteriormente pueden estar protegidos por secreto profesional. Si usted recibe este correo electronico por error, gracias por informar inmediatamente al remitente y destruir el mensaje. Al no estar asegurada la integridad de este mensaje sobre la red, Atos no se hace responsable por su contenido. Su contenido no constituye ningun compromiso para el grupo Atos, salvo ratificacion escrita por ambas partes. Aunque se esfuerza al maximo por mantener su red libre de virus, el emisor no puede garantizar nada al respecto y no sera responsable de cualesquiera danos que puedan resultar de una transmision de virus. ------------------------------------------------------------------ -------------- next part -------------- An HTML attachment was scrubbed... URL: From antonio.garcia at atosresearch.eu Wed Jul 13 10:16:14 2011 From: antonio.garcia at atosresearch.eu (Antonio Garcia Vazquez) Date: Wed, 13 Jul 2011 10:16:14 +0200 Subject: [Fiware-security] TR: Fi-ware security GE - Review In-Reply-To: References: <8168_1310136924_4E171A5C_8168_14436_1_489956e8-c2fa-46f1-aad2-688a97ceb90f@THSONEA01HUB03P.one.grp> <0385F69C47D8694EA885D34BE18BCCC402FFEDD0@INTMAIL02.es.int.atosorigin.com> Message-ID: <0385F69C47D8694EA885D34BE18BCCC402FFF11C@INTMAIL02.es.int.atosorigin.com> Dear All, I?ve added some words to your revision in order to clearly stage that we are USDL compliance, but we are going to improve the capabilities of the USDL-SEC module to describe security features not yet reflected. ?Although all security generic enablers are fully USDL 3.0 compliance in order to be integrated in FI-WARE generic service market place; the current version of its security module, USDL-SEC specification, is a very early draft which was designed before the beginning of the FI-WARE project. This version does not yet reflect the security capabilities proposed by the security generic enablers already exposed. The main task of FI-WARE security team in the next months is to list these security capabilities and map them to a new version of the USDL-SEC specification in order to be able to publish correctly all the security services and make them available for any service deployed in the FI-WARE platform.? Best Regards PD: I?ve also remove references to WP8 that should not be place in D2.1 document ************************************ * Antonio Garc?a V?zquez * * (+34) 91 214 9384 * * antonio.garcia at atosresearch.eu * ************************************ From: TRABELSI, Slim [mailto:slim.trabelsi at sap.com] Sent: mi?rcoles, 13 de julio de 2011 8:41 To: Antonio Garcia Vazquez; fiware-security at lists.fi-ware.eu Subject: RE: [Fiware-security] TR: Fi-ware security GE - Review Dear all, Here is the question mark text that I propose to answer to the comment of WP3 related to USDL-SEC. The current version of the USDL-SEC specification is a very early draft designed before the beginning of the Fi-Ware project. It does not reflect yet the security capabilities proposed in the generic security enablers exposed in WP8. The main task of the WP8 in the next months is to list these security capabilities and map them to a new version of the USDL-SEC specification in order to be able to publish correctly all the security services and make them available for any service deployed in the Fi-Ware plateform. I hope that this explanation is sufficient to address this comment. Thank you Regards Slim From: fiware-security-bounces at lists.fi-ware.eu [mailto:fiware-security-bounces at lists.fi-ware.eu] On Behalf Of Antonio Garcia Vazquez Sent: mardi 12 juillet 2011 10:03 To: fiware-security at lists.fi-ware.eu Subject: Re: [Fiware-security] TR: Fi-ware security GE - Review Dear All, My comments about Context-based security and compliance : 1) Not clear if this is related to WP3: There is no relation with WP3, but the extension of the USDL protocol which is also used by WP3. I think this point is clear enough in our text. Perhaps we could change this paragraph: ?Extend standard USDL 3.0 by implementing a new module security oriented where security specifications may be referred to existing standards like WS-SecurityPolicy and even management to Common Base Event? Into this one: ?? Define a USDL-Sec protocol as a new module security oriented extension of standard USDL 3.0 where security specifications may be referred to existing standards like WS-SecurityPolicy and even management to Common Base Event? To be more specific. 2) Is it filter of security enablers (which one?) to fit with "very specific regulatory constraints" and monitoring of system performance? I think we are clear enough in next paragraph: ?The GE will accept security request from a client application and will select the best Optional Security Enabler to fulfil it.? 3) If this is an USDL extension, what is the influence on applications which are described in USDL and consumed via the marketplace? The relationship between USDL-SEC and USDL will be the same as the already implemented relationship between existing USDL modules (see http://www.internet-of-services.com/index.php?id=570&L=0) On the other hand I?m agree with Stein. As USDL-SEC will be an extension of USDL ; the optional security GE market could be defined as an extension of the serviced market they are defining in WP3. So some kind of interaction in this field could be needed I also send a Word version with the modifications implemented Best Regards ************************************ * Antonio Garc?a V?zquez * * (+34) 91 214 9384 * * antonio.garcia at atosresearch.eu * ************************************ From: fiware-security-bounces at lists.fi-ware.eu [mailto:fiware-security-bounces at lists.fi-ware.eu] On Behalf Of BISSON Pascal Sent: viernes, 08 de julio de 2011 16:55 To: Fiware-Security (fiware-security at lists.fi-ware.eu) Subject: [Fiware-security] TR: Fi-ware security GE - Review Dear All, Here are the comments we got from the peer-review of our Security chapter which was performed by WP3 (Horst Stein/DT) In view of the comments I would ask each of the Task leaders and/or GE enablers to which they are targeted to provide me with their answer in order to interact with them and elaborate shared and agreed answer we can give (this including some redrafting which might be needed to clarify things and so improve overall quality of our Chapter) Useless to say any of you is more than welcome to contribute/participate to the answers to be given here. So hearing from the task leads and you all to improve our Security chapter in view of the comments raised by WP3 reviewer. Best Regards, Pascal De : fiware-apps-bounces at lists.fi-ware.eu [mailto:fiware-apps-bounces at lists.fi-ware.eu] De la part de Horst.Stein at telekom.de Envoy? : vendredi 8 juillet 2011 15:14 ? : fiware-apps at lists.fi-ware.eu Objet : [Fiware-apps] Fi-ware security GE - Review Hi Andreas and all, Here are some comments on the Security chapter with respect to WP3 issues: Security Monitoring Enabler It is not clear which interfaces to services and composition environments are needed for the monitoring process. Infos provided on pg 7 are very general: Firewalls, Intrusion Detection Systems, Security and Event Managers, ? wireless events agents ? Especially business risk impact evaluation sounds interesting, but it is not part of the figure 3 and not clear how a relationship with a real business application produced e.g. by our composition tools could be realised. At this level of description it's unclear how e.g. a sql intrusion attack on application level is monitored or the business risk is evaluated. Identity Management Are there also some group functionalities or are there only single identities for users and things? PPL Engine Is there an own grafical user interface for the end user to control his attributes? What are the interfaces to applications or services? Context-based security and compliance Not clear if this is related to WP3: Is it filter of security enablers (which one?) to fit with "very specific regulatory constraints" and monitoring of system performance? If this is an USDL extension, what is the influence on applications which are described in USDL and consumed via the marketplace? Optional security service enabler Not understood, is it an extension of USDL with security features (see above)? "The goal is to make easily extendible the security service description for customized services. This functionality will encourage all developers to define and describe their won services through the USDL standard by adding new functionalities .." pg18 Are there any relations to applications and composition tools, what are the effects on applications or user security? Best regards and nice weekend Horst ________________________________________________ Deutsche Telekom AG Laboratories Dr. Horst Stein Winterfeldtstrasse 21, D-10781 Berlin +49 30 835358637 (Tel) +49 391 53477987 +49 1605326264 (Mobil) http://www.laboratories.telekom.com E-Mail: horst.stein at telekom.de Erleben, was verbindet. Deutsche Telekom AG Aufsichtsrat: Prof. Dr. Ulrich Lehner (Vorsitzender) Vorstand: Ren? Obermann (Vorsitzender), Hamid Akhavan, Dr. Manfred Balz, Reinhard Clemens, Niek Jan van Damme, Timotheus H?ttges, Guido Kerkhoff, Thomas Sattelberger Handelsregister: Amtsgericht Bonn HRB 6794 Sitz der Gesellschaft: Bonn WEEE-Reg.-Nr. DE50478376 ------------------------------------------------------------------ This e-mail and the documents attached are confidential and intended solely for the addressee; it may also be privileged. If you receive this e-mail in error, please notify the sender immediately and destroy it. As its integrity cannot be secured on the Internet, the Atos group liability cannot be triggered for the message content. Although the sender endeavours to maintain a computer virus-free network, the sender does not warrant that this transmission is virus-free and will not be liable for any damages resulting from any virus transmitted. Este mensaje y los ficheros adjuntos pueden contener informacion confidencial destinada solamente a la(s) persona(s) mencionadas anteriormente pueden estar protegidos por secreto profesional. Si usted recibe este correo electronico por error, gracias por informar inmediatamente al remitente y destruir el mensaje. Al no estar asegurada la integridad de este mensaje sobre la red, Atos no se hace responsable por su contenido. Su contenido no constituye ningun compromiso para el grupo Atos, salvo ratificacion escrita por ambas partes. Aunque se esfuerza al maximo por mantener su red libre de virus, el emisor no puede garantizar nada al respecto y no sera responsable de cualesquiera danos que puedan resultar de una transmision de virus. ------------------------------------------------------------------ -------------- next part -------------- An HTML attachment was scrubbed... URL: From daniel.gidoin at thalesgroup.com Wed Jul 13 11:07:32 2011 From: daniel.gidoin at thalesgroup.com (GIDOIN Daniel) Date: Wed, 13 Jul 2011 11:07:32 +0200 Subject: [Fiware-security] TR: Fi-ware security GE - Review In-Reply-To: References: <8168_1310136924_4E171A5C_8168_14436_1_489956e8-c2fa-46f1-aad2-688a97ceb90f@THSONEA01HUB03P.one.grp> <0385F69C47D8694EA885D34BE18BCCC402FFEDD0@INTMAIL02.es.int.atosorigin.com> Message-ID: <4674_1310548055_4E1D6057_4674_17076_1_8F1D40232A0E68409E3FC23A30C326620162DA3374F3@THSONEA01CMS04P.one.grp> Thank Slim I taken into account your question mark Daniel De : fiware-security-bounces at lists.fi-ware.eu [mailto:fiware-security-bounces at lists.fi-ware.eu] De la part de TRABELSI, Slim Envoy? : mercredi 13 juillet 2011 08:41 ? : Antonio Garcia Vazquez; fiware-security at lists.fi-ware.eu Objet : Re: [Fiware-security] TR: Fi-ware security GE - Review Dear all, Here is the question mark text that I propose to answer to the comment of WP3 related to USDL-SEC. The current version of the USDL-SEC specification is a very early draft designed before the beginning of the Fi-Ware project. It does not reflect yet the security capabilities proposed in the generic security enablers exposed in WP8. The main task of the WP8 in the next months is to list these security capabilities and map them to a new version of the USDL-SEC specification in order to be able to publish correctly all the security services and make them available for any service deployed in the Fi-Ware plateform. I hope that this explanation is sufficient to address this comment. Thank you Regards Slim From: fiware-security-bounces at lists.fi-ware.eu [mailto:fiware-security-bounces at lists.fi-ware.eu] On Behalf Of Antonio Garcia Vazquez Sent: mardi 12 juillet 2011 10:03 To: fiware-security at lists.fi-ware.eu Subject: Re: [Fiware-security] TR: Fi-ware security GE - Review Dear All, My comments about Context-based security and compliance : 1) Not clear if this is related to WP3: There is no relation with WP3, but the extension of the USDL protocol which is also used by WP3. I think this point is clear enough in our text. Perhaps we could change this paragraph: ?Extend standard USDL 3.0 by implementing a new module security oriented where security specifications may be referred to existing standards like WS-SecurityPolicy and even management to Common Base Event? Into this one: ?? Define a USDL-Sec protocol as a new module security oriented extension of standard USDL 3.0 where security specifications may be referred to existing standards like WS-SecurityPolicy and even management to Common Base Event? To be more specific. 