My view on this is that we probably have to be prepared to cover both. (if you look at the Cloud chapter it is clear we will have groups to deal with ...) To be further discussed with you tomorrow. Regards, Pascal De : Seidl, Robert (NSN - DE/Munich) [mailto:robert.seidl at nsn.com] Envoyé : lundi 11 juillet 2011 12:07 À : BISSON Pascal Cc : fiware-security at lists.fi-ware.eu Objet : RE: [Fiware-security] TR: Fi-ware security GE - Review Hi Pascal, coming back to the question: "Identity Management Are there also some group functionalities or are there only single identities for users and things?" To my knowledge we are dealing so far with single identities, but the partner contributions can be extended to support group functionalities. Issue is what is special to a group functionality, or does it basically comes back to the behaviour of a single identity? We can discuss this tomorrow. Greetings Robert ________________________________ From: fiware-security-bounces at lists.fi-ware.eu [mailto:fiware-security-bounces at lists.fi-ware.eu] On Behalf Of ext BISSON Pascal Sent: Friday, July 08, 2011 4:55 PM To: Fiware-Security (fiware-security at lists.fi-ware.eu) Subject: [Fiware-security] TR: Fi-ware security GE - Review Dear All, Here are the comments we got from the peer-review of our Security chapter which was performed by WP3 (Horst Stein/DT) In view of the comments I would ask each of the Task leaders and/or GE enablers to which they are targeted to provide me with their answer in order to interact with them and elaborate shared and agreed answer we can give (this including some redrafting which might be needed to clarify things and so improve overall quality of our Chapter) Useless to say any of you is more than welcome to contribute/participate to the answers to be given here. So hearing from the task leads and you all to improve our Security chapter in view of the comments raised by WP3 reviewer. Best Regards, Pascal De : fiware-apps-bounces at lists.fi-ware.eu [mailto:fiware-apps-bounces at lists.fi-ware.eu] De la part de Horst.Stein at telekom.de Envoyé : vendredi 8 juillet 2011 15:14 À : fiware-apps at lists.fi-ware.eu Objet : [Fiware-apps] Fi-ware security GE - Review Hi Andreas and all, Here are some comments on the Security chapter with respect to WP3 issues: Security Monitoring Enabler It is not clear which interfaces to services and composition environments are needed for the monitoring process. Infos provided on pg 7 are very general: Firewalls, Intrusion Detection Systems, Security and Event Managers, ... wireless events agents ... Especially business risk impact evaluation sounds interesting, but it is not part of the figure 3 and not clear how a relationship with a real business application produced e.g. by our composition tools could be realised. At this level of description it's unclear how e.g. a sql intrusion attack on application level is monitored or the business risk is evaluated. Identity Management Are there also some group functionalities or are there only single identities for users and things? PPL Engine Is there an own grafical user interface for the end user to control his attributes? What are the interfaces to applications or services? Context-based security and compliance Not clear if this is related to WP3: Is it filter of security enablers (which one?) to fit with "very specific regulatory constraints" and monitoring of system performance? If this is an USDL extension, what is the influence on applications which are described in USDL and consumed via the marketplace? Optional security service enabler Not understood, is it an extension of USDL with security features (see above)? "The goal is to make easily extendible the security service description for customized services. This functionality will encourage all developers to define and describe their won services through the USDL standard by adding new functionalities .." pg18 Are there any relations to applications and composition tools, what are the effects on applications or user security? Best regards and nice weekend Horst ________________________________________________ Deutsche Telekom AG Laboratories Dr. Horst Stein Winterfeldtstrasse 21, D-10781 Berlin +49 30 835358637 (Tel) +49 391 53477987 +49 1605326264 (Mobil) http://www.laboratories.telekom.com E-Mail: horst.stein at telekom.de<mailto:horst.stein at telekom.de> Erleben, was verbindet. Deutsche Telekom AG Aufsichtsrat: Prof. Dr. Ulrich Lehner (Vorsitzender) Vorstand: René Obermann (Vorsitzender), Hamid Akhavan, Dr. Manfred Balz, Reinhard Clemens, Niek Jan van Damme, Timotheus Höttges, Guido Kerkhoff, Thomas Sattelberger Handelsregister: Amtsgericht Bonn HRB 6794 Sitz der Gesellschaft: Bonn WEEE-Reg.-Nr. DE50478376 -------------- next part -------------- An HTML attachment was scrubbed... URL: <https://lists.fiware.org/private/old-fiware-security/attachments/20110711/05e30531/attachment.html>
You can get more information about our cookies and privacy policies clicking on the following links: Privacy policy Cookies policy