2) Is it filter of security enablers (which one?) to fit with "very specific regulatory constraints" and monitoring of system performance? I think we are clear enough in next paragraph: ?The GE will accept security request from a client application and will select the best Optional Security Enabler to fulfil it.? 3) If this is an USDL extension, what is the influence on applications which are described in USDL and consumed via the marketplace? The relationship between USDL-SEC and USDL will be the same as the already implemented relationship between existing USDL modules (see http://www.internet-of-services.com/index.php?id=570&L=0) On the other hand I?m agree with Stein. As USDL-SEC will be an extension of USDL ; the optional security GE market could be defined as an extension of the serviced market they are defining in WP3. So some kind of interaction in this field could be needed I also send a Word version with the modifications implemented Best Regards ************************************ * Antonio Garc?a V?zquez * * (+34) 91 214 9384 * * antonio.garcia at atosresearch.eu * ************************************ From: fiware-security-bounces at lists.fi-ware.eu [mailto:fiware-security-bounces at lists.fi-ware.eu] On Behalf Of BISSON Pascal Sent: viernes, 08 de julio de 2011 16:55 To: Fiware-Security (fiware-security at lists.fi-ware.eu) Subject: [Fiware-security] TR: Fi-ware security GE - Review Dear All, Here are the comments we got from the peer-review of our Security chapter which was performed by WP3 (Horst Stein/DT) In view of the comments I would ask each of the Task leaders and/or GE enablers to which they are targeted to provide me with their answer in order to interact with them and elaborate shared and agreed answer we can give (this including some redrafting which might be needed to clarify things and so improve overall quality of our Chapter) Useless to say any of you is more than welcome to contribute/participate to the answers to be given here. So hearing from the task leads and you all to improve our Security chapter in view of the comments raised by WP3 reviewer. Best Regards, Pascal De : fiware-apps-bounces at lists.fi-ware.eu [mailto:fiware-apps-bounces at lists.fi-ware.eu] De la part de Horst.Stein at telekom.de Envoy? : vendredi 8 juillet 2011 15:14 ? : fiware-apps at lists.fi-ware.eu Objet : [Fiware-apps] Fi-ware security GE - Review Hi Andreas and all, Here are some comments on the Security chapter with respect to WP3 issues: Security Monitoring Enabler It is not clear which interfaces to services and composition environments are needed for the monitoring process. Infos provided on pg 7 are very general: Firewalls, Intrusion Detection Systems, Security and Event Managers, ? wireless events agents ? Especially business risk impact evaluation sounds interesting, but it is not part of the figure 3 and not clear how a relationship with a real business application produced e.g. by our composition tools could be realised. At this level of description it's unclear how e.g. a sql intrusion attack on application level is monitored or the business risk is evaluated. Identity Management Are there also some group functionalities or are there only single identities for users and things? PPL Engine Is there an own grafical user interface for the end user to control his attributes? What are the interfaces to applications or services? Context-based security and compliance Not clear if this is related to WP3: Is it filter of security enablers (which one?) to fit with "very specific regulatory constraints" and monitoring of system performance? If this is an USDL extension, what is the influence on applications which are described in USDL and consumed via the marketplace? Optional security service enabler Not understood, is it an extension of USDL with security features (see above)? "The goal is to make easily extendible the security service description for customized services. This functionality will encourage all developers to define and describe their won services through the USDL standard by adding new functionalities .." pg18 Are there any relations to applications and composition tools, what are the effects on applications or user security? Best regards and nice weekend Horst ________________________________________________ Deutsche Telekom AG Laboratories Dr. Horst Stein Winterfeldtstrasse 21, D-10781 Berlin +49 30 835358637 (Tel) +49 391 53477987 +49 1605326264 (Mobil) http://www.laboratories.telekom.com E-Mail: horst.stein at telekom.de Erleben, was verbindet. Deutsche Telekom AG Aufsichtsrat: Prof. Dr. Ulrich Lehner (Vorsitzender) Vorstand: Ren? Obermann (Vorsitzender), Hamid Akhavan, Dr. Manfred Balz, Reinhard Clemens, Niek Jan van Damme, Timotheus H?ttges, Guido Kerkhoff, Thomas Sattelberger Handelsregister: Amtsgericht Bonn HRB 6794 Sitz der Gesellschaft: Bonn WEEE-Reg.-Nr. DE50478376 ------------------------------------------------------------------ This e-mail and the documents attached are confidential and intended solely for the addressee; it may also be privileged. If you receive this e-mail in error, please notify the sender immediately and destroy it. As its integrity cannot be secured on the Internet, the Atos group liability cannot be triggered for the message content. Although the sender endeavours to maintain a computer virus-free network, the sender does not warrant that this transmission is virus-free and will not be liable for any damages resulting from any virus transmitted. Este mensaje y los ficheros adjuntos pueden contener informacion confidencial destinada solamente a la(s) persona(s) mencionadas anteriormente pueden estar protegidos por secreto profesional. Si usted recibe este correo electronico por error, gracias por informar inmediatamente al remitente y destruir el mensaje. Al no estar asegurada la integridad de este mensaje sobre la red, Atos no se hace responsable por su contenido. Su contenido no constituye ningun compromiso para el grupo Atos, salvo ratificacion escrita por ambas partes. Aunque se esfuerza al maximo por mantener su red libre de virus, el emisor no puede garantizar nada al respecto y no sera responsable de cualesquiera danos que puedan resultar de una transmision de virus. ------------------------------------------------------------------ -------------- next part -------------- An HTML attachment was scrubbed... URL: From daniel.gidoin at thalesgroup.com Wed Jul 13 15:07:28 2011 From: daniel.gidoin at thalesgroup.com (Daniel GIDOIN) Date: Wed, 13 Jul 2011 15:07:28 +0200 (CEST) Subject: [Fiware-security] [ ] Fichier disponible : Fiware-data: Additional corrections and addition to security chapter Message-ID: <6423_1310562449_4E1D9890_6423_3553_1_28296899.1310562448771.JavaMail.exchanger@thsxchapp23p> Bonjour, Daniel GIDOIN de la soci?t? THALES SERVICES S.A.S a d?pos? le fichier suivant ? votre attention sur la plate-forme d'?change Crypt and Share: https://exchanger.online.thalesgroup.com/modules/exchanger/cns/ticket/ExpressFileInfoPO.po?token=%7C2vZcbO7KvQ%3D&xslang=fr_FR Nom du fichier : LF_FI-WARE High-Level Description integrated draft 0.1-Tha 11-07-06.doc Titre : Fiware-data: Additional corrections and addition to security chapter Taille : 10,5 Mo Disponibilit? : jusqu'au 28 juillet 2011 Commentaire : Dear Juanjo, Find attached to this mail a link to your document (LF_FI-WARE+High Level+Description+integrated+draft+0.1+11-07-06.doc) with some corrections and additions to Security Chapter. Best regards Daniel La plate-forme d'?change Crypt and Share, pour Thales Group. -------------------------------------------- Hello, Daniel GIDOIN from company THALES SERVICES S.A.S has left the following file on the Crypt and Share platform: https://exchanger.online.thalesgroup.com/modules/exchanger/cns/ticket/ExpressFileInfoPO.po?token=%7C2vZcbO7KvQ%3D&xslang=en_US File name : LF_FI-WARE High-Level Description integrated draft 0.1-Tha 11-07-06.doc Title : Fiware-data: Additional corrections and addition to security chapter Size : 10.5 MB Available until : 28 juillet 2011 Note : Dear Juanjo, Find attached to this mail a link to your document (LF_FI-WARE+High Level+Description+integrated+draft+0.1+11-07-06.doc) with some corrections and additions to Security Chapter. Best regards Daniel The Crypt and Share server, on behalf of Thales Group. From andreas.friesen at sap.com Mon Jul 11 15:47:06 2011 From: andreas.friesen at sap.com (Friesen, Andreas) Date: Mon, 11 Jul 2011 15:47:06 +0200 Subject: [Fiware-security] Review of the security chapter by Apps/Services Ecosystem and delivery In-Reply-To: <7851_1310387361_4E1AECA1_7851_1180_1_e5e4221f-7375-4ff6-a084-3100c4d5f139@THSONEA01HUB04P.one.grp> References: <92E1E76787317A4E876E7A444ABC390213F009C5A6@DEWDFECCR08.wdf.sap.corp> <7851_1310387361_4E1AECA1_7851_1180_1_e5e4221f-7375-4ff6-a084-3100c4d5f139@THSONEA01HUB04P.one.grp> Message-ID: <92E1E76787317A4E876E7A444ABC390213F009C895@DEWDFECCR08.wdf.sap.corp> Dear Pascal, please don't get me wrong what concerns security monitoring. I don't say it is unnecessary, dispensable or useless. I only said that it is not FI-WARE related (in the sense that there are no explicitly mentioned specific integration/interaction points with other FI-WARE components) because from what I could read in the chapter it seems to rely on inputs from Intrusion Detection Systems, Firewalls, etc. At least in my understanding, security monitoring, as it is described in the security chapter, can be used to monitor any kind of system/network node protected by Intrusion Detection Systems, Firewalls or other security-relevant systems belonging to a deployment context of a software system to be protected. Hence, my assumption is that it can be developed by security WP without further interaction with other FI-WARE WPs because it monitors the deployment context of a system and not the system itself. Is this assumption correct? Best regards, Andreas From: BISSON Pascal [mailto:pascal.bisson at thalesgroup.com] Sent: Montag, 11. Juli 2011 14:29 To: Friesen, Andreas Cc: GIDOIN Daniel; Juanjo Hierro; TRABELSI, Slim; Leidig, Torsten; Fiware-security at lists.fi-ware.eu; LELEU Philippe; SIEUX Corinne Subject: RE: Review of the security chapter by Apps/Services Ecosystem and delivery Dear Andreas, Thanks to have organized at WP3 level, review of our Security Chapter to D2.2b. I already received the WP3 comments from DT. As for the ones coming from SAP and UDE I will have a look at them with the rest of the Security team and answer them to you. As for what you says regarding Security monitoring components that in your view don't directly relate to FI-WARE let me fully object here just because it would benefit to each of the other ATs( including yours although not limited to it) and is also highly desired for what concerns usage areas we know and are targeting (Smart City, Smart Grid, Smart Transport, ...). This without saying it is part of the approved DoW so this is directly related to FI-WARE and the major innovations which may result of the FI-WARE Project. Best regards, Pascal De : Friesen, Andreas [mailto:andreas.friesen at sap.com] Envoy? : lundi 11 juillet 2011 13:04 ? : BISSON Pascal Cc : GIDOIN Daniel; Juanjo Hierro; TRABELSI, Slim; Leidig, Torsten Objet : Review of the security chapter by Apps/Services Ecosystem and delivery Dear Pascal, I asked all WP3 partners feeling qualified to build an opinion about security to review the security chapter and received some feedback in the meantime. I will forward to you any additional reviews until today EOB should I receive them during the day. Please find attached the reviewed security chapter from SAP and UDE. We did not change the text just added comments. In general, the comments are mainly focused on getting a common understanding what will security chapter offer to other FI-WARE chapters in the end. As you will see from the comments (except for the enablers corresponding to "2 Generic Security Enablers" in Fig.2 dealing with authentication, authorization, identity management, privacy, etc.) it is very difficult to assess (at least from the perspective of apps/services ecosystems so maybe an additional review from a different WP could be useful for you) at the moment how the rest of the security WP contributes to/can be used by other chapters in FI-WARE. Many of the described components are either too low level (e.g., database risk evaluation and anonymization service) or not directly related to FI-WARE (e.g., the security monitoring components). Here are also some comments on the Security chapter with respect to WP3 issues provided by DT: Security Monitoring Enabler It is not clear which interfaces to services and composition environments are needed for the monitoring process. Infos provided on pg 7 are very general: Firewalls, Intrusion Detection Systems, Security and Event Managers, ... wireless events agents ... Especially business risk impact evaluation sounds interesting, but it is not part of the figure 3 and not clear how a relationship with a real business application produced e.g. by our composition tools could be realised. At this level of description it's unclear how e.g. a sql intrusion attack on application level is monitored or the business risk is evaluated. Identity Management Are there also some group functionalities or are there only single identities for users and things? PPL Engine Is there an own grafical user interface for the end user to control his attributes? What are the interfaces to applications or services? Context-based security and compliance Not clear if this is related to WP3: Is it filter of security enablers (which one?) to fit with "very specific regulatory constraints" and monitoring of system performance? If this is an USDL extension, what is the influence on applications which are described in USDL and consumed via the marketplace? Optional security service enabler Not understood, is it an extension of USDL with security features (see above)? "The goal is to make easily extendible the security service description for customized services. This functionality will encourage all developers to define and describe their won services through the USDL standard by adding new functionalities .." pg18 Are there any relations to applications and composition tools, what are the effects on applications or user security? Best regards, Andreas From: fiware-wpl-bounces at lists.fi-ware.eu [mailto:fiware-wpl-bounces at lists.fi-ware.eu] On Behalf Of Juanjo Hierro Sent: Mittwoch, 6. Juli 2011 12:27 To: fiware-wpl at lists.fi-ware.eu; fiware-wpa at lists.fi-ware.eu Subject: [Fiware-wpl] Contents of chapters available and planning until official deliverable Dear colleagues, You will find the .doc files of each of your chapters in the usual placeholders. Now, the name associated to each of them adopts the following convention: "FI-WARE High-level Description - Chapter v." The integrated draft is available at: https://forge.fi-ware.eu/docman/view.php/7/235/FI-WARE+High-Level+Description+integrated+draft+0.1+11-07-06.doc But we should keep working with separated files per chapter. I first action I would kindly ask all of you to perform is to check that all your stuff is there and I didn't miss anything during the integration :-) If you find something missing, please let me know. Now, we should NOT relax and keep going to get the official release of the deliverable on time. This was announced for mid July ... what mid July means is up to us, but I would suggest making it available on July 19th. What I would suggest now is that we carry out a peer review of each chapter, involving members of a given WP in reviewing the contents of those chapter with whom more inter dependencies may exist. In parallel, each group should try to finish what couldn't make for this first draft. I know that the analysis of Security aspects, just to mention an example, is not closed for all the chapters. I will try to send a summary of what I see pending per chapter later today. In respect to peer reviews, here you have my suggestions for a first round. We would try to make another round before the deadline: Chapter Chief editors Contacts Suggested peer reviewer (team) Cloud Hosting IBM GLIKSON at il.ibm.com Interfaces to Networks & Devices Data/Context Management TID jhierro at tid.es IoT Services Enablement Apps/Services Ecosystem & Delivery SAP andreas.friesen at sap.com, torsten.leidig at sap.com Security IoT Services Enablement Orange & NSN Thierry.nagellen at orange-ftgroup.com, lorant.farkas at nsn.com Data/Context Management Interfaces to Networks & Devices TI &DT pierangelo.garino at telecomitalia.it, Hans.Einsiedler at telekom.de Cloud Hosting Security Thales pascal.bisson at thalesgroup.com, daniel.gidoin at thalesgroup.com Apps/Services Ecosystem & Delivery I would suggest that we define the following milestones linked to this first round unless I hear any objection: * July 11 EOB, reviewers to send their comments (I suggest word files with changes under control) * July 13 EOB, revision of comments by editors of each chapter and upload of new version by chief editors on FusionForge If you believe that there would be a better assignment for you, please also let me know and we'll try together to see if there is an alternative arrangement. Chief editors in the table above matches the WPLs and WPAs as you may already know. WPLs are entitled to contact the chief editor of the chapter his team has been assigned to review so that you can agree on how to proceed. We can keep the procedure of managing the editor token by playing with the states linked to documents in the docman system so that whenever one file is in "pending" state means somebody is editing it. Whenever one changes the state of a given document to "pending" it should announce it to the people involved. Anyway, you should always download the last version from FusionForge (or check that the version you have is downloadable) whenever you decide to start editing a document and change it to "pending". A good strategy in some cases is that you split the chapter in several files, so that you keep control of those pieces that you believe are unstable and leave the rest for review. If you have still pending points, this procedure won't be perfect so each editor should probably edit his version in parallel someone is reviewing it, then manage how to integrate the comments. But there is no much better ways to proceed unless you have a better idea. There are other things that we should start hard because we are behind the schedule. An important part has to do with starting to bring content to the website and blogs. It won't be that difficult now that we have quite a bit of content and nice stories to talk about :-) I'll send an email with a plan proposal on the matter either today or tomorrow. ONE FINAL WORD AND RATHER IMPORTANT: PLEASE respect the styles and procedures for editing describing at the front matter of the documents. Some of you have tried to respect them, and integration was rather easy. BUT I HAVE TO SAY THAT OTHERS HAVE NOT. And this creates a lot of burden. I can tell you that I have lost almost one hour with one of the chapters just fixing the formats while I have spent just 15 mins with the chapters from those who followed the rules. FOR THE NEXT ROUND, take it seriously, I will reject any file that contains prohibited styles or broken styles. I know that it's pretty easy just to copy&paste from another document you may have written before or apart of this project or a web page, but that action breaks everything and has unpredictable consequences in MS Word. It is also easier to create bullet lists or numbered lists using the buttons for doing so that MS Word offers to you at the upper tool bar, but that also has unpredictable consequences and means breaking an homogeneous style across the whole document (I will indeed try to find out how to prevent these buttons to appear :-) And that's all for this very long mail, I want to again thank you for all your efforts, good attitude and, overall, patience with my requests. Best regards, -- Juanjo ________________________________ Este mensaje se dirige exclusivamente a su destinatario. Puede consultar nuestra pol?tica de env?o y recepci?n de correo electr?nico en el enlace situado m?s abajo. This message is intended exclusively for its addressee. We only send and receive email on the basis of the terms set out at. http://www.tid.es/ES/PAGINAS/disclaimer.aspx -------------- next part -------------- An HTML attachment was scrubbed... URL: From andreas.friesen at sap.com Tue Jul 12 10:49:35 2011 From: andreas.friesen at sap.com (Friesen, Andreas) Date: Tue, 12 Jul 2011 10:49:35 +0200 Subject: [Fiware-security] Review of the security chapter by Apps/Services Ecosystem and delivery In-Reply-To: <16378_1310456817_4E1BFBF1_16378_17616_1_4ab0131e-8c91-42a1-a72d-659e84f62bfe@THSONEA01HUB03P.one.grp> References: <92E1E76787317A4E876E7A444ABC390213F009C5A6@DEWDFECCR08.wdf.sap.corp> <7851_1310387361_4E1AECA1_7851_1180_1_e5e4221f-7375-4ff6-a084-3100c4d5f139@THSONEA01HUB04P.one.grp> <92E1E76787317A4E876E7A444ABC390213F009C895@DEWDFECCR08.wdf.sap.corp> <16378_1310456817_4E1BFBF1_16378_17616_1_4ab0131e-8c91-42a1-a72d-659e84f62bfe@THSONEA01HUB03P.one.grp> Message-ID: <92E1E76787317A4E876E7A444ABC390213F021EC5D@DEWDFECCR08.wdf.sap.corp> Dear Daniel, many thanks for the clarification. Indeed, the security monitoring system you are striving to develop will be more powerful than conventional monitoring systems if it will be able to consume security-relevant information from FI-WARE specific event managers. For the M5 deliverable, we will have to develop a deeper understanding about the kinds of FI-WARE specific event managers you have in mind and the role of USDL-SEC (mentioned in Fig 3) in the context of security monitoring. Perhaps, it would be a good idea to add this as a question mark to the M2 deliverable. With respect to Apps/Services Ecosystem and delivery, I would like to propose to address this issue in one of our regular meetings with the security WP. Best regards, Andreas From: GIDOIN Daniel [mailto:daniel.gidoin at thalesgroup.com] Sent: Dienstag, 12. Juli 2011 09:47 To: Friesen, Andreas; BISSON Pascal Cc: Juanjo Hierro; TRABELSI, Slim; Leidig, Torsten; Fiware-security at lists.fi-ware.eu; LELEU Philippe; SIEUX Corinne Subject: RE: Review of the security chapter by Apps/Services Ecosystem and delivery Dear Andreas, We should have no fear regarding integration/interaction with other FI-WARE components. Indeed, the interactions are very strong. On the one hand, the security monitoring GE exploits the events generated by these components. It's a big difference with a conventional monitoring, only focused on events from the network and security components. On the other hand, generated countermeasures applies to these FI-WARE components, according to their criticality. Also, It raises alerts dedicated to these FI-WARE components. Best regards Daniel. De : Friesen, Andreas [mailto:andreas.friesen at sap.com] Envoy? : lundi 11 juillet 2011 15:47 ? : BISSON Pascal Cc : GIDOIN Daniel; Juanjo Hierro; TRABELSI, Slim; Leidig, Torsten; Fiware-security at lists.fi-ware.eu; LELEU Philippe; SIEUX Corinne Objet : RE: Review of the security chapter by Apps/Services Ecosystem and delivery Dear Pascal, please don't get me wrong what concerns security monitoring. I don't say it is unnecessary, dispensable or useless. I only said that it is not FI-WARE related (in the sense that there are no explicitly mentioned specific integration/interaction points with other FI-WARE components) because from what I could read in the chapter it seems to rely on inputs from Intrusion Detection Systems, Firewalls, etc. At least in my understanding, security monitoring, as it is described in the security chapter, can be used to monitor any kind of system/network node protected by Intrusion Detection Systems, Firewalls or other security-relevant systems belonging to a deployment context of a software system to be protected. Hence, my assumption is that it can be developed by security WP without further interaction with other FI-WARE WPs because it monitors the deployment context of a system and not the system itself. Is this assumption correct? Best regards, Andreas From: BISSON Pascal [mailto:pascal.bisson at thalesgroup.com] Sent: Montag, 11. Juli 2011 14:29 To: Friesen, Andreas Cc: GIDOIN Daniel; Juanjo Hierro; TRABELSI, Slim; Leidig, Torsten; Fiware-security at lists.fi-ware.eu; LELEU Philippe; SIEUX Corinne Subject: RE: Review of the security chapter by Apps/Services Ecosystem and delivery Dear Andreas, Thanks to have organized at WP3 level, review of our Security Chapter to D2.2b. I already received the WP3 comments from DT. As for the ones coming from SAP and UDE I will have a look at them with the rest of the Security team and answer them to you. As for what you says regarding Security monitoring components that in your view don't directly relate to FI-WARE let me fully object here just because it would benefit to each of the other ATs( including yours although not limited to it) and is also highly desired for what concerns usage areas we know and are targeting (Smart City, Smart Grid, Smart Transport, ...). This without saying it is part of the approved DoW so this is directly related to FI-WARE and the major innovations which may result of the FI-WARE Project. Best regards, Pascal De : Friesen, Andreas [mailto:andreas.friesen at sap.com] Envoy? : lundi 11 juillet 2011 13:04 ? : BISSON Pascal Cc : GIDOIN Daniel; Juanjo Hierro; TRABELSI, Slim; Leidig, Torsten Objet : Review of the security chapter by Apps/Services Ecosystem and delivery Dear Pascal, I asked all WP3 partners feeling qualified to build an opinion about security to review the security chapter and received some feedback in the meantime. I will forward to you any additional reviews until today EOB should I receive them during the day. Please find attached the reviewed security chapter from SAP and UDE. We did not change the text just added comments. In general, the comments are mainly focused on getting a common understanding what will security chapter offer to other FI-WARE chapters in the end. As you will see from the comments (except for the enablers corresponding to "2 Generic Security Enablers" in Fig.2 dealing with authentication, authorization, identity management, privacy, etc.) it is very difficult to assess (at least from the perspective of apps/services ecosystems so maybe an additional review from a different WP could be useful for you) at the moment how the rest of the security WP contributes to/can be used by other chapters in FI-WARE. Many of the described components are either too low level (e.g., database risk evaluation and anonymization service) or not directly related to FI-WARE (e.g., the security monitoring components). Here are also some comments on the Security chapter with respect to WP3 issues provided by DT: Security Monitoring Enabler It is not clear which interfaces to services and composition environments are needed for the monitoring process. Infos provided on pg 7 are very general: Firewalls, Intrusion Detection Systems, Security and Event Managers, ... wireless events agents ... Especially business risk impact evaluation sounds interesting, but it is not part of the figure 3 and not clear how a relationship with a real business application produced e.g. by our composition tools could be realised. At this level of description it's unclear how e.g. a sql intrusion attack on application level is monitored or the business risk is evaluated. Identity Management Are there also some group functionalities or are there only single identities for users and things? PPL Engine Is there an own grafical user interface for the end user to control his attributes? What are the interfaces to applications or services? Context-based security and compliance Not clear if this is related to WP3: Is it filter of security enablers (which one?) to fit with "very specific regulatory constraints" and monitoring of system performance? If this is an USDL extension, what is the influence on applications which are described in USDL and consumed via the marketplace? Optional security service enabler Not understood, is it an extension of USDL with security features (see above)? "The goal is to make easily extendible the security service description for customized services. This functionality will encourage all developers to define and describe their won services through the USDL standard by adding new functionalities .." pg18 Are there any relations to applications and composition tools, what are the effects on applications or user security? Best regards, Andreas From: fiware-wpl-bounces at lists.fi-ware.eu [mailto:fiware-wpl-bounces at lists.fi-ware.eu] On Behalf Of Juanjo Hierro Sent: Mittwoch, 6. Juli 2011 12:27 To: fiware-wpl at lists.fi-ware.eu; fiware-wpa at lists.fi-ware.eu Subject: [Fiware-wpl] Contents of chapters available and planning until official deliverable Dear colleagues, You will find the .doc files of each of your chapters in the usual placeholders. Now, the name associated to each of them adopts the following convention: "FI-WARE High-level Description - Chapter v." The integrated draft is available at: https://forge.fi-ware.eu/docman/view.php/7/235/FI-WARE+High-Level+Description+integrated+draft+0.1+11-07-06.doc But we should keep working with separated files per chapter. I first action I would kindly ask all of you to perform is to check that all your stuff is there and I didn't miss anything during the integration :-) If you find something missing, please let me know. Now, we should NOT relax and keep going to get the official release of the deliverable on time. This was announced for mid July ... what mid July means is up to us, but I would suggest making it available on July 19th. What I would suggest now is that we carry out a peer review of each chapter, involving members of a given WP in reviewing the contents of those chapter with whom more inter dependencies may exist. In parallel, each group should try to finish what couldn't make for this first draft. I know that the analysis of Security aspects, just to mention an example, is not closed for all the chapters. I will try to send a summary of what I see pending per chapter later today. In respect to peer reviews, here you have my suggestions for a first round. We would try to make another round before the deadline: Chapter Chief editors Contacts Suggested peer reviewer (team) Cloud Hosting IBM GLIKSON at il.ibm.com Interfaces to Networks & Devices Data/Context Management TID jhierro at tid.es IoT Services Enablement Apps/Services Ecosystem & Delivery SAP andreas.friesen at sap.com, torsten.leidig at sap.com Security IoT Services Enablement Orange & NSN Thierry.nagellen at orange-ftgroup.com, lorant.farkas at nsn.com Data/Context Management Interfaces to Networks & Devices TI &DT pierangelo.garino at telecomitalia.it, Hans.Einsiedler at telekom.de Cloud Hosting Security Thales pascal.bisson at thalesgroup.com, daniel.gidoin at thalesgroup.com Apps/Services Ecosystem & Delivery I would suggest that we define the following milestones linked to this first round unless I hear any objection: * July 11 EOB, reviewers to send their comments (I suggest word files with changes under control) * July 13 EOB, revision of comments by editors of each chapter and upload of new version by chief editors on FusionForge If you believe that there would be a better assignment for you, please also let me know and we'll try together to see if there is an alternative arrangement. Chief editors in the table above matches the WPLs and WPAs as you may already know. WPLs are entitled to contact the chief editor of the chapter his team has been assigned to review so that you can agree on how to proceed. We can keep the procedure of managing the editor token by playing with the states linked to documents in the docman system so that whenever one file is in "pending" state means somebody is editing it. Whenever one changes the state of a given document to "pending" it should announce it to the people involved. Anyway, you should always download the last version from FusionForge (or check that the version you have is downloadable) whenever you decide to start editing a document and change it to "pending". A good strategy in some cases is that you split the chapter in several files, so that you keep control of those pieces that you believe are unstable and leave the rest for review. If you have still pending points, this procedure won't be perfect so each editor should probably edit his version in parallel someone is reviewing it, then manage how to integrate the comments. But there is no much better ways to proceed unless you have a better idea. There are other things that we should start hard because we are behind the schedule. An important part has to do with starting to bring content to the website and blogs. It won't be that difficult now that we have quite a bit of content and nice stories to talk about :-) I'll send an email with a plan proposal on the matter either today or tomorrow. ONE FINAL WORD AND RATHER IMPORTANT: PLEASE respect the styles and procedures for editing describing at the front matter of the documents. Some of you have tried to respect them, and integration was rather easy. BUT I HAVE TO SAY THAT OTHERS HAVE NOT. And this creates a lot of burden. I can tell you that I have lost almost one hour with one of the chapters just fixing the formats while I have spent just 15 mins with the chapters from those who followed the rules. FOR THE NEXT ROUND, take it seriously, I will reject any file that contains prohibited styles or broken styles. I know that it's pretty easy just to copy&paste from another document you may have written before or apart of this project or a web page, but that action breaks everything and has unpredictable consequences in MS Word. It is also easier to create bullet lists or numbered lists using the buttons for doing so that MS Word offers to you at the upper tool bar, but that also has unpredictable consequences and means breaking an homogeneous style across the whole document (I will indeed try to find out how to prevent these buttons to appear :-) And that's all for this very long mail, I want to again thank you for all your efforts, good attitude and, overall, patience with my requests. Best regards, -- Juanjo ________________________________ Este mensaje se dirige exclusivamente a su destinatario. Puede consultar nuestra pol?tica de env?o y recepci?n de correo electr?nico en el enlace situado m?s abajo. This message is intended exclusively for its addressee. We only send and receive email on the basis of the terms set out at. http://www.tid.es/ES/PAGINAS/disclaimer.aspx -------------- next part -------------- An HTML attachment was scrubbed... URL: From robert.seidl at nsn.com Mon Jul 18 09:50:45 2011 From: robert.seidl at nsn.com (Seidl, Robert (NSN - DE/Munich)) Date: Mon, 18 Jul 2011 09:50:45 +0200 Subject: [Fiware-security] FI-WARE - WP8 - T8.2 partner assets-->partner contribution needed References: <70B7C2744D52BB4282F0E0D3DC965E0C04E6A032@DEMUEXC006.nsn-intra.net> <70B7C2744D52BB4282F0E0D3DC965E0C04EEDA7F@DEMUEXC006.nsn-intra.net> Message-ID: <70B7C2744D52BB4282F0E0D3DC965E0C051BE909@DEMUEXC006.nsn-intra.net> Hi, please find attached the latest and hopefully complete version of the assets from T8.2. Thanks to all for your input. If there is something missing please send me an email. What we will do next is to combine the assets if possible or find out if there are some overlappings. Greetings Robert ________________________________ From: Seidl, Robert (NSN - DE/Munich) Sent: Sunday, June 12, 2011 10:55 PM To: 'Fiware-security at lists.fi-ware.eu' Cc: Marton, Gabor (NSN - HU/Budapest) Subject: RE: [Fiware-security] FI-WARE - WP8 - T8.2 partner assets-->partner contribution needed Hi, before my vacation please find attached the latest version of the T8.2 assets. Still AI for Thales and Deutsche Telekom. Gabor will step in for me during my holiday. Greetings Robert ________________________________ From: Seidl, Robert (NSN - DE/Munich) Sent: Friday, June 10, 2011 10:40 AM To: Fiware-security at lists.fi-ware.eu; Wolfgang.Steigerwald at telekom.de Subject: RE: [Fiware-security] FI-WARE - WP8 - T8.2 partner assets-->partner contribution needed Hi, here the latest status update regarding assets for T8.2 as input for your meeting in Paris. Still missing (marked in yellow in the attached document): Thales: should I delete the additional mentioned assets (see document)? DT: should I delete the additional mentioned asset (one remaining, will be clarified latest by end of the week by Wolfgang) Greetings Robert ________________________________ From: fiware-security-bounces at lists.fi-ware.eu [mailto:fiware-security-bounces at lists.fi-ware.eu] On Behalf Of Seidl, Robert (NSN - DE/Munich) Sent: Wednesday, June 08, 2011 5:06 PM To: Fiware-security at lists.fi-ware.eu; xavier.aghina at orange-ftgroup.com; Wolfgang.Steigerwald at telekom.de Subject: Re: [Fiware-security] FI-WARE - WP8 - T8.2 partner assets-->partner contribution needed Hi, just one more status update: Still missing: Thales: should I delete the additional mentioned assets (see document)? Orange: no input so far, please Xavier provide the input for Orange DT: should I delete the additional mentioned asset (one remaining, will be clarified latest by end of the week by Wolfgang) Please find the newest version attached. Greetings Robert ________________________________ From: fiware-security-bounces at lists.fi-ware.eu [mailto:fiware-security-bounces at lists.fi-ware.eu] On Behalf Of Seidl, Robert (NSN - DE/Munich) Sent: Monday, June 06, 2011 8:51 AM To: Fiware-security at lists.fi-ware.eu Subject: Re: [Fiware-security] FI-WARE - WP8 - T8.2 partner assets -->partner contribution needed Dear partners, please find attached the newest version for T8.2 assets based on the inputs I received so far. Still missing: Thales: should I delete the additional mentioned assets (see document)? Orange: no input so far INIRA: input received, please adapt your input to the format used in the document (mentioning Maturity, IPR, Enablers, ...) DT: should I delete the additional mentioned assets (see document)? Many thanks in advance Robert ________________________________ From: Seidl, Robert (NSN - DE/Munich) Sent: Friday, June 03, 2011 11:03 AM To: 'Fiware-security at lists.fi-ware.eu' Subject: RE: FI-WARE - WP8 - T8.2 partner assets --> partner contribution needed Hi all, please find attached the newest version of the partner assets of task T8.2. Missing input from following partners: Thales: should I delete the additional mentioned assets (see document)? Orange: no input so far INIRA: no input so far Please provide the missing input. Greetings and have a nice weekend Robert ________________________________ From: Seidl, Robert (NSN - DE/Munich) Sent: Wednesday, June 01, 2011 9:41 AM To: Fiware-security at lists.fi-ware.eu Subject: FW: FI-WARE - WP8 - T8.2 partner assets --> partner contribution needed Hi all, this is just to remind all of you, who have not done so far, to contribute your detailed asset description to the attached document for task 8.2. Deadline is end of this week. Greetings Robert ________________________________ From: ext TRABELSI, Slim [mailto:slim.trabelsi at sap.com] Sent: Tuesday, May 31, 2011 10:43 AM To: Seidl, Robert (NSN - DE/Munich) Cc: Fiware-security at lists.fi-ware.eu Subject: RE: FI-WARE - WP8 - T8.2 partner assets --> partner contribution needed Hi Robert, You can find the description asset of SAP. This asset is strongly related to IBM's one, since one compoenent is designed and developed by IBM (Credential Handler). SAP and IBM assets will work together for delivering the PPL engine asset with the Credential and IDMix capabilities. Thank you Regards Slim From: Seidl, Robert (NSN - DE/Munich) [mailto:robert.seidl at nsn.com] Sent: jeudi 26 mai 2011 18:12 To: ext BISSON Pascal; Fiware-security at lists.fi-ware.eu Cc: Marton, Gabor (NSN - HU/Budapest); Antonio Garcia Vazquez; Pedro Soria Rodriguez; TRABELSI, Slim; Schaad, Andreas; Michael Osborne; SIEUX Corinne; Philippe.LELEU at fr.thalesgroup.com; GIDOIN Daniel; EGAN Richard Subject: FI-WARE - WP8 - T8.2 partner assets --> partner contribution needed Hi WP8, we need to collect all the assets from each partner (to be provided in template form). I collected the input I received so far and included as well the input I collected during our physical meeting in Madrid. Still some input is missing and also some detailed descriptons according to our template. To be concrete follwing is missing or at least to be checked if the asset is still valid: SAP IBM Thales Orange DTAG INRIA It would be nice if you could provide the missing input as soon as possible. Greetings Robert -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: WP8 Description of the Security Asset v07.docx Type: application/octet-stream Size: 1870911 bytes Desc: WP8 Description of the Security Asset v07.docx URL: From pascal.bisson at thalesgroup.com Mon Jul 18 10:55:22 2011 From: pascal.bisson at thalesgroup.com (BISSON Pascal) Date: Mon, 18 Jul 2011 10:55:22 +0200 Subject: [Fiware-security] TR: Fi-ware security GE - Review In-Reply-To: References: <8168_1310136924_4E171A5C_8168_14436_1_489956e8-c2fa-46f1-aad2-688a97ceb90f@THSONEA01HUB03P.one.grp> <0385F69C47D8694EA885D34BE18BCCC402FFEDD0@INTMAIL02.es.int.atosorigin.com> Message-ID: <1222_1310979324_4E23F4FC_1222_4479_1_CBBCD6C304123F4AB23FAAE3055C8C0E0203F60BF542@THSONEA01CMS04P.one.grp> Ok, thanks text has been integrated in latest version of the Security chapter that will be uploaded; De : fiware-security-bounces at lists.fi-ware.eu [mailto:fiware-security-bounces at lists.fi-ware.eu] De la part de TRABELSI, Slim Envoy? : mercredi 13 juillet 2011 08:41 ? : Antonio Garcia Vazquez; fiware-security at lists.fi-ware.eu Objet : Re: [Fiware-security] TR: Fi-ware security GE - Review Dear all, Here is the question mark text that I propose to answer to the comment of WP3 related to USDL-SEC. The current version of the USDL-SEC specification is a very early draft designed before the beginning of the Fi-Ware project. It does not reflect yet the security capabilities proposed in the generic security enablers exposed in WP8. The main task of the WP8 in the next months is to list these security capabilities and map them to a new version of the USDL-SEC specification in order to be able to publish correctly all the security services and make them available for any service deployed in the Fi-Ware plateform. I hope that this explanation is sufficient to address this comment. Thank you Regards Slim From: fiware-security-bounces at lists.fi-ware.eu [mailto:fiware-security-bounces at lists.fi-ware.eu] On Behalf Of Antonio Garcia Vazquez Sent: mardi 12 juillet 2011 10:03 To: fiware-security at lists.fi-ware.eu Subject: Re: [Fiware-security] TR: Fi-ware security GE - Review Dear All, My comments about Context-based security and compliance : 1) Not clear if this is related to WP3: There is no relation with WP3, but the extension of the USDL protocol which is also used by WP3. I think this point is clear enough in our text. Perhaps we could change this paragraph: ?Extend standard USDL 3.0 by implementing a new module security oriented where security specifications may be referred to existing standards like WS-SecurityPolicy and even management to Common Base Event? Into this one: ?? Define a USDL-Sec protocol as a new module security oriented extension of standard USDL 3.0 where security specifications may be referred to existing standards like WS-SecurityPolicy and even management to Common Base Event? To be more specific. 2) Is it filter of security enablers (which one?) to fit with "very specific regulatory constraints" and monitoring of system performance? I think we are clear enough in next paragraph: ?The GE will accept security request from a client application and will select the best Optional Security Enabler to fulfil it.? 3) If this is an USDL extension, what is the influence on applications which are described in USDL and consumed via the marketplace? The relationship between USDL-SEC and USDL will be the same as the already implemented relationship between existing USDL modules (see http://www.internet-of-services.com/index.php?id=570&L=0) On the other hand I?m agree with Stein. As USDL-SEC will be an extension of USDL ; the optional security GE market could be defined as an extension of the serviced market they are defining in WP3. So some kind of interaction in this field could be needed I also send a Word version with the modifications implemented Best Regards ************************************ * Antonio Garc?a V?zquez * * (+34) 91 214 9384 * * antonio.garcia at atosresearch.eu * ************************************ From: fiware-security-bounces at lists.fi-ware.eu [mailto:fiware-security-bounces at lists.fi-ware.eu] On Behalf Of BISSON Pascal Sent: viernes, 08 de julio de 2011 16:55 To: Fiware-Security (fiware-security at lists.fi-ware.eu) Subject: [Fiware-security] TR: Fi-ware security GE - Review Dear All, Here are the comments we got from the peer-review of our Security chapter which was performed by WP3 (Horst Stein/DT) In view of the comments I would ask each of the Task leaders and/or GE enablers to which they are targeted to provide me with their answer in order to interact with them and elaborate shared and agreed answer we can give (this including some redrafting which might be needed to clarify things and so improve overall quality of our Chapter) Useless to say any of you is more than welcome to contribute/participate to the answers to be given here. So hearing from the task leads and you all to improve our Security chapter in view of the comments raised by WP3 reviewer. Best Regards, Pascal De : fiware-apps-bounces at lists.fi-ware.eu [mailto:fiware-apps-bounces at lists.fi-ware.eu] De la part de Horst.Stein at telekom.de Envoy? : vendredi 8 juillet 2011 15:14 ? : fiware-apps at lists.fi-ware.eu Objet : [Fiware-apps] Fi-ware security GE - Review Hi Andreas and all, Here are some comments on the Security chapter with respect to WP3 issues: Security Monitoring Enabler It is not clear which interfaces to services and composition environments are needed for the monitoring process. Infos provided on pg 7 are very general: Firewalls, Intrusion Detection Systems, Security and Event Managers, ? wireless events agents ? Especially business risk impact evaluation sounds interesting, but it is not part of the figure 3 and not clear how a relationship with a real business application produced e.g. by our composition tools could be realised. At this level of description it's unclear how e.g. a sql intrusion attack on application level is monitored or the business risk is evaluated. Identity Management Are there also some group functionalities or are there only single identities for users and things? PPL Engine Is there an own grafical user interface for the end user to control his attributes? What are the interfaces to applications or services? Context-based security and compliance Not clear if this is related to WP3: Is it filter of security enablers (which one?) to fit with "very specific regulatory constraints" and monitoring of system performance? If this is an USDL extension, what is the influence on applications which are described in USDL and consumed via the marketplace? Optional security service enabler Not understood, is it an extension of USDL with security features (see above)? "The goal is to make easily extendible the security service description for customized services. This functionality will encourage all developers to define and describe their won services through the USDL standard by adding new functionalities .." pg18 Are there any relations to applications and composition tools, what are the effects on applications or user security? Best regards and nice weekend Horst ________________________________________________ Deutsche Telekom AG Laboratories Dr. Horst Stein Winterfeldtstrasse 21, D-10781 Berlin +49 30 835358637 (Tel) +49 391 53477987 +49 1605326264 (Mobil) http://www.laboratories.telekom.com E-Mail: horst.stein at telekom.de Erleben, was verbindet. Deutsche Telekom AG Aufsichtsrat: Prof. Dr. Ulrich Lehner (Vorsitzender) Vorstand: Ren? Obermann (Vorsitzender), Hamid Akhavan, Dr. Manfred Balz, Reinhard Clemens, Niek Jan van Damme, Timotheus H?ttges, Guido Kerkhoff, Thomas Sattelberger Handelsregister: Amtsgericht Bonn HRB 6794 Sitz der Gesellschaft: Bonn WEEE-Reg.-Nr. DE50478376 ------------------------------------------------------------------ This e-mail and the documents attached are confidential and intended solely for the addressee; it may also be privileged. If you receive this e-mail in error, please notify the sender immediately and destroy it. As its integrity cannot be secured on the Internet, the Atos group liability cannot be triggered for the message content. Although the sender endeavours to maintain a computer virus-free network, the sender does not warrant that this transmission is virus-free and will not be liable for any damages resulting from any virus transmitted. Este mensaje y los ficheros adjuntos pueden contener informacion confidencial destinada solamente a la(s) persona(s) mencionadas anteriormente pueden estar protegidos por secreto profesional. Si usted recibe este correo electronico por error, gracias por informar inmediatamente al remitente y destruir el mensaje. Al no estar asegurada la integridad de este mensaje sobre la red, Atos no se hace responsable por su contenido. Su contenido no constituye ningun compromiso para el grupo Atos, salvo ratificacion escrita por ambas partes. Aunque se esfuerza al maximo por mantener su red libre de virus, el emisor no puede garantizar nada al respecto y no sera responsable de cualesquiera danos que puedan resultar de una transmision de virus. ------------------------------------------------------------------ -------------- next part -------------- An HTML attachment was scrubbed... URL: From pascal.bisson at thalesgroup.com Mon Jul 18 18:06:03 2011 From: pascal.bisson at thalesgroup.com (BISSON Pascal) Date: Mon, 18 Jul 2011 18:06:03 +0200 Subject: [Fiware-security] FI-WARE - Security project Message-ID: <9945_1311005170_4E2459F2_9945_5984_1_7abcb74a-1c48-449c-8204-88e699d62bac@THSONEA01HUB04P.one.grp> Dear Juanjo, This just to let you know that I have uploaded on the repository the latest version of the Security Chapter that answers review comments we got from WP3. You may find it at the following address: https://forge.fi-ware.eu/docman/view.php/7/190/FI-WARE+High-Level+Description+-+Security+chapter+-+v1.1+valid+until+110719.doc Best Regards, Pascal -------------- next part -------------- An HTML attachment was scrubbed... URL: From pascal.bisson at thalesgroup.com Wed Jul 20 17:01:20 2011 From: pascal.bisson at thalesgroup.com (BISSON Pascal) Date: Wed, 20 Jul 2011 17:01:20 +0200 Subject: [Fiware-security] TR: Apps/Services review by security chapter Message-ID: <8921_1311174090_4E26EDCA_8921_5741_1_b78108c1-0346-4ce6-8b8a-d5805d5d925f@THSONEA01HUB02P.one.grp> Dear All, I'm forwarding you this email related to the review (Daniel and I) performed of the WP3 Chapter as per request of WP2 Lead. To be also briefly discussed at our next audio conf (this Friday so 22/07/2011 10am-12am) Regards, Pascal De : BISSON Pascal Envoy? : mardi 19 juillet 2011 18:47 ? : Friesen, Andreas Cc : GIDOIN Daniel; TRABELSI, Slim; Juanjo Hierro; Leidig, Torsten; BISSON Pascal; SIEUX Corinne; LELEU Philippe Objet : RE: Apps/Services review by security chapter Importance : Haute Dear Andreas, Find attached to this email our (Thales) review of the Apps chapter. This review was performed by me and my colleague Daniel (in cc) In complement of the review comments and/or suggested changes in the text of the document I added hereafter some more general comments we came up with. ? Apps chapter has seriously improved (especially compared to previous version we went through when identifying security issues from WP8 perspective). So congratulations to you and the team for the work you achieved here. ? Relationship with Cloud hosting team is rightly stressed. In the meantime relationship with other teams could be better stressed. This is especially true for what concerns Security team. So apart from Security issues reported by WP8 and integrated in Question mark section I would suggest to add a question mark to address this and stress from the WP3 perspective how they envision to interact with the Security and why. Also stress its urgency. ? There are very few question marks apart from the ones on Security. So would suggest to consider to add some new more. Especially for what concerns interaction with other teams (Security but also IoT) although not uniquely. This just because the reader would expect more once reading this chapter ... ? References to contributing projects and/or products identified by the team should be kept for M5 update of this deliverable as initially announced. This is also something that can differentiate M5 deliverable from M2 deliverable. ? Section with (major) references is missing. Would suggest to add one to make things comparable to other chapters. Hope it helps you to finalize your work on this Chapter. Once more apologize in me sending you with a small delay our review comments but it took more time than expected. Best Regards, Pascal PS: I put Slim in cc of this email since Slim is together with us in charge of monitoring WP3 activities and as such was involved in the identification of the Security issues coming from WP3 and reported in the Question marks. Slim can also support you in addressing some of our review comments. De : Friesen, Andreas [mailto:andreas.friesen at sap.com] Envoy? : lundi 18 juillet 2011 11:24 ? : BISSON Pascal Cc : GIDOIN Daniel; TRABELSI, Slim; Juanjo Hierro; Leidig, Torsten Objet : RE: Apps/Services review by security chapter Dear Pascal, thanks for the info. Please take the newest version from FusionForge. It has been significantly reworked after the review from Junjo. Best regards, Andreas From: BISSON Pascal [mailto:pascal.bisson at thalesgroup.com] Sent: Montag, 18. Juli 2011 10:52 To: Friesen, Andreas Cc: GIDOIN Daniel; BISSON Pascal; TRABELSI, Slim; Juanjo Hierro Subject: RE: Apps/Services review by security chapter Importance: High Dear Andreas, Back to you on this. Due the fact Daniel and I were busy with some other stuff (not only addressing comments we got on Security chapter but also checking question marks on security issues of each other chapter) we were unable to perform the review of your Chapter according to the set deadline. Furthermore our Thales site was closed on July 14th and July 15th which prevented us also to work on the topic those days. But we are back to work and will provide you with our review of your Chapter asap (my target here is by EOB today). Once more my apologize and will do my utmost to provide with our comments asap. Best Regards, Pascal De : Friesen, Andreas [mailto:andreas.friesen at sap.com] Envoy? : mercredi 13 juillet 2011 17:55 ? : BISSON Pascal Objet : Apps/Services review by security chapter Dear Pascal, when can we count with the review of our chapter? Thanks Andreas Dr. Andreas Friesen Research Program Manager Service Science SAP Research Center Karlsruhe SAP AG Vincenz-Priessnitz-Strasse 1 76131 Karlsruhe, Germany T + 49 6227 752 586 F + 49 6227 78-43567 M +49 171 8674630 mailto:andreas.friesen at sap.com http://www.sap.com Pflichtangaben/Mandatory Disclosure Statements: http://www.sap.com/company/legal/impressum.epx Diese E-Mail kann Betriebs- oder Gesch?ftsgeheimnisse oder sonstige vertrauliche Informationen enthalten. Sollten Sie diese E-Mail irrt?mlich erhalten haben, ist Ihnen eine Kenntnisnahme des Inhalts, eine Vervielf?ltigung oder Weitergabe der E-Mail ausdr?cklich untersagt. Bitte benachrichtigen Sie uns und vernichten Sie die empfangene E-Mail. Vielen Dank. This e-mail may contain trade secrets or privileged, undisclosed, or otherwise confidential information. If you have received this e-mail in error, you are hereby notified that any review, copying, or distribution of it is strictly prohibited. Please inform us immediately and destroy the original transmittal. Thank you for your cooperation. -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: FI-WARE High-Level Description - Apps chapter - v1 0 20 - valid until 11-07-16-THA_review.doc Type: application/msword Size: 1761280 bytes Desc: FI-WARE High-Level Description - Apps chapter - v1 0 20 - valid until 11-07-16-THA_review.doc URL: From slim.trabelsi at sap.com Wed Jul 20 13:53:49 2011 From: slim.trabelsi at sap.com (TRABELSI, Slim) Date: Wed, 20 Jul 2011 13:53:49 +0200 Subject: [Fiware-security] FI-WARE - WP8 - T8.2 partner assets-->partner contribution needed In-Reply-To: <9940_1311156229_4E26A805_9940_15113_1_5db68470-5f87-4100-8678-a253991cd416@THSONEA01HUB02P.one.grp> References: <28099_1311153586_4E269DB1_28099_12032_1_39bd82c4-eae5-4bf1-90d2-621f5691853f@THSONEA01HUB02P.one.grp> <9940_1311156229_4E26A805_9940_15113_1_5db68470-5f87-4100-8678-a253991cd416@THSONEA01HUB02P.one.grp> Message-ID: Hi Pascal, The only issue related to these assets is the feasibility. T is not yet clear for me weather some of these assets can be deployed as a service. If all the authors can participate to the next call on Friday I can clarify this point, otherwise I'll contact them by e-mail or by phone to commit on the selected asset list. Thank you Regards Slim -----Original Message----- From: BISSON Pascal [mailto:pascal.bisson at thalesgroup.com] Sent: mercredi 20 juillet 2011 12:04 To: TRABELSI, Slim; Antonio Garcia Vazquez; GIDOIN Daniel Cc: Seidl, Robert (NSN - DE/Munich) Subject: RE: [Fiware-security] FI-WARE - WP8 - T8.2 partner assets-->partner contribution needed Thanks Slim. Please confirm me there is no more open issue nor pending selection decision. If not just report them to me/us/ Regards, Pascal -----Message d'origine----- De?: TRABELSI, Slim [mailto:slim.trabelsi at sap.com] Envoy??: mercredi 20 juillet 2011 11:53 ??: BISSON Pascal; Antonio Garcia Vazquez; GIDOIN Daniel Cc?: Seidl, Robert (NSN - DE/Munich) Objet?: RE: [Fiware-security] FI-WARE - WP8 - T8.2 partner assets-->partner contribution needed Hi Pascal, Here is an updated version of the T8.4 asset list. regards Slim ________________________________ From: BISSON Pascal [pascal.bisson at thalesgroup.com] Sent: Wednesday, July 20, 2011 11:17 AM To: Antonio Garcia Vazquez; GIDOIN Daniel; TRABELSI, Slim Cc: BISSON Pascal; Seidl, Robert (NSN - DE/Munich) Subject: TR: [Fiware-security] FI-WARE - WP8 - T8.2 partner assets-->partner contribution needed Daniel, Antonio, Slim, Since now I received from Robert the final and complete version of the document describing assets attached to T8.2 could you please send me similar document from your side for what concerns assets attached to the task you are leading (T8.1/Daniel, T8.3/Antonio, T8.4/Slim). This just because to have final and up to the task version of this document to enter the next step/sprint/round related to features backlog. Many thanks in advance and we will discuss also at our audio conf of this Friday. Regards, Pascal De : fiware-security-bounces at lists.fi-ware.eu [mailto:fiware-security-bounces at lists.fi-ware.eu] De la part de Seidl, Robert (NSN - DE/Munich) Envoy? : lundi 18 juillet 2011 09:51 ? : Fiware-security at lists.fi-ware.eu Objet : Re: [Fiware-security] FI-WARE - WP8 - T8.2 partner assets-->partner contribution needed Hi, please find attached the latest and hopefully complete version of the assets from T8.2. Thanks to all for your input. If there is something missing please send me an email. What we will do next is to combine the assets if possible or find out if there are some overlappings. Greetings Robert ________________________________ From: Seidl, Robert (NSN - DE/Munich) Sent: Sunday, June 12, 2011 10:55 PM To: 'Fiware-security at lists.fi-ware.eu' Cc: Marton, Gabor (NSN - HU/Budapest) Subject: RE: [Fiware-security] FI-WARE - WP8 - T8.2 partner assets-->partner contribution needed Hi, before my vacation please find attached the latest version of the T8.2 assets. Still AI for Thales and Deutsche Telekom. Gabor will step in for me during my holiday. Greetings Robert ________________________________ From: Seidl, Robert (NSN - DE/Munich) Sent: Friday, June 10, 2011 10:40 AM To: Fiware-security at lists.fi-ware.eu; Wolfgang.Steigerwald at telekom.de Subject: RE: [Fiware-security] FI-WARE - WP8 - T8.2 partner assets-->partner contribution needed Hi, here the latest status update regarding assets for T8.2 as input for your meeting in Paris. Still missing (marked in yellow in the attached document): Thales: should I delete the additional mentioned assets (see document)? DT: should I delete the additional mentioned asset (one remaining, will be clarified latest by end of the week by Wolfgang) Greetings Robert ________________________________ From: fiware-security-bounces at lists.fi-ware.eu [mailto:fiware-security-bounces at lists.fi-ware.eu] On Behalf Of Seidl, Robert (NSN - DE/Munich) Sent: Wednesday, June 08, 2011 5:06 PM To: Fiware-security at lists.fi-ware.eu; xavier.aghina at orange-ftgroup.com; Wolfgang.Steigerwald at telekom.de Subject: Re: [Fiware-security] FI-WARE - WP8 - T8.2 partner assets-->partner contribution needed Hi, just one more status update: Still missing: Thales: should I delete the additional mentioned assets (see document)? Orange: no input so far, please Xavier provide the input for Orange DT: should I delete the additional mentioned asset (one remaining, will be clarified latest by end of the week by Wolfgang) Please find the newest version attached. Greetings Robert ________________________________ From: fiware-security-bounces at lists.fi-ware.eu [mailto:fiware-security-bounces at lists.fi-ware.eu] On Behalf Of Seidl, Robert (NSN - DE/Munich) Sent: Monday, June 06, 2011 8:51 AM To: Fiware-security at lists.fi-ware.eu Subject: Re: [Fiware-security] FI-WARE - WP8 - T8.2 partner assets -->partner contribution needed Dear partners, please find attached the newest version for T8.2 assets based on the inputs I received so far. Still missing: Thales: should I delete the additional mentioned assets (see document)? Orange: no input so far INIRA: input received, please adapt your input to the format used in the document (mentioning Maturity, IPR, Enablers, ...) DT: should I delete the additional mentioned assets (see document)? Many thanks in advance Robert ________________________________ From: Seidl, Robert (NSN - DE/Munich) Sent: Friday, June 03, 2011 11:03 AM To: 'Fiware-security at lists.fi-ware.eu' Subject: RE: FI-WARE - WP8 - T8.2 partner assets --> partner contribution needed Hi all, please find attached the newest version of the partner assets of task T8.2. Missing input from following partners: Thales: should I delete the additional mentioned assets (see document)? Orange: no input so far INIRA: no input so far Please provide the missing input. Greetings and have a nice weekend Robert ________________________________ From: Seidl, Robert (NSN - DE/Munich) Sent: Wednesday, June 01, 2011 9:41 AM To: Fiware-security at lists.fi-ware.eu Subject: FW: FI-WARE - WP8 - T8.2 partner assets --> partner contribution needed Hi all, this is just to remind all of you, who have not done so far, to contribute your detailed asset description to the attached document for task 8.2. Deadline is end of this week. Greetings Robert ________________________________ From: ext TRABELSI, Slim [mailto:slim.trabelsi at sap.com] Sent: Tuesday, May 31, 2011 10:43 AM To: Seidl, Robert (NSN - DE/Munich) Cc: Fiware-security at lists.fi-ware.eu Subject: RE: FI-WARE - WP8 - T8.2 partner assets --> partner contribution needed Hi Robert, You can find the description asset of SAP. This asset is strongly related to IBM's one, since one compoenent is designed and developed by IBM (Credential Handler). SAP and IBM assets will work together for delivering the PPL engine asset with the Credential and IDMix capabilities. Thank you Regards Slim From: Seidl, Robert (NSN - DE/Munich) [mailto:robert.seidl at nsn.com] Sent: jeudi 26 mai 2011 18:12 To: ext BISSON Pascal; Fiware-security at lists.fi-ware.eu Cc: Marton, Gabor (NSN - HU/Budapest); Antonio Garcia Vazquez; Pedro Soria Rodriguez; TRABELSI, Slim; Schaad, Andreas; Michael Osborne; SIEUX Corinne; Philippe.LELEU at fr.thalesgroup.com; GIDOIN Daniel; EGAN Richard Subject: FI-WARE - WP8 - T8.2 partner assets --> partner contribution needed Hi WP8, we need to collect all the assets from each partner (to be provided in template form). I collected the input I received so far and included as well the input I collected during our physical meeting in Madrid. Still some input is missing and also some detailed descriptons according to our template. To be concrete follwing is missing or at least to be checked if the asset is still valid: SAP IBM Thales Orange DTAG INRIA It would be nice if you could provide the missing input as soon as possible. Greetings Robert From pascal.bisson at thalesgroup.com Wed Jul 20 10:25:24 2011 From: pascal.bisson at thalesgroup.com (BISSON Pascal) Date: Wed, 20 Jul 2011 10:25:24 +0200 Subject: [Fiware-security] FI-WARE Security AT - Weekly audio conf Message-ID: <28099_1311150329_4E2690F9_28099_9144_1_a7748aad-b465-44c6-8c4d-c9d2c954c256@THSONEA01HUB06P.one.grp> Quand : A lieu chaque vendredi ? compter du 22/07/2011 jusqu'au 31/12/2011 de 10:00 ? 12:00 (GMT+01:00) Bruxelles, Copenhague, Madrid, Paris. Emplacement : telco (Thales) Remarque : le d?calage GMT ci-dessus ne tient pas compte des r?glages de l'heure d'?t?. *~*~*~*~*~*~*~*~*~* Dear All, This just to confirm our WP8 weekly audio conf on each Friday from 10:00 am to 12:00 am. Please take necessary steps for each of you involved in Security WP to be present or represented to each of these audio conferences. Here are the details to join: Meeting room number would be the following one : 391581 LocalConnect number to join: Australia Australia Toll Free 1800 005 574 Australia Sydney +61 (0) 282 239 767 Austria Vienna +43 (0) 2682 205 6609 Belgium Brussels +32 (0) 2 789 8678 Denmark Copenhagen +45 3271 4340 Finland Helsinki +358 (0) 923 142 830 France Lyon +33 (0) 426 840 285 France Marseille +33 (0) 488 915 385 France Paris +33 (0) 170 994 816 Germany Berlin +49 (0) 3072 616 7342 Germany D?sseldorf +49 (0) 2115 407 3902 Germany Frankfurt +49 (0) 6971 044 5635 Germany Hamburg +49 (0) 4080 902 0684 Germany Munich +49 (0) 8924 443 2893 Germany Stuttgart +49 (0) 7111 856 2130 Hong Kong Hong Kong +852 301 145 59 Hungary Budapest +36 (06) 1-889-3286 Ireland Dublin +353 (0) 14 860 780 Israel Israel Toll Free 1809 245 981 Italy Milan +39 0 230 413 017 Italy Rome +39 0 645 217 056 Italy Turin +39 0 112 179 2159 Japan Japan Toll Free 005 311 212 65 Japan Tokyo +81 (0) 357 675 025 Korea, Republic Of Seoul +82 (0) 234 831 224 Luxembourg Luxemburg City +352 2700 41 42 Malaysia Kuala Lumpur +60 (0) 377 124 640 Netherlands Amsterdam +31 (0) 207 948 529 New Zealand Auckland +64 (0) 9 919 2428 Norway Oslo +47 2153 3919 Poland Poland Toll Free 0080 0121 1304 Portugal Portugal Toll Free 800 814 183 Russia Russia Toll Free 81080 02209 4011 Singapore Singapore +65 6622 1068 Spain Barcelona +34 93 492 3235 Spain Madrid +34 91 788 9908 Sweden Stockholm +46 (0) 850 520 145 Switzerland Geneva +41 (0) 225 927 428 United Kingdom Birmingham +44 (0) 121 260 4686 United Kingdom London +44 (0) 207 153 9902 United Kingdom Manchester +44 (0) 161 250 0679 United States USA & Canada Toll Free 1888 249 0050 United States USA Toll +1 954 334 1559 -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: text/calendar Size: 4608 bytes Desc: not available URL: From pascal.bisson at thalesgroup.com Wed Jul 20 15:20:44 2011 From: pascal.bisson at thalesgroup.com (BISSON Pascal) Date: Wed, 20 Jul 2011 15:20:44 +0200 Subject: [Fiware-security] FI-WARE - WP8 - T8.2 partner assets-->partner contribution needed In-Reply-To: References: <28099_1311153586_4E269DB1_28099_12032_1_39bd82c4-eae5-4bf1-90d2-621f5691853f@THSONEA01HUB02P.one.grp> <9940_1311156229_4E26A805_9940_15113_1_5db68470-5f87-4100-8678-a253991cd416@THSONEA01HUB02P.one.grp> Message-ID: <8921_1311168046_4E26D62E_8921_93_1_CBBCD6C304123F4AB23FAAE3055C8C0E0203F6289B6E@THSONEA01CMS04P.one.grp> Ok. Thanks for the clarification. To be discussed at our weekly audio of this Friday. Regards, Pascal -----Message d'origine----- De?: TRABELSI, Slim [mailto:slim.trabelsi at sap.com] Envoy??: mercredi 20 juillet 2011 13:54 ??: BISSON Pascal Cc?: fiware-security at lists.fi-ware.eu Objet?: RE: [Fiware-security] FI-WARE - WP8 - T8.2 partner assets-->partner contribution needed Hi Pascal, The only issue related to these assets is the feasibility. T is not yet clear for me weather some of these assets can be deployed as a service. If all the authors can participate to the next call on Friday I can clarify this point, otherwise I'll contact them by e-mail or by phone to commit on the selected asset list. Thank you Regards Slim -----Original Message----- From: BISSON Pascal [mailto:pascal.bisson at thalesgroup.com] Sent: mercredi 20 juillet 2011 12:04 To: TRABELSI, Slim; Antonio Garcia Vazquez; GIDOIN Daniel Cc: Seidl, Robert (NSN - DE/Munich) Subject: RE: [Fiware-security] FI-WARE - WP8 - T8.2 partner assets-->partner contribution needed Thanks Slim. Please confirm me there is no more open issue nor pending selection decision. If not just report them to me/us/ Regards, Pascal -----Message d'origine----- De?: TRABELSI, Slim [mailto:slim.trabelsi at sap.com] Envoy??: mercredi 20 juillet 2011 11:53 ??: BISSON Pascal; Antonio Garcia Vazquez; GIDOIN Daniel Cc?: Seidl, Robert (NSN - DE/Munich) Objet?: RE: [Fiware-security] FI-WARE - WP8 - T8.2 partner assets-->partner contribution needed Hi Pascal, Here is an updated version of the T8.4 asset list. regards Slim ________________________________ From: BISSON Pascal [pascal.bisson at thalesgroup.com] Sent: Wednesday, July 20, 2011 11:17 AM To: Antonio Garcia Vazquez; GIDOIN Daniel; TRABELSI, Slim Cc: BISSON Pascal; Seidl, Robert (NSN - DE/Munich) Subject: TR: [Fiware-security] FI-WARE - WP8 - T8.2 partner assets-->partner contribution needed Daniel, Antonio, Slim, Since now I received from Robert the final and complete version of the document describing assets attached to T8.2 could you please send me similar document from your side for what concerns assets attached to the task you are leading (T8.1/Daniel, T8.3/Antonio, T8.4/Slim). This just because to have final and up to the task version of this document to enter the next step/sprint/round related to features backlog. Many thanks in advance and we will discuss also at our audio conf of this Friday. Regards, Pascal De : fiware-security-bounces at lists.fi-ware.eu [mailto:fiware-security-bounces at lists.fi-ware.eu] De la part de Seidl, Robert (NSN - DE/Munich) Envoy? : lundi 18 juillet 2011 09:51 ? : Fiware-security at lists.fi-ware.eu Objet : Re: [Fiware-security] FI-WARE - WP8 - T8.2 partner assets-->partner contribution needed Hi, please find attached the latest and hopefully complete version of the assets from T8.2. Thanks to all for your input. If there is something missing please send me an email. What we will do next is to combine the assets if possible or find out if there are some overlappings. Greetings Robert ________________________________ From: Seidl, Robert (NSN - DE/Munich) Sent: Sunday, June 12, 2011 10:55 PM To: 'Fiware-security at lists.fi-ware.eu' Cc: Marton, Gabor (NSN - HU/Budapest) Subject: RE: [Fiware-security] FI-WARE - WP8 - T8.2 partner assets-->partner contribution needed Hi, before my vacation please find attached the latest version of the T8.2 assets. Still AI for Thales and Deutsche Telekom. Gabor will step in for me during my holiday. Greetings Robert ________________________________ From: Seidl, Robert (NSN - DE/Munich) Sent: Friday, June 10, 2011 10:40 AM To: Fiware-security at lists.fi-ware.eu; Wolfgang.Steigerwald at telekom.de Subject: RE: [Fiware-security] FI-WARE - WP8 - T8.2 partner assets-->partner contribution needed Hi, here the latest status update regarding assets for T8.2 as input for your meeting in Paris. Still missing (marked in yellow in the attached document): Thales: should I delete the additional mentioned assets (see document)? DT: should I delete the additional mentioned asset (one remaining, will be clarified latest by end of the week by Wolfgang) Greetings Robert ________________________________ From: fiware-security-bounces at lists.fi-ware.eu [mailto:fiware-security-bounces at lists.fi-ware.eu] On Behalf Of Seidl, Robert (NSN - DE/Munich) Sent: Wednesday, June 08, 2011 5:06 PM To: Fiware-security at lists.fi-ware.eu; xavier.aghina at orange-ftgroup.com; Wolfgang.Steigerwald at telekom.de Subject: Re: [Fiware-security] FI-WARE - WP8 - T8.2 partner assets-->partner contribution needed Hi, just one more status update: Still missing: Thales: should I delete the additional mentioned assets (see document)? Orange: no input so far, please Xavier provide the input for Orange DT: should I delete the additional mentioned asset (one remaining, will be clarified latest by end of the week by Wolfgang) Please find the newest version attached. Greetings Robert ________________________________ From: fiware-security-bounces at lists.fi-ware.eu [mailto:fiware-security-bounces at lists.fi-ware.eu] On Behalf Of Seidl, Robert (NSN - DE/Munich) Sent: Monday, June 06, 2011 8:51 AM To: Fiware-security at lists.fi-ware.eu Subject: Re: [Fiware-security] FI-WARE - WP8 - T8.2 partner assets -->partner contribution needed Dear partners, please find attached the newest version for T8.2 assets based on the inputs I received so far. Still missing: Thales: should I delete the additional mentioned assets (see document)? Orange: no input so far INIRA: input received, please adapt your input to the format used in the document (mentioning Maturity, IPR, Enablers, ...) DT: should I delete the additional mentioned assets (see document)? Many thanks in advance Robert ________________________________ From: Seidl, Robert (NSN - DE/Munich) Sent: Friday, June 03, 2011 11:03 AM To: 'Fiware-security at lists.fi-ware.eu' Subject: RE: FI-WARE - WP8 - T8.2 partner assets --> partner contribution needed Hi all, please find attached the newest version of the partner assets of task T8.2. Missing input from following partners: Thales: should I delete the additional mentioned assets (see document)? Orange: no input so far INIRA: no input so far Please provide the missing input. Greetings and have a nice weekend Robert ________________________________ From: Seidl, Robert (NSN - DE/Munich) Sent: Wednesday, June 01, 2011 9:41 AM To: Fiware-security at lists.fi-ware.eu Subject: FW: FI-WARE - WP8 - T8.2 partner assets --> partner contribution needed Hi all, this is just to remind all of you, who have not done so far, to contribute your detailed asset description to the attached document for task 8.2. Deadline is end of this week. Greetings Robert ________________________________ From: ext TRABELSI, Slim [mailto:slim.trabelsi at sap.com] Sent: Tuesday, May 31, 2011 10:43 AM To: Seidl, Robert (NSN - DE/Munich) Cc: Fiware-security at lists.fi-ware.eu Subject: RE: FI-WARE - WP8 - T8.2 partner assets --> partner contribution needed Hi Robert, You can find the description asset of SAP. This asset is strongly related to IBM's one, since one compoenent is designed and developed by IBM (Credential Handler). SAP and IBM assets will work together for delivering the PPL engine asset with the Credential and IDMix capabilities. Thank you Regards Slim From: Seidl, Robert (NSN - DE/Munich) [mailto:robert.seidl at nsn.com] Sent: jeudi 26 mai 2011 18:12 To: ext BISSON Pascal; Fiware-security at lists.fi-ware.eu Cc: Marton, Gabor (NSN - HU/Budapest); Antonio Garcia Vazquez; Pedro Soria Rodriguez; TRABELSI, Slim; Schaad, Andreas; Michael Osborne; SIEUX Corinne; Philippe.LELEU at fr.thalesgroup.com; GIDOIN Daniel; EGAN Richard Subject: FI-WARE - WP8 - T8.2 partner assets --> partner contribution needed Hi WP8, we need to collect all the assets from each partner (to be provided in template form). I collected the input I received so far and included as well the input I collected during our physical meeting in Madrid. Still some input is missing and also some detailed descriptons according to our template. To be concrete follwing is missing or at least to be checked if the asset is still valid: SAP IBM Thales Orange DTAG INRIA It would be nice if you could provide the missing input as soon as possible. Greetings Robert From daniel.gidoin at thalesgroup.com Fri Jul 22 09:56:48 2011 From: daniel.gidoin at thalesgroup.com (GIDOIN Daniel) Date: Fri, 22 Jul 2011 09:56:48 +0200 Subject: [Fiware-security] FI-WARE - WP8 - T8.1 partner assets-->partner contribution needed In-Reply-To: <70B7C2744D52BB4282F0E0D3DC965E0C051BE909@DEMUEXC006.nsn-intra.net> References: <70B7C2744D52BB4282F0E0D3DC965E0C04E6A032@DEMUEXC006.nsn-intra.net> <70B7C2744D52BB4282F0E0D3DC965E0C04EEDA7F@DEMUEXC006.nsn-intra.net> <70B7C2744D52BB4282F0E0D3DC965E0C051BE909@DEMUEXC006.nsn-intra.net> Message-ID: <15294_1311321416_4E292D47_15294_18405_1_62e02235-7328-4476-a6a1-f837a6cd6f42@THSONEA01HUB05P.one.grp> Dear All, Please find attached the lasted version of the T8.1 assets. Bests regards Daniel -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: WP8 Description of the Security 8.1- Assets.doc Type: application/msword Size: 583168 bytes Desc: WP8 Description of the Security 8.1- Assets.doc URL: From pascal.bisson at thalesgroup.com Fri Jul 22 10:03:28 2011 From: pascal.bisson at thalesgroup.com (BISSON Pascal) Date: Fri, 22 Jul 2011 10:03:28 +0200 Subject: [Fiware-security] FI-WARE WP8 Weekly audio conf Message-ID: <11693_1311321810_4E292ED2_11693_17395_2_CBBCD6C304123F4AB23FAAE3055C8C0E0206032EB4D8@THSONEA01CMS04P.one.grp> Dear All, On the Agenda of today 's audio: * Review of minutes of last audio * Report on M2 delivrable * Report on last AB outcomes * Update on Work plan for M5 deliverable + features backlog * Summer period presence * Other issues Will open our audio in a couple of minutes. Talk to you there. Regards, Pascal -------------- next part -------------- An HTML attachment was scrubbed... URL: From pascal.bisson at thalesgroup.com Fri Jul 22 10:54:48 2011 From: pascal.bisson at thalesgroup.com (BISSON Pascal) Date: Fri, 22 Jul 2011 10:54:48 +0200 Subject: [Fiware-security] Some Questions resulting from Security Chapter presentation at last AB meeting Message-ID: <29206_1311324890_4E293ADA_29206_9053_1_CBBCD6C304123F4AB23FAAE3055C8C0E0206032EB69A@THSONEA01CMS04P.one.grp> FYI Questions got after the presentation made by FI-WARE of the Security, Trust and Privacy Chapter Security, Trust Privacy -Security/trust/privacy: some of them explained that they found some gaps, elements they thought would be necessary to cover as a common GE across different domains, but they didn't find that. E.g. encryption in general and public key management. What kind of certification would be used for development. FI-Ware is not a security project... Public key management is required (very simple example) How to manage to include Police Databases in the Cloud, monitoring security is not enough. -------------- next part -------------- An HTML attachment was scrubbed... URL: From pascal.bisson at thalesgroup.com Mon Jul 25 18:00:26 2011 From: pascal.bisson at thalesgroup.com (BISSON Pascal) Date: Mon, 25 Jul 2011 18:00:26 +0200 Subject: [Fiware-security] FI-WARE - Security AT - Minutes of our last audio conf (22/07/11) Message-ID: <9265_1311609628_4E2D931C_9265_12164_1_735ed2e1-9f33-43a5-a489-bc1f4944f240@THSONEA01HUB03P.one.grp> Dear All, This just to let you know that the minutes of our last audio conference have just been uploaded on the repository at the following address. https://forge.fi-ware.eu/docman/view.php/19/285/FI-WARE-WP8+audio+conf+2011-07-25+minutes+v1.0+.doc Please have a look and perform actions which have been requested. Please notice that some actions would have to be performed prior to our next audio conf (29/07/11 10am-12am - this Friday !). As usual take necessary steps to be present or represented at our audio conf of Friday (this is especially true for partners who were not present at out last audio conf). Talk to you on Friday. Regards, Pascal PS: These minutes are I quite extensive just because there is a number of important messages I wanted to relay to you and which are coming from the Physical AB which took place in Madrid and where Juanjo and Thomas represented the FI-WARE Project. -------------- next part -------------- An HTML attachment was scrubbed... URL: From randradas at libresoft.es Thu Jul 28 00:28:39 2011 From: randradas at libresoft.es (Roberto Andradas Izquierdo) Date: Thu, 28 Jul 2011 00:28:39 +0200 Subject: [Fiware-security] FI-WARE mailing lists are now again operative Message-ID: Dear FI-WARE project members, This mail is to announce you that the FI-WARE mailing lists are now again operative. Nevertheless, we will monitor them tomorrow to make sure there are no incidents with them. Please let us know if you still experience any problem by sending an email to fiware-support at lists.fi-ware.eu Apologize for the inconvenience all this may have caused. Sincerely, The FI-WARE infrastructure support team email: fiware-support at lists.fi-ware.eu From pascal.bisson at thalesgroup.com Thu Jul 28 17:00:32 2011 From: pascal.bisson at thalesgroup.com (BISSON Pascal) Date: Thu, 28 Jul 2011 17:00:32 +0200 Subject: [Fiware-security] FI-WARE - Follow up of FI-PPP AB - Feedback from UC SafeCity Message-ID: <10067_1311865245_4E31799D_10067_7743_1_2103070c-4e25-4377-974d-7091da8e5454@THSONEA01HUB03P.one.grp> Dear Colleagues, Find attached to this email a document with feedback of SafeCity UC project after presentation made by Juanjo of FI-WARE High-Level Architecture description document at the FI-PPP AB Meeting which took place on July 11-12 in Madrid. Please have look especially for what concerns the feedback they gave us on Security Chapter. To be further discussed among others with you at our Weekly audio-conf of tomorrow. This to properly answer at the level of this team and consolidated at upper level by Juanjo since CA to whom was primarily addresse this feedback. Regards, Pascal -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: Safecity feedback V1.doc Type: application/msword Size: 3558400 bytes Desc: Safecity feedback V1.doc URL: From pascal.bisson at thalesgroup.com Thu Jul 28 17:20:00 2011 From: pascal.bisson at thalesgroup.com (BISSON Pascal) Date: Thu, 28 Jul 2011 17:20:00 +0200 Subject: [Fiware-security] FI-WARE - WP8 - Security AT - Weekly audio conf 29/07/11 - 10am - 12am Message-ID: <25869_1311866429_4E317E3D_25869_8109_1_7f0a0baa-a427-4a86-b5b4-1a0f05090778@THSONEA01HUB02P.one.grp> Dear All, Here are the details for our audio conf of tomorrow Friday (29/07/11) starting at 10am sharp. Counting on each organization involved in WP8 to be represented. On the Agenda of this audio conf: 1. Review of actions as per last audio conf minutes 2. M2 deliverable status update 3. Next steps - Activities just to be launched (report on WPL/WPA audio of 28/07) 4. Ongoing activities with this respect at Security AT/WP8 level ? Asset selection final decision ? Features backlog ? Joint Task forces (report on either ongoing or to come) 5. Safecity Feedback from FI-PPP HLA document presentation 6. Document coming from WP9 (FI-WARE DevComE Technical description v1.0.doc) for team review 7. Other topics ? Events attended ? Papers/publications ? ... Here are the details to join: Meeting room number would be the following one : 391581 LocalConnect number to join: Australia Australia Toll Free 1800 005 574 Australia Sydney +61 (0) 282 239 767 Austria Vienna +43 (0) 2682 205 6609 Belgium Brussels +32 (0) 2 789 8678 Denmark Copenhagen +45 3271 4340 Finland Helsinki +358 (0) 923 142 830 France Lyon +33 (0) 426 840 285 France Marseille +33 (0) 488 915 385 France Paris +33 (0) 170 994 816 Germany Berlin +49 (0) 3072 616 7342 Germany D?sseldorf +49 (0) 2115 407 3902 Germany Frankfurt +49 (0) 6971 044 5635 Germany Hamburg +49 (0) 4080 902 0684 Germany Munich +49 (0) 8924 443 2893 Germany Stuttgart +49 (0) 7111 856 2130 Hong Kong Hong Kong +852 301 145 59 Hungary Budapest +36 (06) 1-889-3286 Ireland Dublin +353 (0) 14 860 780 Israel Israel Toll Free 1809 245 981 Italy Milan +39 0 230 413 017 Italy Rome +39 0 645 217 056 Italy Turin +39 0 112 179 2159 Japan Japan Toll Free 005 311 212 65 Japan Tokyo +81 (0) 357 675 025 Korea, Republic Of Seoul +82 (0) 234 831 224 Luxembourg Luxemburg City +352 2700 41 42 Malaysia Kuala Lumpur +60 (0) 377 124 640 Netherlands Amsterdam +31 (0) 207 948 529 New Zealand Auckland +64 (0) 9 919 2428 Norway Oslo +47 2153 3919 Poland Poland Toll Free 0080 0121 1304 Portugal Portugal Toll Free 800 814 183 Russia Russia Toll Free 81080 02209 4011 Singapore Singapore +65 6622 1068 Spain Barcelona +34 93 492 3235 Spain Madrid +34 91 788 9908 Sweden Stockholm +46 (0) 850 520 145 Switzerland Geneva +41 (0) 225 927 428 United Kingdom Birmingham +44 (0) 121 260 4686 United Kingdom London +44 (0) 207 153 9902 United Kingdom Manchester +44 (0) 161 250 0679 United States USA & Canada Toll Free 1888 249 0050 United States USA Toll +1 954 334 1559 -------------- next part -------------- An HTML attachment was scrubbed... URL: From pascal.bisson at thalesgroup.com Thu Jul 28 17:22:16 2011 From: pascal.bisson at thalesgroup.com (BISSON Pascal) Date: Thu, 28 Jul 2011 17:22:16 +0200 Subject: [Fiware-security] FI-WARE - WP9 document Message-ID: <10067_1311866542_4E317EAE_10067_8956_1_CBBCD6C304123F4AB23FAAE3055C8C0E02060521EAE4@THSONEA01CMS04P.one.grp> Dear All, For your information the draft document received from WP9 and at the agenda of our audio conf of tomorrow. To be further discussed with you tomorrow at our audio Regards, Pascal -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: FI-WARE DevComE Technical description v1.0.pdf Type: application/pdf Size: 1674982 bytes Desc: FI-WARE DevComE Technical description v1.0.pdf URL: From pascal.bisson at thalesgroup.com Fri Jul 29 10:23:23 2011 From: pascal.bisson at thalesgroup.com (BISSON Pascal) Date: Fri, 29 Jul 2011 10:23:23 +0200 Subject: [Fiware-security] TR: FI-WARE - Security AT - Message-ID: <18459_1311927805_4E326DFD_18459_3759_1_CBBCD6C304123F4AB23FAAE3055C8C0E02060521F02A@THSONEA01CMS04P.one.grp> De : BISSON Pascal Envoy? : mercredi 27 juillet 2011 11:34 ? : LELEU Philippe Cc : GIDOIN Daniel; BISSON Pascal Objet : TR: FI-WARE - Security AT - Importance : Haute Philippe, Suite ? ce mail peux tu SVP re-boucler avec Daniel qui coordonne l'action au niveau de la t?che T8.1. Notamment pour ce qui rel?ve des points : 1. Gaps identifi?s par TAI (en distinguant ceux que TAI souhaite adresser versus voir faire l'objet des Open Calls ? venir 2. Mettre en avant les d?veloppements compl?mentaires envisag?s par TAI pour ce qui rel?ve de vos assets (tout en insistant sur les nouvelles fonctionnalit?s vis?es) et de leur int?gration dans le dispositif 3. Besoins identifi?s mais n'incombant pas ? l'?quipe Secu (autres que CMDB ...) Par avance merci de ta coop?ration. Cdlt, Pascal De : BISSON Pascal Envoy? : mercredi 27 juillet 2011 11:28 ? : Antonio Garcia Vazquez; Rodrigo Diaz Rodriguez; TRABELSI, Slim; Seidl, Robert (NSN - DE/Munich); Marton, Gabor (NSN - HU/Budapest) Cc : BISSON Pascal; GIDOIN Daniel; Michael Osborne; Jan Camenisch; TRABELSI, Slim; LELEU Philippe Objet : FI-WARE - Security AT - Importance : Haute Dear Task leaders, The slide attached even if still incomplete (but Daniel is working hard its completion with the rest of the T8.1 team) gives you an idea of what I was requesting - among others - as per last audio conf minutes (see 22/07/11 audio conf minutes). This slides is interesting in many respects as it gives you based on assets attached to a task (here T8.1) the way we intend to link (orchestrate) altogether the assets we have, to achieve some of the new (innovative) functionalities that would be offered by the targeted enabler (here Security monitoring GE). It can be used as it is here to depict degree of complementarity (also overlap if any) of the assets we have selected to achieve GE functionalities. Furthermore it can be used to clearly identify gaps we have and so that we would have to cover either through developments at the level of this (T8.1) team (e.g. network topology) or to be addressed through Open Calls to come. Materializing the way we see our assets working together to deliver GEs (innovative) functionalities would also force us to also address and start detailing the enhancements or changes we see in each of them (this being seen as as many features to be reported in the features backlog we are busy with). Last but not least it can also help us to figure out we would be requested from other ATs (this is especially true in the attached slide for what concerns CMDB we would need to achieve our targeted functionalities). Hope this email would be helpful to you and that with this email and slide we could produce similar slides for each of the GEs owned at the level of each of your task. To be further discussed with you at our next audio conference. Would appreciate if you could come up at our audio conf of Friday with similar slides from your side to be introduced and discussed as it can only help us to make progress on this. Hearing from you and talk with you on Friday. Best Regards, Pascal -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: The Slide.ppt Type: application/vnd.ms-powerpoint Size: 196608 bytes Desc: The Slide.ppt URL: From pascal.bisson at thalesgroup.com Fri Jul 29 10:23:50 2011 From: pascal.bisson at thalesgroup.com (BISSON Pascal) Date: Fri, 29 Jul 2011 10:23:50 +0200 Subject: [Fiware-security] TR: FI-WARE - Security AT - Message-ID: <2570_1311927832_4E326E18_2570_5778_1_CBBCD6C304123F4AB23FAAE3055C8C0E02060521F02F@THSONEA01CMS04P.one.grp> The slide I'm referring to De : BISSON Pascal Envoy? : mercredi 27 juillet 2011 11:28 ? : Antonio Garcia Vazquez; Rodrigo Diaz Rodriguez; TRABELSI, Slim; Seidl, Robert (NSN - DE/Munich); Marton, Gabor (NSN - HU/Budapest) Cc : BISSON Pascal; GIDOIN Daniel; Michael Osborne; Jan Camenisch; TRABELSI, Slim; LELEU Philippe Objet : FI-WARE - Security AT - Importance : Haute Dear Task leaders, The slide attached even if still incomplete (but Daniel is working hard its completion with the rest of the T8.1 team) gives you an idea of what I was requesting - among others - as per last audio conf minutes (see 22/07/11 audio conf minutes). This slides is interesting in many respects as it gives you based on assets attached to a task (here T8.1) the way we intend to link (orchestrate) altogether the assets we have, to achieve some of the new (innovative) functionalities that would be offered by the targeted enabler (here Security monitoring GE). It can be used as it is here to depict degree of complementarity (also overlap if any) of the assets we have selected to achieve GE functionalities. Furthermore it can be used to clearly identify gaps we have and so that we would have to cover either through developments at the level of this (T8.1) team (e.g. network topology) or to be addressed through Open Calls to come. Materializing the way we see our assets working together to deliver GEs (innovative) functionalities would also force us to also address and start detailing the enhancements or changes we see in each of them (this being seen as as many features to be reported in the features backlog we are busy with). Last but not least it can also help us to figure out we would be requested from other ATs (this is especially true in the attached slide for what concerns CMDB we would need to achieve our targeted functionalities). Hope this email would be helpful to you and that with this email and slide we could produce similar slides for each of the GEs owned at the level of each of your task. To be further discussed with you at our next audio conference. Would appreciate if you could come up at our audio conf of Friday with similar slides from your side to be introduced and discussed as it can only help us to make progress on this. Hearing from you and talk with you on Friday. Best Regards, Pascal -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: The Slide.ppt Type: application/vnd.ms-powerpoint Size: 196608 bytes Desc: The Slide.ppt URL: From gabor.marton at nsn.com Fri Jul 29 10:27:14 2011 From: gabor.marton at nsn.com (Marton, Gabor (NSN - HU/Budapest)) Date: Fri, 29 Jul 2011 11:27:14 +0300 Subject: [Fiware-security] FW: FI-WARE - Security AT - Message-ID: <57CF2CA7825F474DACFAEB9EA1ED3A54045090CD@FIESEXC014.nsn-intra.net> Following Pascal, I am also forwarding the T8.2-related slide to the list. G?bor ________________________________ From: Marton, Gabor (NSN - HU/Budapest) Sent: Thursday, July 28, 2011 6:36 PM To: 'ext BISSON Pascal'; Antonio Garcia Vazquez; Rodrigo Diaz Rodriguez; TRABELSI, Slim; Seidl, Robert (NSN - DE/Munich) Cc: GIDOIN Daniel; Michael Osborne; Jan Camenisch; TRABELSI, Slim; LELEU Philippe Subject: RE: FI-WARE - Security AT - Dear All, please find attached an assessment for T8.2. Comparing the currently described GEs with the available assets immediately reveals that we have a lot to do for harmonizing them (a few assets are exposed as GEs, the rest is not at all currently). Another observation is that most of the assets target privacy protection --> we're facing a challenge of making all of them part of a consistent offer. Kind regards, G?bor ________________________________ From: ext BISSON Pascal [mailto:pascal.bisson at thalesgroup.com] Sent: Wednesday, July 27, 2011 11:28 AM To: Antonio Garcia Vazquez; Rodrigo Diaz Rodriguez; TRABELSI, Slim; Seidl, Robert (NSN - DE/Munich); Marton, Gabor (NSN - HU/Budapest) Cc: BISSON Pascal; GIDOIN Daniel; Michael Osborne; Jan Camenisch; TRABELSI, Slim; LELEU Philippe Subject: FI-WARE - Security AT - Importance: High Dear Task leaders, The slide attached even if still incomplete (but Daniel is working hard its completion with the rest of the T8.1 team) gives you an idea of what I was requesting - among others - as per last audio conf minutes (see 22/07/11 audio conf minutes). This slides is interesting in many respects as it gives you based on assets attached to a task (here T8.1) the way we intend to link (orchestrate) altogether the assets we have, to achieve some of the new (innovative) functionalities that would be offered by the targeted enabler (here Security monitoring GE). It can be used as it is here to depict degree of complementarity (also overlap if any) of the assets we have selected to achieve GE functionalities. Furthermore it can be used to clearly identify gaps we have and so that we would have to cover either through developments at the level of this (T8.1) team (e.g. network topology) or to be addressed through Open Calls to come. Materializing the way we see our assets working together to deliver GEs (innovative) functionalities would also force us to also address and start detailing the enhancements or changes we see in each of them (this being seen as as many features to be reported in the features backlog we are busy with). Last but not least it can also help us to figure out we would be requested from other ATs (this is especially true in the attached slide for what concerns CMDB we would need to achieve our targeted functionalities). Hope this email would be helpful to you and that with this email and slide we could produce similar slides for each of the GEs owned at the level of each of your task. To be further discussed with you at our next audio conference. Would appreciate if you could come up at our audio conf of Friday with similar slides from your side to be introduced and discussed as it can only help us to make progress on this. Hearing from you and talk with you on Friday. Best Regards, Pascal -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: The Slide - T8.2 assessment by NSN.ppt Type: application/vnd.ms-powerpoint Size: 131072 bytes Desc: The Slide - T8.2 assessment by NSN.ppt URL: