From robert.seidl at nsn.com Wed Jun 1 09:40:30 2011 From: robert.seidl at nsn.com (Seidl, Robert (NSN - DE/Munich)) Date: Wed, 1 Jun 2011 09:40:30 +0200 Subject: [Fiware-security] FW: FI-WARE - WP8 - T8.2 partner assets --> partner contribution needed Message-ID: <70B7C2744D52BB4282F0E0D3DC965E0C04E2CC46@DEMUEXC006.nsn-intra.net> Hi all, this is just to remind all of you, who have not done so far, to contribute your detailed asset description to the attached document for task 8.2. Deadline is end of this week. Greetings Robert ________________________________ From: ext TRABELSI, Slim [mailto:slim.trabelsi at sap.com] Sent: Tuesday, May 31, 2011 10:43 AM To: Seidl, Robert (NSN - DE/Munich) Cc: Fiware-security at lists.fi-ware.eu Subject: RE: FI-WARE - WP8 - T8.2 partner assets --> partner contribution needed Hi Robert, You can find the description asset of SAP. This asset is strongly related to IBM's one, since one compoenent is designed and developed by IBM (Credential Handler). SAP and IBM assets will work together for delivering the PPL engine asset with the Credential and IDMix capabilities. Thank you Regards Slim From: Seidl, Robert (NSN - DE/Munich) [mailto:robert.seidl at nsn.com] Sent: jeudi 26 mai 2011 18:12 To: ext BISSON Pascal; Fiware-security at lists.fi-ware.eu Cc: Marton, Gabor (NSN - HU/Budapest); Antonio Garcia Vazquez; Pedro Soria Rodriguez; TRABELSI, Slim; Schaad, Andreas; Michael Osborne; SIEUX Corinne; Philippe.LELEU at fr.thalesgroup.com; GIDOIN Daniel; EGAN Richard Subject: FI-WARE - WP8 - T8.2 partner assets --> partner contribution needed Hi WP8, we need to collect all the assets from each partner (to be provided in template form). I collected the input I received so far and included as well the input I collected during our physical meeting in Madrid. Still some input is missing and also some detailed descriptons according to our template. To be concrete follwing is missing or at least to be checked if the asset is still valid: SAP IBM Thales Orange DTAG INRIA It would be nice if you could provide the missing input as soon as possible. Greetings Robert -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: WP8 Description of the Security Asset v01_SAP.docx Type: application/vnd.openxmlformats-officedocument.wordprocessingml.document Size: 634439 bytes Desc: WP8 Description of the Security Asset v01_SAP.docx URL: From robert.seidl at nsn.com Fri Jun 3 11:02:32 2011 From: robert.seidl at nsn.com (Seidl, Robert (NSN - DE/Munich)) Date: Fri, 3 Jun 2011 11:02:32 +0200 Subject: [Fiware-security] FI-WARE - WP8 - T8.2 partner assets --> partner contribution needed Message-ID: <70B7C2744D52BB4282F0E0D3DC965E0C04E69ACF@DEMUEXC006.nsn-intra.net> Hi all, please find attached the newest version of the partner assets of task T8.2. Missing input from following partners: Thales: should I delete the additional mentioned assets (see document)? Orange: no input so far INIRA: no input so far Please provide the missing input. Greetings and have a nice weekend Robert ________________________________ From: Seidl, Robert (NSN - DE/Munich) Sent: Wednesday, June 01, 2011 9:41 AM To: Fiware-security at lists.fi-ware.eu Subject: FW: FI-WARE - WP8 - T8.2 partner assets --> partner contribution needed Hi all, this is just to remind all of you, who have not done so far, to contribute your detailed asset description to the attached document for task 8.2. Deadline is end of this week. Greetings Robert ________________________________ From: ext TRABELSI, Slim [mailto:slim.trabelsi at sap.com] Sent: Tuesday, May 31, 2011 10:43 AM To: Seidl, Robert (NSN - DE/Munich) Cc: Fiware-security at lists.fi-ware.eu Subject: RE: FI-WARE - WP8 - T8.2 partner assets --> partner contribution needed Hi Robert, You can find the description asset of SAP. This asset is strongly related to IBM's one, since one compoenent is designed and developed by IBM (Credential Handler). SAP and IBM assets will work together for delivering the PPL engine asset with the Credential and IDMix capabilities. Thank you Regards Slim From: Seidl, Robert (NSN - DE/Munich) [mailto:robert.seidl at nsn.com] Sent: jeudi 26 mai 2011 18:12 To: ext BISSON Pascal; Fiware-security at lists.fi-ware.eu Cc: Marton, Gabor (NSN - HU/Budapest); Antonio Garcia Vazquez; Pedro Soria Rodriguez; TRABELSI, Slim; Schaad, Andreas; Michael Osborne; SIEUX Corinne; Philippe.LELEU at fr.thalesgroup.com; GIDOIN Daniel; EGAN Richard Subject: FI-WARE - WP8 - T8.2 partner assets --> partner contribution needed Hi WP8, we need to collect all the assets from each partner (to be provided in template form). I collected the input I received so far and included as well the input I collected during our physical meeting in Madrid. Still some input is missing and also some detailed descriptons according to our template. To be concrete follwing is missing or at least to be checked if the asset is still valid: SAP IBM Thales Orange DTAG INRIA It would be nice if you could provide the missing input as soon as possible. Greetings Robert -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: WP8 Description of the Security Asset v02.docx Type: application/octet-stream Size: 1703714 bytes Desc: WP8 Description of the Security Asset v02.docx URL: From gabor.marton at nsn.com Fri Jun 3 17:56:45 2011 From: gabor.marton at nsn.com (Marton, Gabor (NSN - HU/Budapest)) Date: Fri, 3 Jun 2011 18:56:45 +0300 Subject: [Fiware-security] FI-WARE - WP8 - Input document to D2.1a (Check !) In-Reply-To: <70B7C2744D52BB4282F0E0D3DC965E0C04DB3555@DEMUEXC006.nsn-intra.net> References: <2865_1306330715_4DDD065B_2865_6562_1_e43bee6a-e79d-4c60-b3f8-6c7f77b52a76@THSONEA01HUB06P.one.grp> <70B7C2744D52BB4282F0E0D3DC965E0C04DB3555@DEMUEXC006.nsn-intra.net> Message-ID: <57CF2CA7825F474DACFAEB9EA1ED3A540413CD73@FIESEXC014.nsn-intra.net> Dear All, please find a new version the section 3.1.2.2 Identity and Access Management, Privacy attached. This section now also includes Privacy, and there also is a reference to Trust in it, though only as a question for the time being, with no final conclusion. Dear Jan, if you find it appropriate, please extend the description with IdeMix (Robert told me that you would be the one doing it). Once the section on Authorization and usage control policies is also written, we should see how much it overlaps with the above section and do a realignment if needed. Kind regards, G?bor ________________________________ From: Seidl, Robert (NSN - DE/Munich) Sent: Thursday, May 26, 2011 4:28 PM To: ext BISSON Pascal; Fiware-security at lists.fi-ware.eu Cc: Marton, Gabor (NSN - HU/Budapest); Antonio Garcia Vazquez; Pedro Soria Rodriguez; TRABELSI, Slim; Schaad, Andreas; Michael Osborne; SIEUX Corinne; Philippe.LELEU at fr.thalesgroup.com; GIDOIN Daniel; EGAN Richard Subject: RE: FI-WARE - WP8 - Input document to D2.1a (Check !) Hi all, concerning this AI my proposal is to mention 4 enablers for T8.2, according to our description of work: - Identity and access management - Authorization and usage control policies - Privacy and Trust - Auditing This might still be discussed during our audio conf. tomorrow. Nevertheless as a first step I provided the chapter in the attached document as a placeholder. I also copied the relevant text from the DoW to the chapters. Since this can not be handled by NSN alone (deadline end of this month), we are looking for partners feeling responsible for one of the above mentioned enablers. For NSN we could volunteer to take "Identity and Privacy Management". OTHER PARTNERS PLEASE MENTION WHICH ONE YOU WANT TO VOLUNTEER. We will discuss this in our telco tomorrow as well. Goal is having a nearly ready version next Monday EOB, in order to send it for review. Greetings Robert ________________________________ From: ext BISSON Pascal [mailto:pascal.bisson at thalesgroup.com] Sent: Wednesday, May 25, 2011 3:39 PM To: Fiware-security at lists.fi-ware.eu Cc: Seidl, Robert (NSN - DE/Munich); Marton, Gabor (NSN - HU/Budapest); Antonio Garcia Vazquez; Pedro Soria Rodriguez; TRABELSI, Slim; Schaad, Andreas; Michael Osborne; SIEUX Corinne; BISSON Pascal; Philippe.LELEU at fr.thalesgroup.com; GIDOIN Daniel; EGAN Richard Subject: FI-WARE - WP8 - Input document to D2.1a (Check !) Importance: High Dear WP8 Collagues, This just to let you that I took the template of D2.1 as provided by TID and started to fill it in for what concerns Generic enabler resulting from T8.1. After a first check with Daniel who is leading T8.1 you will find on the repository and at the following address what we came up with for what concerns the GE resulting from T8.1. http://forge.fi-ware.eu/docman/view.php/19/64/FI-WARE+High-Level+Description+25-05-11+v0.1-SecurityAT-THA.doc Of course Daniel as T8.1 lead would now continue the work with support of WP8 partners involved in this task (aka ATOS, TID,FT and INRIA) especially in view of responsibilities defined (so T8.1 partners please check ! get engaged and contribute asap to complete this first draft to be discussed at our next audio - to take place this Friday !). As for tasks T8.2, T8.3 and T8.4 I would ask respectively Robert/Marton/NSN, Antonio/Pedro/ATOS and Slim/Andreas to get inspired by what has been delivered so far for T8.1 and produce similar high-level descriptions of the Generic Security enablers that would result from their tasks. Such input is expected to be provided prior to our audio conference of Friday. This even if as a first draft that would need to be refined (bear in mind here we target a first complete draft based on input of each of the WP8 tasks by end of this month !). Being said so far I haven't seen so many traffic at Task level I hope with this message all task leaders would take necessary steps to revive things and delivered as expected. Counting on the task leaders and each of you to have it done. Talk to you all on Friday (will open the audio conf at 10am sharp ! As you can imagine most of our audio would be to review the initial draft on input document to D2.1a ...). Best Regards, Pascal PS: Please follow instructions (as we did) given by TID in the document (among others notice GE description should not exceed 4-5 pages max !) -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: FI-WARE High-Level Description 25-05-11 v0.1-SecurityAT-THA_NSNv3.doc Type: application/msword Size: 967680 bytes Desc: FI-WARE High-Level Description 25-05-11 v0.1-SecurityAT-THA_NSNv3.doc URL: From Olivier.Festor at inria.fr Sun Jun 5 07:50:22 2011 From: Olivier.Festor at inria.fr (Olivier Festor) Date: Sun, 5 Jun 2011 07:50:22 +0200 Subject: [Fiware-security] INRIA Assets for 8.1 Message-ID: Dear all please find attached the description of the two assets from INRIA regarding 8.1 (SmartPhone Flow Monitoring : which should be in 8.1 instead of 8.4; + the Vulnerability assessment framework) Given the limited interest in the IoT fuzzing framework and the actual effort we put already on the other 4, please remove this oen from the list. Best Regards /Olivier Festor -------------- next part -------------- A non-text attachment was scrubbed... Name: Assets_MADYNES_8_1.docx Type: application/vnd.openxmlformats-officedocument.wordprocessingml.document Size: 24564 bytes Desc: not available URL: From Olivier.Festor at inria.fr Sun Jun 5 08:33:29 2011 From: Olivier.Festor at inria.fr (Olivier Festor) Date: Sun, 5 Jun 2011 08:33:29 +0200 Subject: [Fiware-security] INRIA 8.4 Assets Message-ID: Please find the INRIA Asset for 8.4 -------------- next part -------------- A non-text attachment was scrubbed... Name: Assets_8_4_CARTE.docx Type: application/vnd.openxmlformats-officedocument.wordprocessingml.document Size: 147674 bytes Desc: not available URL: From Olivier.Festor at inria.fr Sun Jun 5 08:36:24 2011 From: Olivier.Festor at inria.fr (Olivier Festor) Date: Sun, 5 Jun 2011 08:36:24 +0200 Subject: [Fiware-security] INRIA 8.2 assets Message-ID: Dear all in case you did not receive them before already, please find the INRIA assets for 8.2. We have now submitted all the asset descriptions for those assets that raised interest in the project so far. Best Regards /Olivier Festor -------------- next part -------------- A non-text attachment was scrubbed... Name: Assets_INRIA_DLM.docx Type: application/vnd.openxmlformats-officedocument.wordprocessingml.document Size: 1723155 bytes Desc: not available URL: From robert.seidl at nsn.com Mon Jun 6 08:50:40 2011 From: robert.seidl at nsn.com (Seidl, Robert (NSN - DE/Munich)) Date: Mon, 6 Jun 2011 08:50:40 +0200 Subject: [Fiware-security] FI-WARE - WP8 - T8.2 partner assets --> partner contribution needed Message-ID: <70B7C2744D52BB4282F0E0D3DC965E0C04E6A032@DEMUEXC006.nsn-intra.net> Dear partners, please find attached the newest version for T8.2 assets based on the inputs I received so far. Still missing: Thales: should I delete the additional mentioned assets (see document)? Orange: no input so far INIRA: input received, please adapt your input to the format used in the document (mentioning Maturity, IPR, Enablers, ...) DT: should I delete the additional mentioned assets (see document)? Many thanks in advance Robert ________________________________ From: Seidl, Robert (NSN - DE/Munich) Sent: Friday, June 03, 2011 11:03 AM To: 'Fiware-security at lists.fi-ware.eu' Subject: RE: FI-WARE - WP8 - T8.2 partner assets --> partner contribution needed Hi all, please find attached the newest version of the partner assets of task T8.2. Missing input from following partners: Thales: should I delete the additional mentioned assets (see document)? Orange: no input so far INIRA: no input so far Please provide the missing input. Greetings and have a nice weekend Robert ________________________________ From: Seidl, Robert (NSN - DE/Munich) Sent: Wednesday, June 01, 2011 9:41 AM To: Fiware-security at lists.fi-ware.eu Subject: FW: FI-WARE - WP8 - T8.2 partner assets --> partner contribution needed Hi all, this is just to remind all of you, who have not done so far, to contribute your detailed asset description to the attached document for task 8.2. Deadline is end of this week. Greetings Robert ________________________________ From: ext TRABELSI, Slim [mailto:slim.trabelsi at sap.com] Sent: Tuesday, May 31, 2011 10:43 AM To: Seidl, Robert (NSN - DE/Munich) Cc: Fiware-security at lists.fi-ware.eu Subject: RE: FI-WARE - WP8 - T8.2 partner assets --> partner contribution needed Hi Robert, You can find the description asset of SAP. This asset is strongly related to IBM's one, since one compoenent is designed and developed by IBM (Credential Handler). SAP and IBM assets will work together for delivering the PPL engine asset with the Credential and IDMix capabilities. Thank you Regards Slim From: Seidl, Robert (NSN - DE/Munich) [mailto:robert.seidl at nsn.com] Sent: jeudi 26 mai 2011 18:12 To: ext BISSON Pascal; Fiware-security at lists.fi-ware.eu Cc: Marton, Gabor (NSN - HU/Budapest); Antonio Garcia Vazquez; Pedro Soria Rodriguez; TRABELSI, Slim; Schaad, Andreas; Michael Osborne; SIEUX Corinne; Philippe.LELEU at fr.thalesgroup.com; GIDOIN Daniel; EGAN Richard Subject: FI-WARE - WP8 - T8.2 partner assets --> partner contribution needed Hi WP8, we need to collect all the assets from each partner (to be provided in template form). I collected the input I received so far and included as well the input I collected during our physical meeting in Madrid. Still some input is missing and also some detailed descriptons according to our template. To be concrete follwing is missing or at least to be checked if the asset is still valid: SAP IBM Thales Orange DTAG INRIA It would be nice if you could provide the missing input as soon as possible. Greetings Robert -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: WP8 Description of the Security Asset v03.docx Type: application/octet-stream Size: 1700962 bytes Desc: WP8 Description of the Security Asset v03.docx URL: From pascal.bisson at thalesgroup.com Mon Jun 6 09:16:59 2011 From: pascal.bisson at thalesgroup.com (BISSON Pascal) Date: Mon, 6 Jun 2011 09:16:59 +0200 Subject: [Fiware-security] FI-WARE - WP8 - Audio-conf of today 06/06/2011 (10am-12am) Message-ID: <16686_1307344621_4DEC7EEC_16686_5488_1_32ba065c-8d89-4319-91ac-78604dac3a9c@THSONEA01HUB04P.one.grp> Dear All, Find hereafter the details to join our WP8 audio-conf of today (in replacement of the one planned last Friday). Details to join conf call:+33 1 72 16 96 50 Talk to you at 10am. Regards, Pascal -------------- next part -------------- An HTML attachment was scrubbed... URL: From pascal.bisson at thalesgroup.com Mon Jun 6 09:55:41 2011 From: pascal.bisson at thalesgroup.com (BISSON Pascal) Date: Mon, 6 Jun 2011 09:55:41 +0200 Subject: [Fiware-security] FI-WARE - WP8 - Minutes today's audio In-Reply-To: References: <4484_1306515465_4DDFD809_4484_11690_1_b40d3782-7950-4f70-990e-1433f3ad9b74@THSONEA01HUB04P.one.grp> Message-ID: <15768_1307346947_4DEC8803_15768_934_1_e96f7a4a-608c-4988-946a-7b1f0e324761@THSONEA01HUB06P.one.grp> Hi Slim, It's a pity that no one from SAP could attend our audio conf of today being said SAP is leading T8.4. In the meantime I would appreciate if you could provide me with a short report on what has been achieved on task T8.4 and also deliver to me what was requesting from you side as T8.4 lead (see minutes of our last audio conf). Most importantly/urgently here I would need: ? consolidated list of assets attached to T8.4 with their descriptions, ? T8.4 consolidated input to D2.1a Looking forward hearing from you on the topic and receiving the requested input in order to continue to consolidate at WP8 level our input to D2.1a. Thanks in advance. Best Regards, Pascal De : TRABELSI, Slim [mailto:slim.trabelsi at sap.com] Envoy? : lundi 6 juin 2011 00:31 ? : BISSON Pascal Objet : RE: FI-WARE - WP8 - Minutes today's audio Hi Pascal, No one from SAP will be able to attend the call tomorrow. Regards Slim From: BISSON Pascal [mailto:pascal.bisson at thalesgroup.com] Sent: vendredi 27 mai 2011 18:58 To: fiware-security at lists.fi-ware.eu Cc: BISSON Pascal; Corinne.SIEUX at fr.thalesgroup.com; GIDOIN Daniel; Michael Osborne; Jan Camenisch; Seidl, Robert (NSN - DE/Munich); Antonio Garcia Vazquez; Schaad, Andreas; TRABELSI, Slim Subject: FI-WARE - WP8 - Minutes today's audio Dear All, Minutes of our weekly audio conf of today have been uploaded on project repository and are now available at the following address: http://forge.fi-ware.eu/docman/view.php/19/82/WP8+Audio-conf+27052011Minutes+.doc In those minutes as you will see there are actions to be performed for ALL. I thus recommend each of you and especially those you were not attending (IBM, DT, FT-Orange & INRIA) to have a careful look at those minutes and perform actions as expected. Being said Task leaders would need your full support to consolidate at task level their input to D2.1a and have it delivered according to the set deadline (June 3rd EOB) I'm now counting on each of you to provide them with your full support to meet the set deadline and deliver high quality contribution. Best Regards, Pascal PS: Minutes of our today's audio are also attached to this mail for your convenience. -------------- next part -------------- An HTML attachment was scrubbed... URL: From antonio.garcia at atosresearch.eu Mon Jun 6 09:59:45 2011 From: antonio.garcia at atosresearch.eu (Antonio Garcia Vazquez) Date: Mon, 6 Jun 2011 09:59:45 +0200 Subject: [Fiware-security] FI-WARE Wp8.3 documentation Message-ID: <0385F69C47D8694EA885D34BE18BCCC402E69F33@INTMAIL02.es.int.atosorigin.com> Good morning, Find the Assets document & M2 contribution for WP8.3 Regards ************************************ * Antonio Garc?a V?zquez * * (+34) 91 214 9384 * * antonio.garcia at atosresearch.eu * ************************************ ------------------------------------------------------------------ This e-mail and the documents attached are confidential and intended solely for the addressee; it may also be privileged. If you receive this e-mail in error, please notify the sender immediately and destroy it. As its integrity cannot be secured on the Internet, the Atos Origin group liability cannot be triggered for the message content. Although the sender endeavours to maintain a computer virus-free network, the sender does not warrant that this transmission is virus-free and will not be liable for any damages resulting from any virus transmitted. Este mensaje y los ficheros adjuntos pueden contener informacion confidencial destinada solamente a la(s) persona(s) mencionadas anteriormente pueden estar protegidos por secreto profesional. Si usted recibe este correo electronico por error, gracias por informar inmediatamente al remitente y destruir el mensaje. Al no estar asegurada la integridad de este mensaje sobre la red, Atos Origin no se hace responsable por su contenido. Su contenido no constituye ningun compromiso para el grupo Atos Origin, salvo ratificacion escrita por ambas partes. Aunque se esfuerza al maximo por mantener su red libre de virus, el emisor no puede garantizar nada al respecto y no sera responsable de cualesquiera danos que puedan resultar de una transmision de virus. ------------------------------------------------------------------ -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: WP 8.3.zip Type: application/x-zip-compressed Size: 1578442 bytes Desc: WP 8.3.zip URL: From slim.trabelsi at sap.com Mon Jun 6 11:30:20 2011 From: slim.trabelsi at sap.com (TRABELSI, Slim) Date: Mon, 6 Jun 2011 11:30:20 +0200 Subject: [Fiware-security] FI-WARE - WP8 - Minutes today's audio In-Reply-To: <15768_1307346947_4DEC8803_15768_934_1_e96f7a4a-608c-4988-946a-7b1f0e324761@THSONEA01HUB06P.one.grp> References: <4484_1306515465_4DDFD809_4484_11690_1_b40d3782-7950-4f70-990e-1433f3ad9b74@THSONEA01HUB04P.one.grp> , <15768_1307346947_4DEC8803_15768_934_1_e96f7a4a-608c-4988-946a-7b1f0e324761@THSONEA01HUB06P.one.grp> Message-ID: Hi Pascal, Sorry again for ot participating to the call, but I'm currently in a meeting out of office. Here are the assetes and the updated description of the Task8.4 thank you regards Slim ________________________________ From: BISSON Pascal [pascal.bisson at thalesgroup.com] Sent: Monday, June 06, 2011 9:55 AM To: TRABELSI, Slim Cc: fiware-security at lists.fi-ware.eu; GIDOIN Daniel; SIEUX Corinne; Schaad, Andreas Subject: RE: FI-WARE - WP8 - Minutes today's audio Hi Slim, It?s a pity that no one from SAP could attend our audio conf of today being said SAP is leading T8.4. In the meantime I would appreciate if you could provide me with a short report on what has been achieved on task T8.4 and also deliver to me what was requesting from you side as T8.4 lead (see minutes of our last audio conf). Most importantly/urgently here I would need: ? consolidated list of assets attached to T8.4 with their descriptions, ? T8.4 consolidated input to D2.1a Looking forward hearing from you on the topic and receiving the requested input in order to continue to consolidate at WP8 level our input to D2.1a. Thanks in advance. Best Regards, Pascal De : TRABELSI, Slim [mailto:slim.trabelsi at sap.com] Envoy? : lundi 6 juin 2011 00:31 ? : BISSON Pascal Objet : RE: FI-WARE - WP8 - Minutes today's audio Hi Pascal, No one from SAP will be able to attend the call tomorrow. Regards Slim From: BISSON Pascal [mailto:pascal.bisson at thalesgroup.com] Sent: vendredi 27 mai 2011 18:58 To: fiware-security at lists.fi-ware.eu Cc: BISSON Pascal; Corinne.SIEUX at fr.thalesgroup.com; GIDOIN Daniel; Michael Osborne; Jan Camenisch; Seidl, Robert (NSN - DE/Munich); Antonio Garcia Vazquez; Schaad, Andreas; TRABELSI, Slim Subject: FI-WARE - WP8 - Minutes today's audio Dear All, Minutes of our weekly audio conf of today have been uploaded on project repository and are now available at the following address: http://forge.fi-ware.eu/docman/view.php/19/82/WP8+Audio-conf+27052011Minutes+.doc In those minutes as you will see there are actions to be performed for ALL. I thus recommend each of you and especially those you were not attending (IBM, DT, FT-Orange & INRIA) to have a careful look at those minutes and perform actions as expected. Being said Task leaders would need your full support to consolidate at task level their input to D2.1a and have it delivered according to the set deadline (June 3rd EOB) I?m now counting on each of you to provide them with your full support to meet the set deadline and deliver high quality contribution. Best Regards, Pascal PS: Minutes of our today?s audio are also attached to this mail for your convenience. -------------- next part -------------- A non-text attachment was scrubbed... Name: Task 8.4.zip Type: application/x-zip-compressed Size: 1606621 bytes Desc: Task 8.4.zip URL: From pascal.bisson at thalesgroup.com Mon Jun 6 11:42:42 2011 From: pascal.bisson at thalesgroup.com (BISSON Pascal) Date: Mon, 6 Jun 2011 11:42:42 +0200 Subject: [Fiware-security] FI-WARE - WP8 - Minutes today's audio In-Reply-To: References: <4484_1306515465_4DDFD809_4484_11690_1_b40d3782-7950-4f70-990e-1433f3ad9b74@THSONEA01HUB04P.one.grp> , <15768_1307346947_4DEC8803_15768_934_1_e96f7a4a-608c-4988-946a-7b1f0e324761@THSONEA01HUB06P.one.grp> Message-ID: <28963_1307353365_4DECA115_28963_15407_1_CBBCD6C304123F4AB23FAAE3055C8C0E0200F05CF10E@THSONEA01CMS04P.one.grp> Many thanks Slim. Best Regards, Pascal -----Message d'origine----- De?: TRABELSI, Slim [mailto:slim.trabelsi at sap.com] Envoy??: lundi 6 juin 2011 11:30 ??: BISSON Pascal Cc?: fiware-security at lists.fi-ware.eu; Schaad, Andreas Objet?: RE: FI-WARE - WP8 - Minutes today's audio Hi Pascal, Sorry again for ot participating to the call, but I'm currently in a meeting out of office. Here are the assetes and the updated description of the Task8.4 thank you regards Slim ________________________________ From: BISSON Pascal [pascal.bisson at thalesgroup.com] Sent: Monday, June 06, 2011 9:55 AM To: TRABELSI, Slim Cc: fiware-security at lists.fi-ware.eu; GIDOIN Daniel; SIEUX Corinne; Schaad, Andreas Subject: RE: FI-WARE - WP8 - Minutes today's audio Hi Slim, It's a pity that no one from SAP could attend our audio conf of today being said SAP is leading T8.4. In the meantime I would appreciate if you could provide me with a short report on what has been achieved on task T8.4 and also deliver to me what was requesting from you side as T8.4 lead (see minutes of our last audio conf). Most importantly/urgently here I would need: . consolidated list of assets attached to T8.4 with their descriptions, . T8.4 consolidated input to D2.1a Looking forward hearing from you on the topic and receiving the requested input in order to continue to consolidate at WP8 level our input to D2.1a. Thanks in advance. Best Regards, Pascal De : TRABELSI, Slim [mailto:slim.trabelsi at sap.com] Envoy? : lundi 6 juin 2011 00:31 ? : BISSON Pascal Objet : RE: FI-WARE - WP8 - Minutes today's audio Hi Pascal, No one from SAP will be able to attend the call tomorrow. Regards Slim From: BISSON Pascal [mailto:pascal.bisson at thalesgroup.com] Sent: vendredi 27 mai 2011 18:58 To: fiware-security at lists.fi-ware.eu Cc: BISSON Pascal; Corinne.SIEUX at fr.thalesgroup.com; GIDOIN Daniel; Michael Osborne; Jan Camenisch; Seidl, Robert (NSN - DE/Munich); Antonio Garcia Vazquez; Schaad, Andreas; TRABELSI, Slim Subject: FI-WARE - WP8 - Minutes today's audio Dear All, Minutes of our weekly audio conf of today have been uploaded on project repository and are now available at the following address: http://forge.fi-ware.eu/docman/view.php/19/82/WP8+Audio-conf+27052011Minutes+.doc In those minutes as you will see there are actions to be performed for ALL. I thus recommend each of you and especially those you were not attending (IBM, DT, FT-Orange & INRIA) to have a careful look at those minutes and perform actions as expected. Being said Task leaders would need your full support to consolidate at task level their input to D2.1a and have it delivered according to the set deadline (June 3rd EOB) I'm now counting on each of you to provide them with your full support to meet the set deadline and deliver high quality contribution. Best Regards, Pascal PS: Minutes of our today's audio are also attached to this mail for your convenience. From pascal.bisson at thalesgroup.com Mon Jun 6 18:49:48 2011 From: pascal.bisson at thalesgroup.com (BISSON Pascal) Date: Mon, 6 Jun 2011 18:49:48 +0200 Subject: [Fiware-security] FI-PPP - WP8 - Audio conf of today (06/06/2011) Minutes Message-ID: <14824_1307378993_4DED0531_14824_7182_1_d2e00ce6-4cc0-4f39-8173-9c6cfb97bd6a@THSONEA01HUB06P.one.grp> Dear All, Please find attached to this email the minutes of our audio conf of today: Participants: Adrian Waller (TRT-UK) Antonio Garcia Vazquez (ATOS) Robert Seidl (NSN) Gabor Marton (NSN) Pascal Bisson (Thales) Missing participants: Slim Trabelsi (SAP) (excused) Daniel Gidoin (Thales) (excused) Philippe Leleu (Thales) Olivier Festor (INRIA) Jean-Yves Marion (INRIA) (excused) Jan Camenisch (IBM) Michael Osborne (IBM) Wolfgang Steigerwald (DT) Xavier Aghina (FT-Orange) Daniel Le Metayer (INRIA) Minutes: 1. We first review progress achieved at task level since last audio conf this more specifically in view of what was requested by each of the task leaders * Report on Task T8.1 (Thales) * Daniel was not there to report progress on this task. (Action ->Daniel: to report on progress and send urgently the following documents: 1. Complete Textual Description of all assets attached to T8.1 (so process information sent by INRIA and call for missing information from others - FT-Orange). 2. Update of T8.1 input to D2.1a (this as announced at last audio-conf) * Report on Task T8.2 (NSN - Robert & Marton) * Textual Description of assets attached to T8.2 1. To have it finalized NSN is requesting the following actions to be performed asap and by Wednesday 8 June EOB at the latest: a. Thales: should I delete the additional mentioned assets (see document)? i. PERMIS (Action THA-> Daniel/Pascal J. provide NSN with description compliant with the template provided ii. Privacy Compliant "Big Table" (Action THA -> Philippe Leleu provide NSN with description compliant with the template provided) iii. Location authentication algorithms (Action THA -> Daniel/Pascal to decide to keep or to leave) b. Action Orange ->Xavier) : no input so far. To deliver input asap and according to the set deadline c. Action INRIA -> Jean-Yves/Daniel : input received, please adapt your input to the format used in the document (mentioning Maturity, IPR, Enablers, ...) d. Action DT -> Wolfgang: should I delete the additional mentioned assets (see document)? * T8.2 input to D2.1a 1. First input was sent by NSN on last Friday (see Marton's email) a. Action NSN -> Robert/Marton- to collect missing input and further engage work with IBM (Privacy extension, ...) and SAP (Policy description, ...)in order to produced second input (consolidated at task level) by Thursday June 9th (EOB) at the latest. i. Robert/Marton to drop appropriate emails to T8.3 partners have it done also finalize assets analysis based on their textual descriptions. * Report on Task T8.3 (ATOS) * Textual Description of assets attached to T8.2 1. Delivered prior to this audio. Announced as complete. * T8.3 input to D2.1a 1. Second input delivered also prior to today's audio. * Report on Task T8.4 (SAP) * No one form SAP could make it. Was announced by Slim. * Action THA -> Pascal to drop an email to SAP (Slim, Andreas) and urge for reporting on progress and delivery of both: 1. Textual Description of assets attached to T8.4 2. T8.4 input to D2.1a 2. Other topics of concerns * A number of partners were not present at our weekly audio conf of today. Even worst some didn't show up since the start (Action Pascal -> contact FT-Orange on the topic)). I would thus ask: * Each of the partners to take necessary steps to attend our weekly audio conference (if you can't make it find a replacement at the level of your organization) * Each of the task leaders to be present or represented (either find a replacement at the level of our organization or at the level of your task - a partner who can speak on your behalf since involved) Useless to say I will count on you to follow the above rules for our next audio conf planned next Friday so June 17th (10am-12am) Ending word: Counting on each of you to perform your actions and make your duties this even more than we need all actions to be performed asap and prior to Wednesday 8 une EOB to have a successful meeting on Friday where we have planned to finalize WP8 input to D2.1a while discussing way forward. -------------- next part -------------- An HTML attachment was scrubbed... URL: From pascal.bisson at thalesgroup.com Tue Jun 7 10:43:12 2011 From: pascal.bisson at thalesgroup.com (BISSON Pascal) Date: Tue, 7 Jun 2011 10:43:12 +0200 Subject: [Fiware-security] FI-WARE - WP8 - Meeting of Friday 10 June (9am-5pm) - Access Map Message-ID: <16009_1307436198_4DEDE4A6_16009_11715_1_5200dcbf-5de2-4ff4-a9e1-7358206018a1@THSONEA01HUB01P.one.grp> Dear All, For those of you who will attend the WP8 meeting of Friday (June 10th) please find attached to this email an access map to our site. As for the rest I remind you that main objective of this meeting (working session) would be to finalize the WP8 input document to D2.1a. As such I ask each of the task leaders to take necessary steps to come to this meeting with an input consolidated at task level, complete (please check you answered each of points which were requested to be addressed as indicated in the document). This in order to save time for discussion and final harmonization also check. This being said I would also spend some time on the work to come with respect to next milestones we have to meet. Last but not least let me remind you that our meeting will start at 9am and will close around 5pm. Best Regards, Pascal -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: trt_uk_map.pdf Type: application/pdf Size: 617468 bytes Desc: trt_uk_map.pdf URL: From pascal.bisson at thalesgroup.com Tue Jun 7 11:28:57 2011 From: pascal.bisson at thalesgroup.com (BISSON Pascal) Date: Tue, 7 Jun 2011 11:28:57 +0200 Subject: [Fiware-security] FI-WARE - WP8 - Input to D2.1a (1st draft at WP level) Message-ID: <15904_1307438940_4DEDEF5C_15904_1849_1_3013b24d-aef5-4fc5-93c6-e0d6064e28e1@THSONEA01HUB04P.one.grp> Dear All, This just to let you know that I've uploaded on the repository at the following address the initial draft of WP8 input document to D2.1a. http://forge.fi-ware.eu/docman/admin/index.php?editdoc=1&docid=113&group_id=19 This document integrates input received so far by each of the Task leads. Of course this document is not yet final but at least it gives you/us an idea of where we are and what remains to do under the control of the Security AT caretakers, Task leaders and with the support of ALL. So please check and support completion process we already engaged. Update of this document is expected to be made prior to Friday's meeting this based on input expected as per minutes of last audioconf. Best regards, Pascal -------------- next part -------------- An HTML attachment was scrubbed... URL: From antonio.garcia at atosresearch.eu Tue Jun 7 13:24:51 2011 From: antonio.garcia at atosresearch.eu (Antonio Garcia Vazquez) Date: Tue, 7 Jun 2011 13:24:51 +0200 Subject: [Fiware-security] FI-WARE 8.3 & 8.1 - Monitoring services Message-ID: <0385F69C47D8694EA885D34BE18BCCC402E6A44B@INTMAIL02.es.int.atosorigin.com> Daniel, This is to bring you up to date on the monitoring functionalities we are going to need in task 8.3 The monitor to be integrated with our dynamic S&D framework should perform these activities: - Gets the monitoring rules from the S&D Framework - Check the applications context fulfils the rules. - Trigger the framework in case of rule violation It?s also planed that the communication between monitor system and Framework will be done with UDSL-Sec protocol. If there are no assets which can fulfill these requirements from Atos we?ll be willing to develop this component within the work we are performing in tasks 8.1 and 8.3 Regards ************************************ * Antonio Garc?a V?zquez * * (+34) 91 214 9384 * * antonio.garcia at atosresearch.eu * ************************************ ------------------------------------------------------------------ This e-mail and the documents attached are confidential and intended solely for the addressee; it may also be privileged. If you receive this e-mail in error, please notify the sender immediately and destroy it. As its integrity cannot be secured on the Internet, the Atos Origin group liability cannot be triggered for the message content. Although the sender endeavours to maintain a computer virus-free network, the sender does not warrant that this transmission is virus-free and will not be liable for any damages resulting from any virus transmitted. Este mensaje y los ficheros adjuntos pueden contener informacion confidencial destinada solamente a la(s) persona(s) mencionadas anteriormente pueden estar protegidos por secreto profesional. Si usted recibe este correo electronico por error, gracias por informar inmediatamente al remitente y destruir el mensaje. Al no estar asegurada la integridad de este mensaje sobre la red, Atos Origin no se hace responsable por su contenido. Su contenido no constituye ningun compromiso para el grupo Atos Origin, salvo ratificacion escrita por ambas partes. Aunque se esfuerza al maximo por mantener su red libre de virus, el emisor no puede garantizar nada al respecto y no sera responsable de cualesquiera danos que puedan resultar de una transmision de virus. ------------------------------------------------------------------ -------------- next part -------------- An HTML attachment was scrubbed... URL: From daniel.gidoin at thalesgroup.com Tue Jun 7 15:16:24 2011 From: daniel.gidoin at thalesgroup.com (GIDOIN Daniel) Date: Tue, 7 Jun 2011 15:16:24 +0200 Subject: [Fiware-security] FI-WARE 8.3 & 8.1 - Monitoring services In-Reply-To: <0385F69C47D8694EA885D34BE18BCCC402E6A44B@INTMAIL02.es.int.atosorigin.com> References: <0385F69C47D8694EA885D34BE18BCCC402E6A44B@INTMAIL02.es.int.atosorigin.com> Message-ID: <13953_1307452597_4DEE24B5_13953_8874_1_5ae53101-f7ad-4fb3-bb35-926d451b593b@THSONEA01HUB02P.one.grp> Thank a lot Antonio. I suggest that we speak about it Friday. Best regards Daniel De : Antonio Garcia Vazquez [mailto:antonio.garcia at atosresearch.eu] Envoy? : mardi 7 juin 2011 13:25 ? : GIDOIN Daniel Cc : fiware-security at lists.fi-ware.eu Objet : FI-WARE 8.3 & 8.1 - Monitoring services Daniel, This is to bring you up to date on the monitoring functionalities we are going to need in task 8.3 The monitor to be integrated with our dynamic S&D framework should perform these activities: - Gets the monitoring rules from the S&D Framework - Check the applications context fulfils the rules. - Trigger the framework in case of rule violation It?s also planed that the communication between monitor system and Framework will be done with UDSL-Sec protocol. If there are no assets which can fulfill these requirements from Atos we?ll be willing to develop this component within the work we are performing in tasks 8.1 and 8.3 Regards ************************************ * Antonio Garc?a V?zquez * * (+34) 91 214 9384 * * antonio.garcia at atosresearch.eu * ************************************ ------------------------------------------------------------------ This e-mail and the documents attached are confidential and intended solely for the addressee; it may also be privileged. If you receive this e-mail in error, please notify the sender immediately and destroy it. As its integrity cannot be secured on the Internet, the Atos Origin group liability cannot be triggered for the message content. Although the sender endeavours to maintain a computer virus-free network, the sender does not warrant that this transmission is virus-free and will not be liable for any damages resulting from any virus transmitted. Este mensaje y los ficheros adjuntos pueden contener informacion confidencial destinada solamente a la(s) persona(s) mencionadas anteriormente pueden estar protegidos por secreto profesional. Si usted recibe este correo electronico por error, gracias por informar inmediatamente al remitente y destruir el mensaje. Al no estar asegurada la integridad de este mensaje sobre la red, Atos Origin no se hace responsable por su contenido. Su contenido no constituye ningun compromiso para el grupo Atos Origin, salvo ratificacion escrita por ambas partes. Aunque se esfuerza al maximo por mantener su red libre de virus, el emisor no puede garantizar nada al respecto y no sera responsable de cualesquiera danos que puedan resultar de una transmision de virus. ------------------------------------------------------------------ -------------- next part -------------- An HTML attachment was scrubbed... URL: From slim.trabelsi at sap.com Wed Jun 8 09:28:34 2011 From: slim.trabelsi at sap.com (TRABELSI, Slim) Date: Wed, 8 Jun 2011 09:28:34 +0200 Subject: [Fiware-security] Invitation to join the audio-conf system Message-ID: Dear all, For those who will not be able to attend the WP8 on Friday you can use the SAPConnect platform to share screens and documents. As soon as you join the environment, click on your "name" then click on the phone icon below and select call my phone, then enter your phone number 00122333.... If you have any question please drop me and e-mail. Please join me in a Connect Pro Meeting. Meeting Name: Default Meeting Room Invited By: Slim TRABELSI To join the meeting: https://sap.emea.pgiconnect.com/i054572/ Audio Conference Details: Conference Number(s): Germany, Frankfurt: +49 69 71044 5469 USA, Denver: +1 303 658 9403 Brazil, Sao Paulo: +55 11 3351 7095 China: +86 400 810 2684 China, Beijing: +86 1059 044 927 France, Paris: +33 1 70 99 47 97 India: 000 800 100 7701 Italy: 800 976 300 Japan, Tokyo: +81 3 5767 5575 Singapore: 800 101 2156 Spain, Madrid: +34 91 788 9959 Switzerland: 0800 223 011 UK, London: +44 20 7959 6788 Participant Code: 8832991069 ---------------- If you have never attended a Connect Pro meeting before: Test your connection: https://sap.emea.pgiconnect.com/common/help/en/support/meeting_test.htm Get a quick overview: http://www.adobe.com/go/connectpro_overview Adobe, the Adobe logo, Acrobat and Acrobat Connect are either trademarks or registered trademarks of Adobe Systems Incorporated in the United States and/or other countries. -------------- next part -------------- An HTML attachment was scrubbed... URL: From pascal.bisson at thalesgroup.com Wed Jun 8 12:51:23 2011 From: pascal.bisson at thalesgroup.com (BISSON Pascal) Date: Wed, 8 Jun 2011 12:51:23 +0200 Subject: [Fiware-security] Invitation to join the audio-conf system In-Reply-To: References: Message-ID: <16395_1307530282_4DEF542A_16395_2743_1_CBBCD6C304123F4AB23FAAE3055C8C0E0200F076C065@THSONEA01CMS04P.one.grp> Thanks Slim. De : fiware-security-bounces at lists.fi-ware.eu [mailto:fiware-security-bounces at lists.fi-ware.eu] De la part de TRABELSI, Slim Envoy? : mercredi 8 juin 2011 09:29 ? : Fiware-security at lists.fi-ware.eu Objet : [Fiware-security] Invitation to join the audio-conf system Dear all, For those who will not be able to attend the WP8 on Friday you can use the SAPConnect platform to share screens and documents. As soon as you join the environment, click on your "name" then click on the phone icon below and select call my phone, then enter your phone number 00122333.... If you have any question please drop me and e-mail. Please join me in a Connect Pro Meeting. Meeting Name: Default Meeting Room Invited By: Slim TRABELSI To join the meeting: https://sap.emea.pgiconnect.com/i054572/ Audio Conference Details: Conference Number(s): Germany, Frankfurt: +49 69 71044 5469 USA, Denver: +1 303 658 9403 Brazil, Sao Paulo: +55 11 3351 7095 China: +86 400 810 2684 China, Beijing: +86 1059 044 927 France, Paris: +33 1 70 99 47 97 India: 000 800 100 7701 Italy: 800 976 300 Japan, Tokyo: +81 3 5767 5575 Singapore: 800 101 2156 Spain, Madrid: +34 91 788 9959 Switzerland: 0800 223 011 UK, London: +44 20 7959 6788 Participant Code: 8832991069 ---------------- If you have never attended a Connect Pro meeting before: Test your connection: https://sap.emea.pgiconnect.com/common/help/en/support/meeting_test.htm Get a quick overview: http://www.adobe.com/go/connectpro_overview Adobe, the Adobe logo, Acrobat and Acrobat Connect are either trademarks or registered trademarks of Adobe Systems Incorporated in the United States and/or other countries. -------------- next part -------------- An HTML attachment was scrubbed... URL: From pascal.bisson at thalesgroup.com Wed Jun 8 15:09:17 2011 From: pascal.bisson at thalesgroup.com (BISSON Pascal) Date: Wed, 8 Jun 2011 15:09:17 +0200 Subject: [Fiware-security] Reviewing security issues in first draft of the Context/Data Management In-Reply-To: <4DE66708.7060609@tid.es> References: <4DE66708.7060609@tid.es> Message-ID: <13186_1307538562_4DEF7482_13186_1439_1_638e9cc9-5496-4958-8573-65fe85381331@THSONEA01HUB02P.one.grp> Dear Juanjo, I understand your demand and will work on it together with my WP8 colleagues (in cc) appointed to monitor and answer demands coming from your WP6 side for what concerns Security topic. Unfortunately we would not be able to answer you on the topic prior to Friday 10/06 at the earliest. Good news is that since we have a WP8 meeting I could put your demand also on the agenda of our meeting. Which might contribute to speed up a little bit our answer (being said also WP8 people appointed will do some preparatory work before) In any case will keep you posted and be back to you on the topic asap. Regards, Pascal De : Juanjo Hierro [mailto:jhierro at tid.es] Envoy? : mercredi 1 juin 2011 18:21 ? : fiware-data at lists.fi-ware.eu Cc : BISSON Pascal; jhierro >> "Juan J. Hierro" Objet : Reviewing security issues in first draft of the Context/Data Management Hi, First of all, I have updated the first draft in the server so, please downloading it again if you were too fast and already did it before reading this email :-) I have just updated the section on question marks as to assign a section for Security and subsections for topics regarding Security, instead of a subsection for Security with a bullet list of topics. The link is still the same: http://forge.fi-ware.eu/docman/view.php/9/91/FI-WARE_High-Level_Description_11-06-1+Data-Context+Management+v1.0+11-06-01.doc The rest of this message is specifically targeted to our colleagues from the Security WP who I'm sure are monitoring what we are doing ;-) Now that we have a first draft (though still this needs quite more work) I would suggest that you carry out a first overall revision identifying security issues that should be taken into account. I would encourage you to contribute a description of such issues in the section about Security Issues I have created in section 3.1.3. Please confirm that you have read and understood this message. Your contributions are due on June 7, EOB like for the rest of the WP team. Best regards, -- Juanjo ________________________________ Este mensaje se dirige exclusivamente a su destinatario. Puede consultar nuestra pol?tica de env?o y recepci?n de correo electr?nico en el enlace situado m?s abajo. This message is intended exclusively for its addressee. We only send and receive email on the basis of the terms set out at. http://www.tid.es/ES/PAGINAS/disclaimer.aspx -------------- next part -------------- An HTML attachment was scrubbed... URL: From robert.seidl at nsn.com Wed Jun 8 17:05:40 2011 From: robert.seidl at nsn.com (Seidl, Robert (NSN - DE/Munich)) Date: Wed, 8 Jun 2011 17:05:40 +0200 Subject: [Fiware-security] FI-WARE - WP8 - T8.2 partner assets -->partner contribution needed In-Reply-To: <70B7C2744D52BB4282F0E0D3DC965E0C04E6A032@DEMUEXC006.nsn-intra.net> References: <70B7C2744D52BB4282F0E0D3DC965E0C04E6A032@DEMUEXC006.nsn-intra.net> Message-ID: <70B7C2744D52BB4282F0E0D3DC965E0C04EEDA7F@DEMUEXC006.nsn-intra.net> Hi, just one more status update: Still missing: Thales: should I delete the additional mentioned assets (see document)? Orange: no input so far, please Xavier provide the input for Orange DT: should I delete the additional mentioned asset (one remaining, will be clarified latest by end of the week by Wolfgang) Please find the newest version attached. Greetings Robert ________________________________ From: fiware-security-bounces at lists.fi-ware.eu [mailto:fiware-security-bounces at lists.fi-ware.eu] On Behalf Of Seidl, Robert (NSN - DE/Munich) Sent: Monday, June 06, 2011 8:51 AM To: Fiware-security at lists.fi-ware.eu Subject: Re: [Fiware-security] FI-WARE - WP8 - T8.2 partner assets -->partner contribution needed Dear partners, please find attached the newest version for T8.2 assets based on the inputs I received so far. Still missing: Thales: should I delete the additional mentioned assets (see document)? Orange: no input so far INIRA: input received, please adapt your input to the format used in the document (mentioning Maturity, IPR, Enablers, ...) DT: should I delete the additional mentioned assets (see document)? Many thanks in advance Robert ________________________________ From: Seidl, Robert (NSN - DE/Munich) Sent: Friday, June 03, 2011 11:03 AM To: 'Fiware-security at lists.fi-ware.eu' Subject: RE: FI-WARE - WP8 - T8.2 partner assets --> partner contribution needed Hi all, please find attached the newest version of the partner assets of task T8.2. Missing input from following partners: Thales: should I delete the additional mentioned assets (see document)? Orange: no input so far INIRA: no input so far Please provide the missing input. Greetings and have a nice weekend Robert ________________________________ From: Seidl, Robert (NSN - DE/Munich) Sent: Wednesday, June 01, 2011 9:41 AM To: Fiware-security at lists.fi-ware.eu Subject: FW: FI-WARE - WP8 - T8.2 partner assets --> partner contribution needed Hi all, this is just to remind all of you, who have not done so far, to contribute your detailed asset description to the attached document for task 8.2. Deadline is end of this week. Greetings Robert ________________________________ From: ext TRABELSI, Slim [mailto:slim.trabelsi at sap.com] Sent: Tuesday, May 31, 2011 10:43 AM To: Seidl, Robert (NSN - DE/Munich) Cc: Fiware-security at lists.fi-ware.eu Subject: RE: FI-WARE - WP8 - T8.2 partner assets --> partner contribution needed Hi Robert, You can find the description asset of SAP. This asset is strongly related to IBM's one, since one compoenent is designed and developed by IBM (Credential Handler). SAP and IBM assets will work together for delivering the PPL engine asset with the Credential and IDMix capabilities. Thank you Regards Slim From: Seidl, Robert (NSN - DE/Munich) [mailto:robert.seidl at nsn.com] Sent: jeudi 26 mai 2011 18:12 To: ext BISSON Pascal; Fiware-security at lists.fi-ware.eu Cc: Marton, Gabor (NSN - HU/Budapest); Antonio Garcia Vazquez; Pedro Soria Rodriguez; TRABELSI, Slim; Schaad, Andreas; Michael Osborne; SIEUX Corinne; Philippe.LELEU at fr.thalesgroup.com; GIDOIN Daniel; EGAN Richard Subject: FI-WARE - WP8 - T8.2 partner assets --> partner contribution needed Hi WP8, we need to collect all the assets from each partner (to be provided in template form). I collected the input I received so far and included as well the input I collected during our physical meeting in Madrid. Still some input is missing and also some detailed descriptons according to our template. To be concrete follwing is missing or at least to be checked if the asset is still valid: SAP IBM Thales Orange DTAG INRIA It would be nice if you could provide the missing input as soon as possible. Greetings Robert -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: WP8 Description of the Security Asset v04.docx Type: application/octet-stream Size: 1701335 bytes Desc: WP8 Description of the Security Asset v04.docx URL: From pascal.bisson at thalesgroup.com Wed Jun 8 17:16:43 2011 From: pascal.bisson at thalesgroup.com (BISSON Pascal) Date: Wed, 8 Jun 2011 17:16:43 +0200 Subject: [Fiware-security] FI-WARE - WP8 - T8.2 partner assets -->partner contribution needed In-Reply-To: <70B7C2744D52BB4282F0E0D3DC965E0C04EEDA7F@DEMUEXC006.nsn-intra.net> References: <70B7C2744D52BB4282F0E0D3DC965E0C04E6A032@DEMUEXC006.nsn-intra.net> <70B7C2744D52BB4282F0E0D3DC965E0C04EEDA7F@DEMUEXC006.nsn-intra.net> Message-ID: <28615_1307546211_4DEF9263_28615_8926_1_8fdc2b0f-7c8b-4663-bc61-8428b4b028b9@THSONEA01HUB01P.one.grp> Hi Robert, For Thales here is what I can say: ? PERMIS you can keep and will receive the description by tomorrow. ? Privacy Compliant "Big Table" this is on the hands of Philippe so I will let him answer you on this. Please Philippe urgently answer Robert on the topic. ? Location authentication algorithms - Even if we can and will provide asset description here (by Friday unfortunately) we are not so sure we will keep this asset at WP8 level since it could also be moved to WP6 where all location stuff would be (to be discussed at our meeting). Best regards, Pascal De : fiware-security-bounces at lists.fi-ware.eu [mailto:fiware-security-bounces at lists.fi-ware.eu] De la part de Seidl, Robert (NSN - DE/Munich) Envoy? : mercredi 8 juin 2011 17:06 ? : Fiware-security at lists.fi-ware.eu; xavier.aghina at orange-ftgroup.com; Wolfgang.Steigerwald at telekom.de Objet : Re: [Fiware-security] FI-WARE - WP8 - T8.2 partner assets -->partner contribution needed Hi, just one more status update: Still missing: Thales: should I delete the additional mentioned assets (see document)? Orange: no input so far, please Xavier provide the input for Orange DT: should I delete the additional mentioned asset (one remaining, will be clarified latest by end of the week by Wolfgang) Please find the newest version attached. Greetings Robert ________________________________ From: fiware-security-bounces at lists.fi-ware.eu [mailto:fiware-security-bounces at lists.fi-ware.eu] On Behalf Of Seidl, Robert (NSN - DE/Munich) Sent: Monday, June 06, 2011 8:51 AM To: Fiware-security at lists.fi-ware.eu Subject: Re: [Fiware-security] FI-WARE - WP8 - T8.2 partner assets -->partner contribution needed Dear partners, please find attached the newest version for T8.2 assets based on the inputs I received so far. Still missing: Thales: should I delete the additional mentioned assets (see document)? Orange: no input so far INIRA: input received, please adapt your input to the format used in the document (mentioning Maturity, IPR, Enablers, ...) DT: should I delete the additional mentioned assets (see document)? Many thanks in advance Robert ________________________________ From: Seidl, Robert (NSN - DE/Munich) Sent: Friday, June 03, 2011 11:03 AM To: 'Fiware-security at lists.fi-ware.eu' Subject: RE: FI-WARE - WP8 - T8.2 partner assets --> partner contribution needed Hi all, please find attached the newest version of the partner assets of task T8.2. Missing input from following partners: Thales: should I delete the additional mentioned assets (see document)? Orange: no input so far INIRA: no input so far Please provide the missing input. Greetings and have a nice weekend Robert ________________________________ From: Seidl, Robert (NSN - DE/Munich) Sent: Wednesday, June 01, 2011 9:41 AM To: Fiware-security at lists.fi-ware.eu Subject: FW: FI-WARE - WP8 - T8.2 partner assets --> partner contribution needed Hi all, this is just to remind all of you, who have not done so far, to contribute your detailed asset description to the attached document for task 8.2. Deadline is end of this week. Greetings Robert ________________________________ From: ext TRABELSI, Slim [mailto:slim.trabelsi at sap.com] Sent: Tuesday, May 31, 2011 10:43 AM To: Seidl, Robert (NSN - DE/Munich) Cc: Fiware-security at lists.fi-ware.eu Subject: RE: FI-WARE - WP8 - T8.2 partner assets --> partner contribution needed Hi Robert, You can find the description asset of SAP. This asset is strongly related to IBM's one, since one compoenent is designed and developed by IBM (Credential Handler). SAP and IBM assets will work together for delivering the PPL engine asset with the Credential and IDMix capabilities. Thank you Regards Slim From: Seidl, Robert (NSN - DE/Munich) [mailto:robert.seidl at nsn.com] Sent: jeudi 26 mai 2011 18:12 To: ext BISSON Pascal; Fiware-security at lists.fi-ware.eu Cc: Marton, Gabor (NSN - HU/Budapest); Antonio Garcia Vazquez; Pedro Soria Rodriguez; TRABELSI, Slim; Schaad, Andreas; Michael Osborne; SIEUX Corinne; Philippe.LELEU at fr.thalesgroup.com; GIDOIN Daniel; EGAN Richard Subject: FI-WARE - WP8 - T8.2 partner assets --> partner contribution needed Hi WP8, we need to collect all the assets from each partner (to be provided in template form). I collected the input I received so far and included as well the input I collected during our physical meeting in Madrid. Still some input is missing and also some detailed descriptons according to our template. To be concrete follwing is missing or at least to be checked if the asset is still valid: SAP IBM Thales Orange DTAG INRIA It would be nice if you could provide the missing input as soon as possible. Greetings Robert -------------- next part -------------- An HTML attachment was scrubbed... URL: From jpv at tid.es Thu Jun 9 16:17:32 2011 From: jpv at tid.es (JULIAN PEREZ VILA) Date: Thu, 09 Jun 2011 16:17:32 +0200 Subject: [Fiware-security] =?iso-8859-1?q?=5BPPP_FIWARE=5D=3A_Overlaping_b?= =?iso-8859-1?q?etween_ATOS_and_TID_SIEM=B4s_monitoring_assets=2E?= Message-ID: Dear Daniel, Despite of the fact that ATOS and TID assets are related to SIEM?s, maybe there are more or less independence issues. TID has analysed the possibility to work together considering the point introduced by you, and TID does not observe now any point of reasonability to join our assets, in our opinion these are at different levels and not possible to find points in common. What we are observing from the current documentation is that TID asset is placed at the machine level, meanwhile the ATOS one is at service level. Looking forward to hearing from you. Regards, ________________________________ Este mensaje se dirige exclusivamente a su destinatario. Puede consultar nuestra pol?tica de env?o y recepci?n de correo electr?nico en el enlace situado m?s abajo. This message is intended exclusively for its addressee. We only send and receive email on the basis of the terms set out at. http://www.tid.es/ES/PAGINAS/disclaimer.aspx -------------- next part -------------- An HTML attachment was scrubbed... URL: From daniel.gidoin at thalesgroup.com Thu Jun 9 16:29:09 2011 From: daniel.gidoin at thalesgroup.com (GIDOIN Daniel) Date: Thu, 9 Jun 2011 16:29:09 +0200 Subject: [Fiware-security] Input document to D2.1a In-Reply-To: <6223_1306334453_4DDD14F5_6223_2761_1_09013cb9-56f9-49e4-80a8-935cf1b1a4e3@THSONEA01HUB01P.one.grp> References: <6223_1306334453_4DDD14F5_6223_2761_1_09013cb9-56f9-49e4-80a8-935cf1b1a4e3@THSONEA01HUB01P.one.grp> Message-ID: <4716_1307629764_4DF0D8C3_4716_2680_1_5c875127-ed03-442a-aceb-04c86db14695@THSONEA01HUB06P.one.grp> Dear T8.1 partners, Following my mail of May 25, I'm still waiting for your inputs in the chapter 3.1.2.1 "security monitoring". (document "D2.1a" attached) . Thank a lot for sending us your input for tonight, otherwise we will do the work of consolidation in session, tomorrow morning, which is not which is not the best I count on you! In priority (but All willingness are welcome:)): TID: Normalization of heterogeneous events and correlation ATOS: Risk analysis and Business risk evaluation TRT UK: Visualization and reporting INRIA: Digital forensics for evidence Best regard daniel -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: FI-WARE High-Level Description SecurityAT-v0.1 07062011.doc Type: application/msword Size: 1021952 bytes Desc: FI-WARE High-Level Description SecurityAT-v0.1 07062011.doc URL: From jpv at tid.es Thu Jun 9 16:35:18 2011 From: jpv at tid.es (JULIAN PEREZ VILA) Date: Thu, 09 Jun 2011 16:35:18 +0200 Subject: [Fiware-security] Input document to D2.1a In-Reply-To: <4716_1307629764_4DF0D8C3_4716_2680_1_5c875127-ed03-442a-aceb-04c86db14695@THSONEA01HUB06P.one.grp> References: <6223_1306334453_4DDD14F5_6223_2761_1_09013cb9-56f9-49e4-80a8-935cf1b1a4e3@THSONEA01HUB01P.one.grp> <4716_1307629764_4DF0D8C3_4716_2680_1_5c875127-ed03-442a-aceb-04c86db14695@THSONEA01HUB06P.one.grp> Message-ID: Could you please detail me what you expect from TID, probably I have missed any e-mail. De: fiware-security-bounces at lists.fi-ware.eu [mailto:fiware-security-bounces at lists.fi-ware.eu] En nombre de GIDOIN Daniel Enviado el: jueves, 09 de junio de 2011 16:29 Para: Fiware-security at lists.fi-ware.eu; Guillaume.Bonfante at loria.fr; jean-Yves.Marion at loria.fr; Olivier Festor; daniel.le-metayer at inrialpes.fr Asunto: [Fiware-security] Input document to D2.1a Dear T8.1 partners, Following my mail of May 25, I'm still waiting for your inputs in the chapter 3.1.2.1 "security monitoring". (document "D2.1a" attached) . Thank a lot for sending us your input for tonight, otherwise we will do the work of consolidation in session, tomorrow morning, which is not which is not the best I count on you! In priority (but All willingness are welcome:)): TID: Normalization of heterogeneous events and correlation ATOS: Risk analysis and Business risk evaluation TRT UK: Visualization and reporting INRIA: Digital forensics for evidence Best regard daniel ________________________________ Este mensaje se dirige exclusivamente a su destinatario. Puede consultar nuestra pol?tica de env?o y recepci?n de correo electr?nico en el enlace situado m?s abajo. This message is intended exclusively for its addressee. We only send and receive email on the basis of the terms set out at. http://www.tid.es/ES/PAGINAS/disclaimer.aspx -------------- next part -------------- An HTML attachment was scrubbed... URL: From daniel.gidoin at thalesgroup.com Thu Jun 9 16:47:36 2011 From: daniel.gidoin at thalesgroup.com (GIDOIN Daniel) Date: Thu, 9 Jun 2011 16:47:36 +0200 Subject: [Fiware-security] Input document to D2.1a In-Reply-To: References: <6223_1306334453_4DDD14F5_6223_2761_1_09013cb9-56f9-49e4-80a8-935cf1b1a4e3@THSONEA01HUB01P.one.grp> <4716_1307629764_4DF0D8C3_4716_2680_1_5c875127-ed03-442a-aceb-04c86db14695@THSONEA01HUB06P.one.grp> Message-ID: <14469_1307630859_4DF0DD0B_14469_6887_1_8F1D40232A0E68409E3FC23A30C326620162A4FAA5CE@THSONEA01CMS04P.one.grp> Dear Julian, thank you for your prompt response. I would like a brief description of the functions mentioned (about 15-20 lines). This description should enable the reader to understand the usefulness of the functions (and sub functions) and the work will be done. Daniel De : JULIAN PEREZ VILA [mailto:jpv at tid.es] Envoy? : jeudi 9 juin 2011 16:35 ? : GIDOIN Daniel; Fiware-security at lists.fi-ware.eu; Guillaume.Bonfante at loria.fr; jean-Yves.Marion at loria.fr; Olivier Festor; daniel.le-metayer at inrialpes.fr Objet : RE: Input document to D2.1a Could you please detail me what you expect from TID, probably I have missed any e-mail. De: fiware-security-bounces at lists.fi-ware.eu [mailto:fiware-security-bounces at lists.fi-ware.eu] En nombre de GIDOIN Daniel Enviado el: jueves, 09 de junio de 2011 16:29 Para: Fiware-security at lists.fi-ware.eu; Guillaume.Bonfante at loria.fr; jean-Yves.Marion at loria.fr; Olivier Festor; daniel.le-metayer at inrialpes.fr Asunto: [Fiware-security] Input document to D2.1a Dear T8.1 partners, Following my mail of May 25, I'm still waiting for your inputs in the chapter 3.1.2.1 "security monitoring". (document "D2.1a" attached) . Thank a lot for sending us your input for tonight, otherwise we will do the work of consolidation in session, tomorrow morning, which is not which is not the best I count on you! In priority (but All willingness are welcome:)): TID: Normalization of heterogeneous events and correlation ATOS: Risk analysis and Business risk evaluation TRT UK: Visualization and reporting INRIA: Digital forensics for evidence Best regard daniel ________________________________ Este mensaje se dirige exclusivamente a su destinatario. Puede consultar nuestra pol?tica de env?o y recepci?n de correo electr?nico en el enlace situado m?s abajo. This message is intended exclusively for its addressee. We only send and receive email on the basis of the terms set out at. http://www.tid.es/ES/PAGINAS/disclaimer.aspx -------------- next part -------------- An HTML attachment was scrubbed... URL: From Adrian.Waller at thalesgroup.com Thu Jun 9 17:05:08 2011 From: Adrian.Waller at thalesgroup.com (Waller, Adrian ) Date: Thu, 9 Jun 2011 16:05:08 +0100 Subject: [Fiware-security] Input document to D2.1a Message-ID: <18277_1307631935_4DF0E13E_18277_241_1_B90E0206899B3442BB5B86F32CADFFA421FF2E@nts013.uk.trt.thales> Dear Daniel, I've added a few words on visualization and reporting, using "track changes". I hope this is what you need. Regards, Adrian Dr. Adrian Waller CISSP Technical Consultant - Information Security Thales UK Thales Research and Technology (UK) Ltd., Worton Drive, Reading RG2 0SB, U.K. [www.thalesgroup.com/uk] Tel: ++44 118 923 8304 Fax: ++44 118 923 8399 e-mail: Adrian.Waller at thalesgroup.com -----Original Message----- From: fiware-security-bounces at lists.fi-ware.eu [mailto:fiware-security-bounces at lists.fi-ware.eu]On Behalf Of GIDOIN Daniel Sent: 09 June 2011 15:48 To: JULIAN PEREZ VILA; Fiware-security at lists.fi-ware.eu; Guillaume.Bonfante at loria.fr; jean-Yves.Marion at loria.fr; Olivier Festor; daniel.le-metayer at inrialpes.fr Subject: Re: [Fiware-security] Input document to D2.1a Dear Julian, thank you for your prompt response. I would like a brief description of the functions mentioned (about 15-20 lines). This description should enable the reader to understand the usefulness of the functions (and sub functions) and the work will be done. Daniel De : JULIAN PEREZ VILA [mailto:jpv at tid.es] Envoy? : jeudi 9 juin 2011 16:35 ? : GIDOIN Daniel; Fiware-security at lists.fi-ware.eu; Guillaume.Bonfante at loria.fr; jean-Yves.Marion at loria.fr; Olivier Festor; daniel.le-metayer at inrialpes.fr Objet : RE: Input document to D2.1a Could you please detail me what you expect from TID, probably I have missed any e-mail. De: fiware-security-bounces at lists.fi-ware.eu [mailto:fiware-security-bounces at lists.fi-ware.eu] En nombre de GIDOIN Daniel Enviado el: jueves, 09 de junio de 2011 16:29 Para: Fiware-security at lists.fi-ware.eu; Guillaume.Bonfante at loria.fr; jean-Yves.Marion at loria.fr; Olivier Festor; daniel.le-metayer at inrialpes.fr Asunto: [Fiware-security] Input document to D2.1a Dear T8.1 partners, Following my mail of May 25, I'm still waiting for your inputs in the chapter 3.1.2.1 "security monitoring". (document "D2.1a" attached) . Thank a lot for sending us your input for tonight, otherwise we will do the work of consolidation in session, tomorrow morning, which is not which is not the best I count on you! In priority (but All willingness are welcomeJ): TID: Normalization of heterogeneous events and correlation ATOS: Risk analysis and Business risk evaluation TRT UK: Visualization and reporting INRIA: Digital forensics for evidence Best regard daniel _____ Este mensaje se dirige exclusivamente a su destinatario. Puede consultar nuestra pol?tica de env?o y recepci?n de correo electr?nico en el enlace situado m?s abajo. This message is intended exclusively for its addressee. We only send and receive email on the basis of the terms set out at. http://www.tid.es/ES/PAGINAS/disclaimer.aspx Please consider the environment before printing a hard copy of this e-mail. The information contained in this e-mail is confidential. It is intended only for the stated addressee(s) and access to it by any other person is unauthorised. If you are not an addressee, you must not disclose, copy, circulate or in any other way use or rely on the information contained in this e-mail. Such unauthorised use may be unlawful. If you have received this e-mail in error, please inform us immediately on +44 (0)118 986 8601 and delete it and all copies from your system. Thales Research and Technology (UK) Limited. A company registered in England and Wales. Registered Office: 2 Dashwood Lang Road, The Bourne Business Park, Addlestone, Weybridge, Surrey KT15 2NX. Registered Number: 774298 Thales UK Limited. A company registered in England and Wales. Registered Office: 2 Dashwood Lang Road, The Bourne Business Park, Addlestone, Weybridge, Surrey KT15 2NX. Registered Number: 868273 -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: FI-WARE High-Level Description SecurityAT-v0.1 07062011_TRT.doc Type: application/msword Size: 987648 bytes Desc: not available URL: From daniel.gidoin at thalesgroup.com Thu Jun 9 17:11:42 2011 From: daniel.gidoin at thalesgroup.com (GIDOIN Daniel) Date: Thu, 9 Jun 2011 17:11:42 +0200 Subject: [Fiware-security] Input document to D2.1a In-Reply-To: References: Message-ID: <28613_1307632310_4DF0E2B6_28613_8538_1_f522d892-127b-4940-8049-8950b466df53@THSONEA01HUB06P.one.grp> Dear Adrian, Personally, these few lines suit me well. Daniel De : Waller, Adrian [mailto:Adrian.Waller at thalesgroup.com] Envoy? : jeudi 9 juin 2011 17:05 ? : GIDOIN Daniel Cc : Fiware-security at lists.fi-ware.eu Objet : RE: [Fiware-security] Input document to D2.1a Dear Daniel, I've added a few words on visualization and reporting, using "track changes". I hope this is what you need. Regards, Adrian Dr. Adrian Waller CISSP Technical Consultant - Information Security Thales UK Thales Research and Technology (UK) Ltd., Worton Drive, Reading RG2 0SB, U.K. [www.thalesgroup.com/uk] Tel: ++44 118 923 8304 Fax: ++44 118 923 8399 e-mail: Adrian.Waller at thalesgroup.com -----Original Message----- From: fiware-security-bounces at lists.fi-ware.eu [mailto:fiware-security-bounces at lists.fi-ware.eu]On Behalf Of GIDOIN Daniel Sent: 09 June 2011 15:48 To: JULIAN PEREZ VILA; Fiware-security at lists.fi-ware.eu; Guillaume.Bonfante at loria.fr; jean-Yves.Marion at loria.fr; Olivier Festor; daniel.le-metayer at inrialpes.fr Subject: Re: [Fiware-security] Input document to D2.1a Dear Julian, thank you for your prompt response. I would like a brief description of the functions mentioned (about 15-20 lines). This description should enable the reader to understand the usefulness of the functions (and sub functions) and the work will be done. Daniel De : JULIAN PEREZ VILA [mailto:jpv at tid.es] Envoy? : jeudi 9 juin 2011 16:35 ? : GIDOIN Daniel; Fiware-security at lists.fi-ware.eu; Guillaume.Bonfante at loria.fr; jean-Yves.Marion at loria.fr; Olivier Festor; daniel.le-metayer at inrialpes.fr Objet : RE: Input document to D2.1a Could you please detail me what you expect from TID, probably I have missed any e-mail. De: fiware-security-bounces at lists.fi-ware.eu [mailto:fiware-security-bounces at lists.fi-ware.eu] En nombre de GIDOIN Daniel Enviado el: jueves, 09 de junio de 2011 16:29 Para: Fiware-security at lists.fi-ware.eu; Guillaume.Bonfante at loria.fr; jean-Yves.Marion at loria.fr; Olivier Festor; daniel.le-metayer at inrialpes.fr Asunto: [Fiware-security] Input document to D2.1a Dear T8.1 partners, Following my mail of May 25, I'm still waiting for your inputs in the chapter 3.1.2.1 "security monitoring". (document "D2.1a" attached) . Thank a lot for sending us your input for tonight, otherwise we will do the work of consolidation in session, tomorrow morning, which is not which is not the best I count on you! In priority (but All willingness are welcome:)): TID: Normalization of heterogeneous events and correlation ATOS: Risk analysis and Business risk evaluation TRT UK: Visualization and reporting INRIA: Digital forensics for evidence Best regard daniel ________________________________ Este mensaje se dirige exclusivamente a su destinatario. Puede consultar nuestra pol?tica de env?o y recepci?n de correo electr?nico en el enlace situado m?s abajo. This message is intended exclusively for its addressee. We only send and receive email on the basis of the terms set out at. http://www.tid.es/ES/PAGINAS/disclaimer.aspx Please consider the environment before printing a hard copy of this e-mail. The information contained in this e-mail is confidential. It is intended only for the stated addressee(s) and access to it by any other person is unauthorised. If you are not an addressee, you must not disclose, copy, circulate or in any other way use or rely on the information contained in this e-mail. Such unauthorised use may be unlawful. If you have received this e-mail in error, please inform us immediately on +44 (0)118 986 8601 and delete it and all copies from your system. Thales Research and Technology (UK) Limited. A company registered in England and Wales. Registered Office: 2 Dashwood Lang Road, The Bourne Business Park, Addlestone, Weybridge, Surrey KT15 2NX. Registered Number: 774298 Thales UK Limited. A company registered in England and Wales. Registered Office: 2 Dashwood Lang Road, The Bourne Business Park, Addlestone, Weybridge, Surrey KT15 2NX. Registered Number: 868273 -------------- next part -------------- An HTML attachment was scrubbed... URL: From xavier.aghina at orange-ftgroup.com Thu Jun 9 17:12:11 2011 From: xavier.aghina at orange-ftgroup.com (xavier.aghina at orange-ftgroup.com) Date: Thu, 9 Jun 2011 17:12:11 +0200 Subject: [Fiware-security] FT Asset 8.1 Message-ID: Dear all Please find attached the description of the one assets from FT regarding 8.1, based of FP7 Demon's project. Brgds. Xavier Aghina FT/OLNC/RD/MAPS/STT/NDS Responsable du Programme de Recherche Security t?l. 01 45 29 81 59 xavier.aghina at orange-ftgroup.com -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: orange_logo.gif Type: image/gif Size: 1264 bytes Desc: orange_logo.gif URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: ampersand.gif Type: image/gif Size: 1081 bytes Desc: ampersand.gif URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: Fi-ware_Orange_WP8.ppt Type: application/vnd.ms-powerpoint Size: 343552 bytes Desc: Fi-ware_Orange_WP8.ppt URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: FT ASSETS FOR T8 1.doc Type: application/msword Size: 39424 bytes Desc: FT ASSETS FOR T8 1.doc URL: From xavier.aghina at orange-ftgroup.com Thu Jun 9 17:45:37 2011 From: xavier.aghina at orange-ftgroup.com (xavier.aghina at orange-ftgroup.com) Date: Thu, 9 Jun 2011 17:45:37 +0200 Subject: [Fiware-security] FT Asset 8.1 additionnal doc Message-ID: ... previous mail on error ppt document, in addition the technical details of our proposal. Xavier Aghina FT/OLNC/RD/MAPS/STT/NDS Responsable du Programme de Recherche Security t?l. 01 45 29 81 59 xavier.aghina at orange-ftgroup.com -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: orange_logo.gif Type: image/gif Size: 1264 bytes Desc: orange_logo.gif URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: ampersand.gif Type: image/gif Size: 1081 bytes Desc: ampersand.gif URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: Botnet tracking v1-3.pptx Type: application/octet-stream Size: 145432 bytes Desc: Botnet tracking v1-3.pptx URL: From gabor.marton at nsn.com Thu Jun 9 17:49:40 2011 From: gabor.marton at nsn.com (Marton, Gabor (NSN - HU/Budapest)) Date: Thu, 9 Jun 2011 18:49:40 +0300 Subject: [Fiware-security] FI-ARE - WP8 input to D2.1a (elements to also be provided in view of our Workshop of tomorrow) In-Reply-To: <28613_1307621045_4DF0B6B5_28613_6689_1_2965f561-b11b-4e6f-8ad9-6fa66ab5f2a6@THSONEA01HUB03P.one.grp> References: <28613_1307621045_4DF0B6B5_28613_6689_1_2965f561-b11b-4e6f-8ad9-6fa66ab5f2a6@THSONEA01HUB03P.one.grp> Message-ID: <57CF2CA7825F474DACFAEB9EA1ED3A54041B494A@FIESEXC014.nsn-intra.net> Dear Pascal and All, please find attached the T8.2 consolidated input to D2.1. Kind regards, G?bor ________________________________ From: ext BISSON Pascal [mailto:pascal.bisson at thalesgroup.com] Sent: Thursday, June 09, 2011 2:04 PM To: Antonio Garcia Vazquez; TRABELSI, Slim; Seidl, Robert (NSN - DE/Munich); Marton, Gabor (NSN - HU/Budapest); GIDOIN Daniel Cc: BISSON Pascal Subject: FI-ARE - WP8 input to D2.1a (elements to also be provided in view of our Workshop of tomorrow) Importance: High Message to task leaders preparing their final consolidated input to D2.1a in view of our meeting of tomorrow. Don't forget to include in your input: ? Terms and definitions introduced ? List of relevant References Start also providing some input to question marks identified and that mapped onto the overall High level security for what concerns your modules. Will come back to this and others at our meeting tomorrow. Best regards, Pascal -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: FI-WARE High-Level Description 25-05-11 v0 1-SecurityAT-T8.2_NSN_SAP_IBM.doc Type: application/msword Size: 317440 bytes Desc: FI-WARE High-Level Description 25-05-11 v0 1-SecurityAT-T8.2_NSN_SAP_IBM.doc URL: From jpv at tid.es Thu Jun 9 17:50:54 2011 From: jpv at tid.es (JULIAN PEREZ VILA) Date: Thu, 09 Jun 2011 17:50:54 +0200 Subject: [Fiware-security] Input document to D2.1a In-Reply-To: <14469_1307630859_4DF0DD0B_14469_6887_1_8F1D40232A0E68409E3FC23A30C326620162A4FAA5CE@THSONEA01CMS04P.one.grp> References: <6223_1306334453_4DDD14F5_6223_2761_1_09013cb9-56f9-49e4-80a8-935cf1b1a4e3@THSONEA01HUB01P.one.grp> <4716_1307629764_4DF0D8C3_4716_2680_1_5c875127-ed03-442a-aceb-04c86db14695@THSONEA01HUB06P.one.grp> <14469_1307630859_4DF0DD0B_14469_6887_1_8F1D40232A0E68409E3FC23A30C326620162A4FAA5CE@THSONEA01CMS04P.one.grp> Message-ID: Dear Daniel, Please see attached our contribution, Kind regards, De: GIDOIN Daniel [mailto:daniel.gidoin at thalesgroup.com] Enviado el: jueves, 09 de junio de 2011 16:48 Para: JULIAN PEREZ VILA; Fiware-security at lists.fi-ware.eu; Guillaume.Bonfante at loria.fr; jean-Yves.Marion at loria.fr; Olivier Festor; daniel.le-metayer at inrialpes.fr Asunto: RE: Input document to D2.1a Dear Julian, thank you for your prompt response. I would like a brief description of the functions mentioned (about 15-20 lines). This description should enable the reader to understand the usefulness of the functions (and sub functions) and the work will be done. Daniel De : JULIAN PEREZ VILA [mailto:jpv at tid.es] Envoy? : jeudi 9 juin 2011 16:35 ? : GIDOIN Daniel; Fiware-security at lists.fi-ware.eu; Guillaume.Bonfante at loria.fr; jean-Yves.Marion at loria.fr; Olivier Festor; daniel.le-metayer at inrialpes.fr Objet : RE: Input document to D2.1a Could you please detail me what you expect from TID, probably I have missed any e-mail. De: fiware-security-bounces at lists.fi-ware.eu [mailto:fiware-security-bounces at lists.fi-ware.eu] En nombre de GIDOIN Daniel Enviado el: jueves, 09 de junio de 2011 16:29 Para: Fiware-security at lists.fi-ware.eu; Guillaume.Bonfante at loria.fr; jean-Yves.Marion at loria.fr; Olivier Festor; daniel.le-metayer at inrialpes.fr Asunto: [Fiware-security] Input document to D2.1a Dear T8.1 partners, Following my mail of May 25, I'm still waiting for your inputs in the chapter 3.1.2.1 "security monitoring". (document "D2.1a" attached) . Thank a lot for sending us your input for tonight, otherwise we will do the work of consolidation in session, tomorrow morning, which is not which is not the best I count on you! In priority (but All willingness are welcome:)): TID: Normalization of heterogeneous events and correlation ATOS: Risk analysis and Business risk evaluation TRT UK: Visualization and reporting INRIA: Digital forensics for evidence Best regard daniel ________________________________ Este mensaje se dirige exclusivamente a su destinatario. Puede consultar nuestra pol?tica de env?o y recepci?n de correo electr?nico en el enlace situado m?s abajo. This message is intended exclusively for its addressee. We only send and receive email on the basis of the terms set out at. http://www.tid.es/ES/PAGINAS/disclaimer.aspx ________________________________ Este mensaje se dirige exclusivamente a su destinatario. Puede consultar nuestra pol?tica de env?o y recepci?n de correo electr?nico en el enlace situado m?s abajo. This message is intended exclusively for its addressee. We only send and receive email on the basis of the terms set out at. http://www.tid.es/ES/PAGINAS/disclaimer.aspx -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: FI-WARE High-Level Description SecurityAT-v0 1 07062011_TRT_PLUS_TID_INPUTS.doc Type: application/msword Size: 992256 bytes Desc: FI-WARE High-Level Description SecurityAT-v0 1 07062011_TRT_PLUS_TID_INPUTS.doc URL: From antonio.garcia at atosresearch.eu Thu Jun 9 17:51:10 2011 From: antonio.garcia at atosresearch.eu (Antonio Garcia Vazquez) Date: Thu, 9 Jun 2011 17:51:10 +0200 Subject: [Fiware-security] Input document to D2.1a Message-ID: <0385F69C47D8694EA885D34BE18BCCC402EB58BE@INTMAIL02.es.int.atosorigin.com> Hello, I?ve Updated the ATOS contribution to ?3.1.2.3 Context-based security and compliance? where I?ve extended example scenarios information and correct/detailed some of the requirements I?ve also included a sort document with the acronyms used in Task 8.3 description About the contribution to Task 8.1 asked by Danniel, we?ve already send the information of the MASIFF asset (Multilevel event integration and correlation from different and heterogeneous sources of information). Anyway I?ll do my best to prepare something about Risk analysis and Business risk evaluation by tomorrow morning. Regards. ************************************ * Antonio Garc?a V?zquez * * (+34) 91 214 9384 * * antonio.garcia at atosresearch.eu * ************************************ ------------------------------------------------------------------ This e-mail and the documents attached are confidential and intended solely for the addressee; it may also be privileged. If you receive this e-mail in error, please notify the sender immediately and destroy it. As its integrity cannot be secured on the Internet, the Atos Origin group liability cannot be triggered for the message content. Although the sender endeavours to maintain a computer virus-free network, the sender does not warrant that this transmission is virus-free and will not be liable for any damages resulting from any virus transmitted. Este mensaje y los ficheros adjuntos pueden contener informacion confidencial destinada solamente a la(s) persona(s) mencionadas anteriormente pueden estar protegidos por secreto profesional. Si usted recibe este correo electronico por error, gracias por informar inmediatamente al remitente y destruir el mensaje. Al no estar asegurada la integridad de este mensaje sobre la red, Atos Origin no se hace responsable por su contenido. Su contenido no constituye ningun compromiso para el grupo Atos Origin, salvo ratificacion escrita por ambas partes. Aunque se esfuerza al maximo por mantener su red libre de virus, el emisor no puede garantizar nada al respecto y no sera responsable de cualesquiera danos que puedan resultar de una transmision de virus. ------------------------------------------------------------------ -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: Task 8.3.zip Type: application/x-zip-compressed Size: 914125 bytes Desc: Task 8.3.zip URL: From pascal.bisson at thalesgroup.com Thu Jun 9 18:55:24 2011 From: pascal.bisson at thalesgroup.com (BISSON Pascal) Date: Thu, 9 Jun 2011 18:55:24 +0200 Subject: [Fiware-security] FI-ARE - WP8 input to D2.1a (elements to also be provided in view of our Workshop of tomorrow) In-Reply-To: <57CF2CA7825F474DACFAEB9EA1ED3A54041B494A@FIESEXC014.nsn-intra.net> References: <28613_1307621045_4DF0B6B5_28613_6689_1_2965f561-b11b-4e6f-8ad9-6fa66ab5f2a6@THSONEA01HUB03P.one.grp> <57CF2CA7825F474DACFAEB9EA1ED3A54041B494A@FIESEXC014.nsn-intra.net> Message-ID: <18277_1307638528_4DF0FB00_18277_4954_1_40078adf-97ae-46f9-b41c-392aae0b6deb@THSONEA01HUB02P.one.grp> Thanks Gabor will update the document at WP8 level accordingly. De : Marton, Gabor (NSN - HU/Budapest) [mailto:gabor.marton at nsn.com] Envoy? : jeudi 9 juin 2011 17:50 ? : BISSON Pascal Cc : Fiware-security at lists.fi-ware.eu; Antonio Garcia Vazquez; TRABELSI, Slim; Seidl, Robert (NSN - DE/Munich); GIDOIN Daniel Objet : RE: FI-ARE - WP8 input to D2.1a (elements to also be provided in view of our Workshop of tomorrow) Dear Pascal and All, please find attached the T8.2 consolidated input to D2.1. Kind regards, G?bor ________________________________ From: ext BISSON Pascal [mailto:pascal.bisson at thalesgroup.com] Sent: Thursday, June 09, 2011 2:04 PM To: Antonio Garcia Vazquez; TRABELSI, Slim; Seidl, Robert (NSN - DE/Munich); Marton, Gabor (NSN - HU/Budapest); GIDOIN Daniel Cc: BISSON Pascal Subject: FI-ARE - WP8 input to D2.1a (elements to also be provided in view of our Workshop of tomorrow) Importance: High Message to task leaders preparing their final consolidated input to D2.1a in view of our meeting of tomorrow. Don't forget to include in your input: * Terms and definitions introduced * List of relevant References Start also providing some input to question marks identified and that mapped onto the overall High level security for what concerns your modules. Will come back to this and others at our meeting tomorrow. Best regards, Pascal -------------- next part -------------- An HTML attachment was scrubbed... URL: From xavier.aghina at orange-ftgroup.com Thu Jun 9 18:58:12 2011 From: xavier.aghina at orange-ftgroup.com (xavier.aghina at orange-ftgroup.com) Date: Thu, 9 Jun 2011 18:58:12 +0200 Subject: [Fiware-security] FT Asset 8.2 Message-ID: Dear all Please find attached the description of the one assets from FT regarding 8.2, based of Servery project with comments. Remarks : After a discussions, we can not answer the following generic enabler asset : * Manage your digital identities from your Mobile phone * Erasable past concept to remove personal content from public access Brgds. Xavier Aghina FT/OLNC/RD/MAPS/STT/NDS Responsable du Programme de Recherche Security t?l. 01 45 29 81 59 xavier.aghina at orange-ftgroup.com -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: orange_logo.gif Type: image/gif Size: 1264 bytes Desc: orange_logo.gif URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: ampersand.gif Type: image/gif Size: 1081 bytes Desc: ampersand.gif URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: WP8 Description of the Security Asset v01_SAP_FT.docx Type: application/octet-stream Size: 790402 bytes Desc: WP8 Description of the Security Asset v01_SAP_FT.docx URL: From daniel.gidoin at thalesgroup.com Thu Jun 9 21:46:43 2011 From: daniel.gidoin at thalesgroup.com (GIDOIN Daniel) Date: Thu, 9 Jun 2011 21:46:43 +0200 Subject: [Fiware-security] Input document to D2.1a In-Reply-To: References: <6223_1306334453_4DDD14F5_6223_2761_1_09013cb9-56f9-49e4-80a8-935cf1b1a4e3@THSONEA01HUB01P.one.grp> <4716_1307629764_4DF0D8C3_4716_2680_1_5c875127-ed03-442a-aceb-04c86db14695@THSONEA01HUB06P.one.grp> <14469_1307630859_4DF0DD0B_14469_6887_1_8F1D40232A0E68409E3FC23A30C326620162A4FAA5CE@THSONEA01CMS04P.one.grp> Message-ID: <4716_1307648806_4DF12326_4716_12993_1_8F1D40232A0E68409E3FC23A30C326620162A4FAA910@THSONEA01CMS04P.one.grp> Thank a lot Daniel De : JULIAN PEREZ VILA [mailto:jpv at tid.es] Envoy? : jeudi 9 juin 2011 17:51 ? : GIDOIN Daniel; Fiware-security at lists.fi-ware.eu; Guillaume.Bonfante at loria.fr; jean-Yves.Marion at loria.fr; Olivier Festor; daniel.le-metayer at inrialpes.fr Objet : RE: Input document to D2.1a Dear Daniel, Please see attached our contribution, Kind regards, De: GIDOIN Daniel [mailto:daniel.gidoin at thalesgroup.com] Enviado el: jueves, 09 de junio de 2011 16:48 Para: JULIAN PEREZ VILA; Fiware-security at lists.fi-ware.eu; Guillaume.Bonfante at loria.fr; jean-Yves.Marion at loria.fr; Olivier Festor; daniel.le-metayer at inrialpes.fr Asunto: RE: Input document to D2.1a Dear Julian, thank you for your prompt response. I would like a brief description of the functions mentioned (about 15-20 lines). This description should enable the reader to understand the usefulness of the functions (and sub functions) and the work will be done. Daniel De : JULIAN PEREZ VILA [mailto:jpv at tid.es] Envoy? : jeudi 9 juin 2011 16:35 ? : GIDOIN Daniel; Fiware-security at lists.fi-ware.eu; Guillaume.Bonfante at loria.fr; jean-Yves.Marion at loria.fr; Olivier Festor; daniel.le-metayer at inrialpes.fr Objet : RE: Input document to D2.1a Could you please detail me what you expect from TID, probably I have missed any e-mail. De: fiware-security-bounces at lists.fi-ware.eu [mailto:fiware-security-bounces at lists.fi-ware.eu] En nombre de GIDOIN Daniel Enviado el: jueves, 09 de junio de 2011 16:29 Para: Fiware-security at lists.fi-ware.eu; Guillaume.Bonfante at loria.fr; jean-Yves.Marion at loria.fr; Olivier Festor; daniel.le-metayer at inrialpes.fr Asunto: [Fiware-security] Input document to D2.1a Dear T8.1 partners, Following my mail of May 25, I'm still waiting for your inputs in the chapter 3.1.2.1 "security monitoring". (document "D2.1a" attached) . Thank a lot for sending us your input for tonight, otherwise we will do the work of consolidation in session, tomorrow morning, which is not which is not the best I count on you! In priority (but All willingness are welcome:)): TID: Normalization of heterogeneous events and correlation ATOS: Risk analysis and Business risk evaluation TRT UK: Visualization and reporting INRIA: Digital forensics for evidence Best regard daniel ________________________________ Este mensaje se dirige exclusivamente a su destinatario. Puede consultar nuestra pol?tica de env?o y recepci?n de correo electr?nico en el enlace situado m?s abajo. This message is intended exclusively for its addressee. We only send and receive email on the basis of the terms set out at. http://www.tid.es/ES/PAGINAS/disclaimer.aspx ________________________________ Este mensaje se dirige exclusivamente a su destinatario. Puede consultar nuestra pol?tica de env?o y recepci?n de correo electr?nico en el enlace situado m?s abajo. This message is intended exclusively for its addressee. We only send and receive email on the basis of the terms set out at. http://www.tid.es/ES/PAGINAS/disclaimer.aspx -------------- next part -------------- An HTML attachment was scrubbed... URL: From daniel.gidoin at thalesgroup.com Fri Jun 10 03:10:48 2011 From: daniel.gidoin at thalesgroup.com (GIDOIN Daniel) Date: Fri, 10 Jun 2011 03:10:48 +0200 Subject: [Fiware-security] Input document to D2.1a In-Reply-To: References: <6223_1306334453_4DDD14F5_6223_2761_1_09013cb9-56f9-49e4-80a8-935cf1b1a4e3@THSONEA01HUB01P.one.grp> <4716_1307629764_4DF0D8C3_4716_2680_1_5c875127-ed03-442a-aceb-04c86db14695@THSONEA01HUB06P.one.grp> <14469_1307630859_4DF0DD0B_14469_6887_1_8F1D40232A0E68409E3FC23A30C326620162A4FAA5CE@THSONEA01CMS04P.one.grp> Message-ID: <20478_1307668280_4DF16F38_20478_65_1_f4f91aa9-711a-4077-9736-4f8db462bc9b@THSONEA01HUB03P.one.grp> Dear all, After Julian , I continued to update the document : Chapter 3.1.2.1 Security monitoring: - Functional architecture: completely revised (ppt and visio attached) - Attack penetration modeling: updated - Decision making support: updated - Digital forensic: updated Best regard daniel De : JULIAN PEREZ VILA [mailto:jpv at tid.es] Envoy? : jeudi 9 juin 2011 17:51 ? : GIDOIN Daniel; Fiware-security at lists.fi-ware.eu; Guillaume.Bonfante at loria.fr; jean-Yves.Marion at loria.fr; Olivier Festor; daniel.le-metayer at inrialpes.fr Objet : RE: Input document to D2.1a Dear Daniel, Please see attached our contribution, Kind regards, De: GIDOIN Daniel [mailto:daniel.gidoin at thalesgroup.com] Enviado el: jueves, 09 de junio de 2011 16:48 Para: JULIAN PEREZ VILA; Fiware-security at lists.fi-ware.eu; Guillaume.Bonfante at loria.fr; jean-Yves.Marion at loria.fr; Olivier Festor; daniel.le-metayer at inrialpes.fr Asunto: RE: Input document to D2.1a Dear Julian, thank you for your prompt response. I would like a brief description of the functions mentioned (about 15-20 lines). This description should enable the reader to understand the usefulness of the functions (and sub functions) and the work will be done. Daniel De : JULIAN PEREZ VILA [mailto:jpv at tid.es] Envoy? : jeudi 9 juin 2011 16:35 ? : GIDOIN Daniel; Fiware-security at lists.fi-ware.eu; Guillaume.Bonfante at loria.fr; jean-Yves.Marion at loria.fr; Olivier Festor; daniel.le-metayer at inrialpes.fr Objet : RE: Input document to D2.1a Could you please detail me what you expect from TID, probably I have missed any e-mail. De: fiware-security-bounces at lists.fi-ware.eu [mailto:fiware-security-bounces at lists.fi-ware.eu] En nombre de GIDOIN Daniel Enviado el: jueves, 09 de junio de 2011 16:29 Para: Fiware-security at lists.fi-ware.eu; Guillaume.Bonfante at loria.fr; jean-Yves.Marion at loria.fr; Olivier Festor; daniel.le-metayer at inrialpes.fr Asunto: [Fiware-security] Input document to D2.1a Dear T8.1 partners, Following my mail of May 25, I'm still waiting for your inputs in the chapter 3.1.2.1 "security monitoring". (document "D2.1a" attached) . Thank a lot for sending us your input for tonight, otherwise we will do the work of consolidation in session, tomorrow morning, which is not which is not the best I count on you! In priority (but All willingness are welcome:)): TID: Normalization of heterogeneous events and correlation ATOS: Risk analysis and Business risk evaluation TRT UK: Visualization and reporting INRIA: Digital forensics for evidence Best regard daniel ________________________________ Este mensaje se dirige exclusivamente a su destinatario. Puede consultar nuestra pol?tica de env?o y recepci?n de correo electr?nico en el enlace situado m?s abajo. This message is intended exclusively for its addressee. We only send and receive email on the basis of the terms set out at. http://www.tid.es/ES/PAGINAS/disclaimer.aspx ________________________________ Este mensaje se dirige exclusivamente a su destinatario. Puede consultar nuestra pol?tica de env?o y recepci?n de correo electr?nico en el enlace situado m?s abajo. This message is intended exclusively for its addressee. We only send and receive email on the basis of the terms set out at. http://www.tid.es/ES/PAGINAS/disclaimer.aspx -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: FI-WARE High-Level Description SecurityAT-v0 1 07062011_TRT_TID_Theresis_INPUTS.doc Type: application/msword Size: 1174528 bytes Desc: FI-WARE High-Level Description SecurityAT-v0 1 07062011_TRT_TID_Theresis_INPUTS.doc URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: FI-WARE WP8-architecture- 10 JUNE.ppt Type: application/vnd.ms-powerpoint Size: 233984 bytes Desc: FI-WARE WP8-architecture- 10 JUNE.ppt URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: PPP-Task 8-1-Security-monitoring-v2.vsd Type: application/vnd.visio Size: 125952 bytes Desc: PPP-Task 8-1-Security-monitoring-v2.vsd URL: From daniel.gidoin at thalesgroup.com Fri Jun 10 04:14:53 2011 From: daniel.gidoin at thalesgroup.com (GIDOIN Daniel) Date: Fri, 10 Jun 2011 04:14:53 +0200 Subject: [Fiware-security] FI-WARE - Security - Assets 8.1 - compilations In-Reply-To: References: Message-ID: <30998_1307672106_4DF17E2A_30998_890_1_f90cd81b-6bdb-46b4-9eb3-d87a39b840e6@THSONEA01HUB02P.one.grp> Dear all, Please find attached the compilation of assets regarding 8.1 Best regards Daniel -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: WP8 Description of the Security 8.1 Assets.doc Type: application/msword Size: 444928 bytes Desc: WP8 Description of the Security 8.1 Assets.doc URL: From daniel.gidoin at thalesgroup.com Fri Jun 10 09:50:27 2011 From: daniel.gidoin at thalesgroup.com (GIDOIN Daniel) Date: Fri, 10 Jun 2011 09:50:27 +0200 Subject: [Fiware-security] FI-WARE - Security - Assets 8.1 - compilations References: Message-ID: <30998_1307692237_4DF1CCCD_30998_8526_1_0071a15c-df92-4ec7-92ef-84146d18a024@THSONEA01HUB03P.one.grp> Dear all, Please find attached a new compilation of assets regarding 8.1 Best regards Daniel -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: WP8 Description of the Security 8.1-v2 Assets.doc Type: application/msword Size: 602624 bytes Desc: WP8 Description of the Security 8.1-v2 Assets.doc URL: From robert.seidl at nsn.com Fri Jun 10 10:40:03 2011 From: robert.seidl at nsn.com (Seidl, Robert (NSN - DE/Munich)) Date: Fri, 10 Jun 2011 10:40:03 +0200 Subject: [Fiware-security] FI-WARE - WP8 - T8.2 partner assets-->partner contribution needed In-Reply-To: <70B7C2744D52BB4282F0E0D3DC965E0C04EEDA7F@DEMUEXC006.nsn-intra.net> References: <70B7C2744D52BB4282F0E0D3DC965E0C04E6A032@DEMUEXC006.nsn-intra.net> <70B7C2744D52BB4282F0E0D3DC965E0C04EEDA7F@DEMUEXC006.nsn-intra.net> Message-ID: <70B7C2744D52BB4282F0E0D3DC965E0C04F280FA@DEMUEXC006.nsn-intra.net> Hi, here the latest status update regarding assets for T8.2 as input for your meeting in Paris. Still missing (marked in yellow in the attached document): Thales: should I delete the additional mentioned assets (see document)? DT: should I delete the additional mentioned asset (one remaining, will be clarified latest by end of the week by Wolfgang) Greetings Robert ________________________________ From: fiware-security-bounces at lists.fi-ware.eu [mailto:fiware-security-bounces at lists.fi-ware.eu] On Behalf Of Seidl, Robert (NSN - DE/Munich) Sent: Wednesday, June 08, 2011 5:06 PM To: Fiware-security at lists.fi-ware.eu; xavier.aghina at orange-ftgroup.com; Wolfgang.Steigerwald at telekom.de Subject: Re: [Fiware-security] FI-WARE - WP8 - T8.2 partner assets-->partner contribution needed Hi, just one more status update: Still missing: Thales: should I delete the additional mentioned assets (see document)? Orange: no input so far, please Xavier provide the input for Orange DT: should I delete the additional mentioned asset (one remaining, will be clarified latest by end of the week by Wolfgang) Please find the newest version attached. Greetings Robert ________________________________ From: fiware-security-bounces at lists.fi-ware.eu [mailto:fiware-security-bounces at lists.fi-ware.eu] On Behalf Of Seidl, Robert (NSN - DE/Munich) Sent: Monday, June 06, 2011 8:51 AM To: Fiware-security at lists.fi-ware.eu Subject: Re: [Fiware-security] FI-WARE - WP8 - T8.2 partner assets -->partner contribution needed Dear partners, please find attached the newest version for T8.2 assets based on the inputs I received so far. Still missing: Thales: should I delete the additional mentioned assets (see document)? Orange: no input so far INIRA: input received, please adapt your input to the format used in the document (mentioning Maturity, IPR, Enablers, ...) DT: should I delete the additional mentioned assets (see document)? Many thanks in advance Robert ________________________________ From: Seidl, Robert (NSN - DE/Munich) Sent: Friday, June 03, 2011 11:03 AM To: 'Fiware-security at lists.fi-ware.eu' Subject: RE: FI-WARE - WP8 - T8.2 partner assets --> partner contribution needed Hi all, please find attached the newest version of the partner assets of task T8.2. Missing input from following partners: Thales: should I delete the additional mentioned assets (see document)? Orange: no input so far INIRA: no input so far Please provide the missing input. Greetings and have a nice weekend Robert ________________________________ From: Seidl, Robert (NSN - DE/Munich) Sent: Wednesday, June 01, 2011 9:41 AM To: Fiware-security at lists.fi-ware.eu Subject: FW: FI-WARE - WP8 - T8.2 partner assets --> partner contribution needed Hi all, this is just to remind all of you, who have not done so far, to contribute your detailed asset description to the attached document for task 8.2. Deadline is end of this week. Greetings Robert ________________________________ From: ext TRABELSI, Slim [mailto:slim.trabelsi at sap.com] Sent: Tuesday, May 31, 2011 10:43 AM To: Seidl, Robert (NSN - DE/Munich) Cc: Fiware-security at lists.fi-ware.eu Subject: RE: FI-WARE - WP8 - T8.2 partner assets --> partner contribution needed Hi Robert, You can find the description asset of SAP. This asset is strongly related to IBM's one, since one compoenent is designed and developed by IBM (Credential Handler). SAP and IBM assets will work together for delivering the PPL engine asset with the Credential and IDMix capabilities. Thank you Regards Slim From: Seidl, Robert (NSN - DE/Munich) [mailto:robert.seidl at nsn.com] Sent: jeudi 26 mai 2011 18:12 To: ext BISSON Pascal; Fiware-security at lists.fi-ware.eu Cc: Marton, Gabor (NSN - HU/Budapest); Antonio Garcia Vazquez; Pedro Soria Rodriguez; TRABELSI, Slim; Schaad, Andreas; Michael Osborne; SIEUX Corinne; Philippe.LELEU at fr.thalesgroup.com; GIDOIN Daniel; EGAN Richard Subject: FI-WARE - WP8 - T8.2 partner assets --> partner contribution needed Hi WP8, we need to collect all the assets from each partner (to be provided in template form). I collected the input I received so far and included as well the input I collected during our physical meeting in Madrid. Still some input is missing and also some detailed descriptons according to our template. To be concrete follwing is missing or at least to be checked if the asset is still valid: SAP IBM Thales Orange DTAG INRIA It would be nice if you could provide the missing input as soon as possible. Greetings Robert -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: WP8 Description of the Security Asset v05.docx Type: application/octet-stream Size: 1850879 bytes Desc: WP8 Description of the Security Asset v05.docx URL: From pascal.bisson at thalesgroup.com Fri Jun 10 14:58:37 2011 From: pascal.bisson at thalesgroup.com (BISSON Pascal) Date: Fri, 10 Jun 2011 14:58:37 +0200 Subject: [Fiware-security] FI-WARE - WP8 - T8.2 partner assets-->partner contribution needed In-Reply-To: <70B7C2744D52BB4282F0E0D3DC965E0C04F280FA@DEMUEXC006.nsn-intra.net> References: <70B7C2744D52BB4282F0E0D3DC965E0C04E6A032@DEMUEXC006.nsn-intra.net> <70B7C2744D52BB4282F0E0D3DC965E0C04EEDA7F@DEMUEXC006.nsn-intra.net> <70B7C2744D52BB4282F0E0D3DC965E0C04F280FA@DEMUEXC006.nsn-intra.net> Message-ID: <16991_1307710718_4DF214FE_16991_5015_1_d8075b7f-6ddb-4062-a059-0ddd07cfd991@THSONEA01HUB03P.one.grp> Robert, >From our Thales side here are the answers: Leave the asset called "location authentication algorithms" since it has been decided to have it moved to WP6 as announced. PERMIS asset : to be kept (I or Daniel in cc will send you asap the missing description) Regards, Pascal De : fiware-security-bounces at lists.fi-ware.eu [mailto:fiware-security-bounces at lists.fi-ware.eu] De la part de Seidl, Robert (NSN - DE/Munich) Envoy? : vendredi 10 juin 2011 10:40 ? : Fiware-security at lists.fi-ware.eu; Wolfgang.Steigerwald at telekom.de Objet : Re: [Fiware-security] FI-WARE - WP8 - T8.2 partner assets-->partner contribution needed Hi, here the latest status update regarding assets for T8.2 as input for your meeting in Paris. Still missing (marked in yellow in the attached document): Thales: should I delete the additional mentioned assets (see document)? DT: should I delete the additional mentioned asset (one remaining, will be clarified latest by end of the week by Wolfgang) Greetings Robert ________________________________ From: fiware-security-bounces at lists.fi-ware.eu [mailto:fiware-security-bounces at lists.fi-ware.eu] On Behalf Of Seidl, Robert (NSN - DE/Munich) Sent: Wednesday, June 08, 2011 5:06 PM To: Fiware-security at lists.fi-ware.eu; xavier.aghina at orange-ftgroup.com; Wolfgang.Steigerwald at telekom.de Subject: Re: [Fiware-security] FI-WARE - WP8 - T8.2 partner assets-->partner contribution needed Hi, just one more status update: Still missing: Thales: should I delete the additional mentioned assets (see document)? Orange: no input so far, please Xavier provide the input for Orange DT: should I delete the additional mentioned asset (one remaining, will be clarified latest by end of the week by Wolfgang) Please find the newest version attached. Greetings Robert ________________________________ From: fiware-security-bounces at lists.fi-ware.eu [mailto:fiware-security-bounces at lists.fi-ware.eu] On Behalf Of Seidl, Robert (NSN - DE/Munich) Sent: Monday, June 06, 2011 8:51 AM To: Fiware-security at lists.fi-ware.eu Subject: Re: [Fiware-security] FI-WARE - WP8 - T8.2 partner assets -->partner contribution needed Dear partners, please find attached the newest version for T8.2 assets based on the inputs I received so far. Still missing: Thales: should I delete the additional mentioned assets (see document)? Orange: no input so far INIRA: input received, please adapt your input to the format used in the document (mentioning Maturity, IPR, Enablers, ...) DT: should I delete the additional mentioned assets (see document)? Many thanks in advance Robert ________________________________ From: Seidl, Robert (NSN - DE/Munich) Sent: Friday, June 03, 2011 11:03 AM To: 'Fiware-security at lists.fi-ware.eu' Subject: RE: FI-WARE - WP8 - T8.2 partner assets --> partner contribution needed Hi all, please find attached the newest version of the partner assets of task T8.2. Missing input from following partners: Thales: should I delete the additional mentioned assets (see document)? Orange: no input so far INIRA: no input so far Please provide the missing input. Greetings and have a nice weekend Robert ________________________________ From: Seidl, Robert (NSN - DE/Munich) Sent: Wednesday, June 01, 2011 9:41 AM To: Fiware-security at lists.fi-ware.eu Subject: FW: FI-WARE - WP8 - T8.2 partner assets --> partner contribution needed Hi all, this is just to remind all of you, who have not done so far, to contribute your detailed asset description to the attached document for task 8.2. Deadline is end of this week. Greetings Robert ________________________________ From: ext TRABELSI, Slim [mailto:slim.trabelsi at sap.com] Sent: Tuesday, May 31, 2011 10:43 AM To: Seidl, Robert (NSN - DE/Munich) Cc: Fiware-security at lists.fi-ware.eu Subject: RE: FI-WARE - WP8 - T8.2 partner assets --> partner contribution needed Hi Robert, You can find the description asset of SAP. This asset is strongly related to IBM's one, since one compoenent is designed and developed by IBM (Credential Handler). SAP and IBM assets will work together for delivering the PPL engine asset with the Credential and IDMix capabilities. Thank you Regards Slim From: Seidl, Robert (NSN - DE/Munich) [mailto:robert.seidl at nsn.com] Sent: jeudi 26 mai 2011 18:12 To: ext BISSON Pascal; Fiware-security at lists.fi-ware.eu Cc: Marton, Gabor (NSN - HU/Budapest); Antonio Garcia Vazquez; Pedro Soria Rodriguez; TRABELSI, Slim; Schaad, Andreas; Michael Osborne; SIEUX Corinne; Philippe.LELEU at fr.thalesgroup.com; GIDOIN Daniel; EGAN Richard Subject: FI-WARE - WP8 - T8.2 partner assets --> partner contribution needed Hi WP8, we need to collect all the assets from each partner (to be provided in template form). I collected the input I received so far and included as well the input I collected during our physical meeting in Madrid. Still some input is missing and also some detailed descriptons according to our template. To be concrete follwing is missing or at least to be checked if the asset is still valid: SAP IBM Thales Orange DTAG INRIA It would be nice if you could provide the missing input as soon as possible. Greetings Robert -------------- next part -------------- An HTML attachment was scrubbed... URL: From pascal.bisson at thalesgroup.com Fri Jun 10 16:25:05 2011 From: pascal.bisson at thalesgroup.com (BISSON Pascal) Date: Fri, 10 Jun 2011 16:25:05 +0200 Subject: [Fiware-security] FI-WARE - WP8 - WP6 input document to D2.1a for your review Message-ID: <16991_1307715915_4DF2294B_16991_9327_1_CBBCD6C304123F4AB23FAAE3055C8C0E02014A92B2FC@THSONEA01CMS04P.one.grp> Dear All, As a follow-up of our today's meeting please find attached to this email the WP6 input document to D2.1a I would ask you to read and comment in order to raise security issues we can derive from it as WP8 Security WP. Would appreciate your feedback by next Thursady end of business. Thales & ATOS will consolidate the feedback to answer WP6 demand. Thanks in advance for your cooperation. Regards, Pascal -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: FI-WARE_High-Level_Description_11-06-1 Data-Context Management v1.0 11-06-01.doc Type: application/msword Size: 2913792 bytes Desc: FI-WARE_High-Level_Description_11-06-1 Data-Context Management v1.0 11-06-01.doc URL: From gabor.marton at nsn.com Fri Jun 10 18:38:44 2011 From: gabor.marton at nsn.com (Marton, Gabor (NSN - HU/Budapest)) Date: Fri, 10 Jun 2011 19:38:44 +0300 Subject: [Fiware-security] Updated contribution from T8.2 to D2.1a In-Reply-To: <30901_1307712858_4DF21D5A_30901_8991_1_CBBCD6C304123F4AB23FAAE3055C8C0E02014A92B129@THSONEA01CMS04P.one.grp> References: <30901_1307712858_4DF21D5A_30901_8991_1_CBBCD6C304123F4AB23FAAE3055C8C0E02014A92B129@THSONEA01CMS04P.one.grp> Message-ID: <57CF2CA7825F474DACFAEB9EA1ED3A54041B50D9@FIESEXC014.nsn-intra.net> Hi Pascal, please find attached the updated version of our previous T8.2 contribution document. N.B.: I moved back the basic privacy protection mechanism into the IdM core enabler, so we have now only 2 enahanced priv & trust enabler. This is a more correct formulation as it better reflects our available assets (IdM core = NSN's asset). I had to stop the work now, so unfortunately I have some backlog: * no question marks about audit yet * no discussion yet on this topic: For what concerns Trust in the context of T8.2 talk to both SAP (based on proposals made) and INIRIA (Daniel Le Metayer) to give some directions on how Trust would be addressed this together in view of assets related to Trust (Prime Life Privacy Engine, IBM/ Reputation Engine/reputation model SAP as first and second INIRIA asset on accountability - talk here to both SAP and INRIA). * TBD in terms and definitions Kind regards, G?bor ________________________________ From: ext BISSON Pascal [mailto:pascal.bisson at thalesgroup.com] Sent: Friday, June 10, 2011 3:34 PM To: Marton, Gabor (NSN - HU/Budapest) Cc: Seidl, Robert (NSN - DE/Munich) Subject: FI-WARE - T8.3 (follow-up of our audio conf of today) Importance: High Hi Gabor, Find attached to this email the working document object our redrafting of today with some comments for you to redraft it (see my comments in the text in cyan blue) according to what we discussed at this audio conf of this morning. Hope it helps you to do/check your redrafting. Best Regards, Pascal -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: FI-WARE High-Level Description 25-05-11 v0 1-SecurityAT-T8.2_NSN_SAP_IBM_v2.doc Type: application/msword Size: 486912 bytes Desc: FI-WARE High-Level Description 25-05-11 v0 1-SecurityAT-T8.2_NSN_SAP_IBM_v2.doc URL: From slim.trabelsi at sap.com Sun Jun 12 18:35:54 2011 From: slim.trabelsi at sap.com (TRABELSI, Slim) Date: Sun, 12 Jun 2011 18:35:54 +0200 Subject: [Fiware-security] Fi-ware High Level Description of the Optional Security Service enabler Message-ID: Hi Pascal, I've updated the task8.4 contribution according to the comments and recommendation that I had during the last F2F meeting. Thank you Regards Slim ===================================== Dr Slim Trabelsi Researcher Security & Trust SAP Labs France 805, Avenue du Docteur Maurice Donat BP 1216 - 06254 Mougins Cedex, France T +33 4 9228 6345 M + 33 6 98 32 69 14 www.sap.com -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: FI-WARE High-Level Description SecurityAT-v0 3_commented.doc Type: application/msword Size: 1608704 bytes Desc: FI-WARE High-Level Description SecurityAT-v0 3_commented.doc URL: From robert.seidl at nsn.com Sun Jun 12 22:54:50 2011 From: robert.seidl at nsn.com (Seidl, Robert (NSN - DE/Munich)) Date: Sun, 12 Jun 2011 22:54:50 +0200 Subject: [Fiware-security] FI-WARE - WP8 - T8.2 partner assets-->partner contribution needed References: <70B7C2744D52BB4282F0E0D3DC965E0C04E6A032@DEMUEXC006.nsn-intra.net> <70B7C2744D52BB4282F0E0D3DC965E0C04EEDA7F@DEMUEXC006.nsn-intra.net> Message-ID: <70B7C2744D52BB4282F0E0D3DC965E0C04F28622@DEMUEXC006.nsn-intra.net> Hi, before my vacation please find attached the latest version of the T8.2 assets. Still AI for Thales and Deutsche Telekom. Gabor will step in for me during my holiday. Greetings Robert ________________________________ From: Seidl, Robert (NSN - DE/Munich) Sent: Friday, June 10, 2011 10:40 AM To: Fiware-security at lists.fi-ware.eu; Wolfgang.Steigerwald at telekom.de Subject: RE: [Fiware-security] FI-WARE - WP8 - T8.2 partner assets-->partner contribution needed Hi, here the latest status update regarding assets for T8.2 as input for your meeting in Paris. Still missing (marked in yellow in the attached document): Thales: should I delete the additional mentioned assets (see document)? DT: should I delete the additional mentioned asset (one remaining, will be clarified latest by end of the week by Wolfgang) Greetings Robert ________________________________ From: fiware-security-bounces at lists.fi-ware.eu [mailto:fiware-security-bounces at lists.fi-ware.eu] On Behalf Of Seidl, Robert (NSN - DE/Munich) Sent: Wednesday, June 08, 2011 5:06 PM To: Fiware-security at lists.fi-ware.eu; xavier.aghina at orange-ftgroup.com; Wolfgang.Steigerwald at telekom.de Subject: Re: [Fiware-security] FI-WARE - WP8 - T8.2 partner assets-->partner contribution needed Hi, just one more status update: Still missing: Thales: should I delete the additional mentioned assets (see document)? Orange: no input so far, please Xavier provide the input for Orange DT: should I delete the additional mentioned asset (one remaining, will be clarified latest by end of the week by Wolfgang) Please find the newest version attached. Greetings Robert ________________________________ From: fiware-security-bounces at lists.fi-ware.eu [mailto:fiware-security-bounces at lists.fi-ware.eu] On Behalf Of Seidl, Robert (NSN - DE/Munich) Sent: Monday, June 06, 2011 8:51 AM To: Fiware-security at lists.fi-ware.eu Subject: Re: [Fiware-security] FI-WARE - WP8 - T8.2 partner assets -->partner contribution needed Dear partners, please find attached the newest version for T8.2 assets based on the inputs I received so far. Still missing: Thales: should I delete the additional mentioned assets (see document)? Orange: no input so far INIRA: input received, please adapt your input to the format used in the document (mentioning Maturity, IPR, Enablers, ...) DT: should I delete the additional mentioned assets (see document)? Many thanks in advance Robert ________________________________ From: Seidl, Robert (NSN - DE/Munich) Sent: Friday, June 03, 2011 11:03 AM To: 'Fiware-security at lists.fi-ware.eu' Subject: RE: FI-WARE - WP8 - T8.2 partner assets --> partner contribution needed Hi all, please find attached the newest version of the partner assets of task T8.2. Missing input from following partners: Thales: should I delete the additional mentioned assets (see document)? Orange: no input so far INIRA: no input so far Please provide the missing input. Greetings and have a nice weekend Robert ________________________________ From: Seidl, Robert (NSN - DE/Munich) Sent: Wednesday, June 01, 2011 9:41 AM To: Fiware-security at lists.fi-ware.eu Subject: FW: FI-WARE - WP8 - T8.2 partner assets --> partner contribution needed Hi all, this is just to remind all of you, who have not done so far, to contribute your detailed asset description to the attached document for task 8.2. Deadline is end of this week. Greetings Robert ________________________________ From: ext TRABELSI, Slim [mailto:slim.trabelsi at sap.com] Sent: Tuesday, May 31, 2011 10:43 AM To: Seidl, Robert (NSN - DE/Munich) Cc: Fiware-security at lists.fi-ware.eu Subject: RE: FI-WARE - WP8 - T8.2 partner assets --> partner contribution needed Hi Robert, You can find the description asset of SAP. This asset is strongly related to IBM's one, since one compoenent is designed and developed by IBM (Credential Handler). SAP and IBM assets will work together for delivering the PPL engine asset with the Credential and IDMix capabilities. Thank you Regards Slim From: Seidl, Robert (NSN - DE/Munich) [mailto:robert.seidl at nsn.com] Sent: jeudi 26 mai 2011 18:12 To: ext BISSON Pascal; Fiware-security at lists.fi-ware.eu Cc: Marton, Gabor (NSN - HU/Budapest); Antonio Garcia Vazquez; Pedro Soria Rodriguez; TRABELSI, Slim; Schaad, Andreas; Michael Osborne; SIEUX Corinne; Philippe.LELEU at fr.thalesgroup.com; GIDOIN Daniel; EGAN Richard Subject: FI-WARE - WP8 - T8.2 partner assets --> partner contribution needed Hi WP8, we need to collect all the assets from each partner (to be provided in template form). I collected the input I received so far and included as well the input I collected during our physical meeting in Madrid. Still some input is missing and also some detailed descriptons according to our template. To be concrete follwing is missing or at least to be checked if the asset is still valid: SAP IBM Thales Orange DTAG INRIA It would be nice if you could provide the missing input as soon as possible. Greetings Robert -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: WP8 Description of the Security Asset v06.docx Type: application/octet-stream Size: 1850678 bytes Desc: WP8 Description of the Security Asset v06.docx URL: From pascal.bisson at thalesgroup.com Mon Jun 13 09:47:33 2011 From: pascal.bisson at thalesgroup.com (BISSON Pascal) Date: Mon, 13 Jun 2011 09:47:33 +0200 Subject: [Fiware-security] Updated contribution from T8.2 to D2.1a In-Reply-To: <57CF2CA7825F474DACFAEB9EA1ED3A54041B50D9@FIESEXC014.nsn-intra.net> References: <30901_1307712858_4DF21D5A_30901_8991_1_CBBCD6C304123F4AB23FAAE3055C8C0E02014A92B129@THSONEA01CMS04P.one.grp> <57CF2CA7825F474DACFAEB9EA1ED3A54041B50D9@FIESEXC014.nsn-intra.net> Message-ID: <16434_1307951255_4DF5C097_16434_1045_1_CBBCD6C304123F4AB23FAAE3055C8C0E02014AA2F4BF@THSONEA01CMS04P.one.grp> Thanks Gabor. Deadline was set today at lunch time for each of the task leader to provide me with their updated contrib. based on outcomes of the meeting we had on Friday regarding finalization of WP8 input document to D2.1a. As such I will put under the repository today EOB the document assembled with each and every finalized input. Regards, Pascal De : Marton, Gabor (NSN - HU/Budapest) [mailto:gabor.marton at nsn.com] Envoy? : vendredi 10 juin 2011 18:39 ? : BISSON Pascal Cc : Seidl, Robert (NSN - DE/Munich); Fiware-security at lists.fi-ware.eu Objet : Updated contribution from T8.2 to D2.1a Hi Pascal, please find attached the updated version of our previous T8.2 contribution document. N.B.: I moved back the basic privacy protection mechanism into the IdM core enabler, so we have now only 2 enahanced priv & trust enabler. This is a more correct formulation as it better reflects our available assets (IdM core = NSN's asset). I had to stop the work now, so unfortunately I have some backlog: * no question marks about audit yet * no discussion yet on this topic: For what concerns Trust in the context of T8.2 talk to both SAP (based on proposals made) and INIRIA (Daniel Le Metayer) to give some directions on how Trust would be addressed this together in view of assets related to Trust (Prime Life Privacy Engine, IBM/ Reputation Engine/reputation model SAP as first and second INIRIA asset on accountability - talk here to both SAP and INRIA). * TBD in terms and definitions Kind regards, G?bor ________________________________ From: ext BISSON Pascal [mailto:pascal.bisson at thalesgroup.com] Sent: Friday, June 10, 2011 3:34 PM To: Marton, Gabor (NSN - HU/Budapest) Cc: Seidl, Robert (NSN - DE/Munich) Subject: FI-WARE - T8.3 (follow-up of our audio conf of today) Importance: High Hi Gabor, Find attached to this email the working document object our redrafting of today with some comments for you to redraft it (see my comments in the text in cyan blue) according to what we discussed at this audio conf of this morning. Hope it helps you to do/check your redrafting. Best Regards, Pascal -------------- next part -------------- An HTML attachment was scrubbed... URL: From pascal.bisson at thalesgroup.com Mon Jun 13 09:52:20 2011 From: pascal.bisson at thalesgroup.com (BISSON Pascal) Date: Mon, 13 Jun 2011 09:52:20 +0200 Subject: [Fiware-security] FI-WARE - WP8 - T8.2 partner assets-->partner contribution needed In-Reply-To: <70B7C2744D52BB4282F0E0D3DC965E0C04F28622@DEMUEXC006.nsn-intra.net> References: <70B7C2744D52BB4282F0E0D3DC965E0C04E6A032@DEMUEXC006.nsn-intra.net> <70B7C2744D52BB4282F0E0D3DC965E0C04EEDA7F@DEMUEXC006.nsn-intra.net> <70B7C2744D52BB4282F0E0D3DC965E0C04F28622@DEMUEXC006.nsn-intra.net> Message-ID: <16527_1307951542_4DF5C1B6_16527_9658_1_CBBCD6C304123F4AB23FAAE3055C8C0E02014AA2F4DA@THSONEA01CMS04P.one.grp> Thanks Robert. Will take action with Daniel on last AI for Thales (PERMIS asset description). Regards, Pascal PS: Enjoy your Holidays De : fiware-security-bounces at lists.fi-ware.eu [mailto:fiware-security-bounces at lists.fi-ware.eu] De la part de Seidl, Robert (NSN - DE/Munich) Envoy? : dimanche 12 juin 2011 22:55 ? : Fiware-security at lists.fi-ware.eu Objet : Re: [Fiware-security] FI-WARE - WP8 - T8.2 partner assets-->partner contribution needed Hi, before my vacation please find attached the latest version of the T8.2 assets. Still AI for Thales and Deutsche Telekom. Gabor will step in for me during my holiday. Greetings Robert ________________________________ From: Seidl, Robert (NSN - DE/Munich) Sent: Friday, June 10, 2011 10:40 AM To: Fiware-security at lists.fi-ware.eu; Wolfgang.Steigerwald at telekom.de Subject: RE: [Fiware-security] FI-WARE - WP8 - T8.2 partner assets-->partner contribution needed Hi, here the latest status update regarding assets for T8.2 as input for your meeting in Paris. Still missing (marked in yellow in the attached document): Thales: should I delete the additional mentioned assets (see document)? DT: should I delete the additional mentioned asset (one remaining, will be clarified latest by end of the week by Wolfgang) Greetings Robert ________________________________ From: fiware-security-bounces at lists.fi-ware.eu [mailto:fiware-security-bounces at lists.fi-ware.eu] On Behalf Of Seidl, Robert (NSN - DE/Munich) Sent: Wednesday, June 08, 2011 5:06 PM To: Fiware-security at lists.fi-ware.eu; xavier.aghina at orange-ftgroup.com; Wolfgang.Steigerwald at telekom.de Subject: Re: [Fiware-security] FI-WARE - WP8 - T8.2 partner assets-->partner contribution needed Hi, just one more status update: Still missing: Thales: should I delete the additional mentioned assets (see document)? Orange: no input so far, please Xavier provide the input for Orange DT: should I delete the additional mentioned asset (one remaining, will be clarified latest by end of the week by Wolfgang) Please find the newest version attached. Greetings Robert ________________________________ From: fiware-security-bounces at lists.fi-ware.eu [mailto:fiware-security-bounces at lists.fi-ware.eu] On Behalf Of Seidl, Robert (NSN - DE/Munich) Sent: Monday, June 06, 2011 8:51 AM To: Fiware-security at lists.fi-ware.eu Subject: Re: [Fiware-security] FI-WARE - WP8 - T8.2 partner assets -->partner contribution needed Dear partners, please find attached the newest version for T8.2 assets based on the inputs I received so far. Still missing: Thales: should I delete the additional mentioned assets (see document)? Orange: no input so far INIRA: input received, please adapt your input to the format used in the document (mentioning Maturity, IPR, Enablers, ...) DT: should I delete the additional mentioned assets (see document)? Many thanks in advance Robert ________________________________ From: Seidl, Robert (NSN - DE/Munich) Sent: Friday, June 03, 2011 11:03 AM To: 'Fiware-security at lists.fi-ware.eu' Subject: RE: FI-WARE - WP8 - T8.2 partner assets --> partner contribution needed Hi all, please find attached the newest version of the partner assets of task T8.2. Missing input from following partners: Thales: should I delete the additional mentioned assets (see document)? Orange: no input so far INIRA: no input so far Please provide the missing input. Greetings and have a nice weekend Robert ________________________________ From: Seidl, Robert (NSN - DE/Munich) Sent: Wednesday, June 01, 2011 9:41 AM To: Fiware-security at lists.fi-ware.eu Subject: FW: FI-WARE - WP8 - T8.2 partner assets --> partner contribution needed Hi all, this is just to remind all of you, who have not done so far, to contribute your detailed asset description to the attached document for task 8.2. Deadline is end of this week. Greetings Robert ________________________________ From: ext TRABELSI, Slim [mailto:slim.trabelsi at sap.com] Sent: Tuesday, May 31, 2011 10:43 AM To: Seidl, Robert (NSN - DE/Munich) Cc: Fiware-security at lists.fi-ware.eu Subject: RE: FI-WARE - WP8 - T8.2 partner assets --> partner contribution needed Hi Robert, You can find the description asset of SAP. This asset is strongly related to IBM's one, since one compoenent is designed and developed by IBM (Credential Handler). SAP and IBM assets will work together for delivering the PPL engine asset with the Credential and IDMix capabilities. Thank you Regards Slim From: Seidl, Robert (NSN - DE/Munich) [mailto:robert.seidl at nsn.com] Sent: jeudi 26 mai 2011 18:12 To: ext BISSON Pascal; Fiware-security at lists.fi-ware.eu Cc: Marton, Gabor (NSN - HU/Budapest); Antonio Garcia Vazquez; Pedro Soria Rodriguez; TRABELSI, Slim; Schaad, Andreas; Michael Osborne; SIEUX Corinne; Philippe.LELEU at fr.thalesgroup.com; GIDOIN Daniel; EGAN Richard Subject: FI-WARE - WP8 - T8.2 partner assets --> partner contribution needed Hi WP8, we need to collect all the assets from each partner (to be provided in template form). I collected the input I received so far and included as well the input I collected during our physical meeting in Madrid. Still some input is missing and also some detailed descriptons according to our template. To be concrete follwing is missing or at least to be checked if the asset is still valid: SAP IBM Thales Orange DTAG INRIA It would be nice if you could provide the missing input as soon as possible. Greetings Robert -------------- next part -------------- An HTML attachment was scrubbed... URL: From antonio.garcia at atosresearch.eu Mon Jun 13 11:26:19 2011 From: antonio.garcia at atosresearch.eu (Antonio Garcia Vazquez) Date: Mon, 13 Jun 2011 11:26:19 +0200 Subject: [Fiware-security] FI-WARE WP 8.3 month 2 doc. Message-ID: <0385F69C47D8694EA885D34BE18BCCC402EB5D6B@INTMAIL02.es.int.atosorigin.com> Good Morning Here the latest document from Task 8.3. with the contributions from our meeting in Paris Regards ************************************ * Antonio Garc?a V?zquez * * (+34) 91 214 9384 * * antonio.garcia at atosresearch.eu * ************************************ ------------------------------------------------------------------ This e-mail and the documents attached are confidential and intended solely for the addressee; it may also be privileged. If you receive this e-mail in error, please notify the sender immediately and destroy it. As its integrity cannot be secured on the Internet, the Atos Origin group liability cannot be triggered for the message content. Although the sender endeavours to maintain a computer virus-free network, the sender does not warrant that this transmission is virus-free and will not be liable for any damages resulting from any virus transmitted. Este mensaje y los ficheros adjuntos pueden contener informacion confidencial destinada solamente a la(s) persona(s) mencionadas anteriormente pueden estar protegidos por secreto profesional. Si usted recibe este correo electronico por error, gracias por informar inmediatamente al remitente y destruir el mensaje. Al no estar asegurada la integridad de este mensaje sobre la red, Atos Origin no se hace responsable por su contenido. Su contenido no constituye ningun compromiso para el grupo Atos Origin, salvo ratificacion escrita por ambas partes. Aunque se esfuerza al maximo por mantener su red libre de virus, el emisor no puede garantizar nada al respecto y no sera responsable de cualesquiera danos que puedan resultar de una transmision de virus. ------------------------------------------------------------------ -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: Input Document D21.a WP8.3.zip Type: application/x-zip-compressed Size: 72840 bytes Desc: Input Document D21.a WP8.3.zip URL: From pascal.bisson at thalesgroup.com Mon Jun 13 11:34:03 2011 From: pascal.bisson at thalesgroup.com (BISSON Pascal) Date: Mon, 13 Jun 2011 11:34:03 +0200 Subject: [Fiware-security] FI-WARE WP 8.3 month 2 doc. In-Reply-To: <0385F69C47D8694EA885D34BE18BCCC402EB5D6B@INTMAIL02.es.int.atosorigin.com> References: <0385F69C47D8694EA885D34BE18BCCC402EB5D6B@INTMAIL02.es.int.atosorigin.com> Message-ID: <28180_1307957644_4DF5D98C_28180_14376_1_CBBCD6C304123F4AB23FAAE3055C8C0E02014AA2F76E@THSONEA01CMS04P.one.grp> Thanks Antonio. Waiting for Robert/Gabor, Slim and Daniel to send me their redrafted GE descriptions following what we discussed on Friday. Regards, Pascal De : fiware-security-bounces at lists.fi-ware.eu [mailto:fiware-security-bounces at lists.fi-ware.eu] De la part de Antonio Garcia Vazquez Envoy? : lundi 13 juin 2011 11:26 ? : Fiware-security at lists.fi-ware.eu Objet : [Fiware-security] FI-WARE WP 8.3 month 2 doc. Good Morning Here the latest document from Task 8.3. with the contributions from our meeting in Paris Regards ************************************ * Antonio Garc?a V?zquez * * (+34) 91 214 9384 * * antonio.garcia at atosresearch.eu * ************************************ ------------------------------------------------------------------ This e-mail and the documents attached are confidential and intended solely for the addressee; it may also be privileged. If you receive this e-mail in error, please notify the sender immediately and destroy it. As its integrity cannot be secured on the Internet, the Atos Origin group liability cannot be triggered for the message content. Although the sender endeavours to maintain a computer virus-free network, the sender does not warrant that this transmission is virus-free and will not be liable for any damages resulting from any virus transmitted. Este mensaje y los ficheros adjuntos pueden contener informacion confidencial destinada solamente a la(s) persona(s) mencionadas anteriormente pueden estar protegidos por secreto profesional. Si usted recibe este correo electronico por error, gracias por informar inmediatamente al remitente y destruir el mensaje. Al no estar asegurada la integridad de este mensaje sobre la red, Atos Origin no se hace responsable por su contenido. Su contenido no constituye ningun compromiso para el grupo Atos Origin, salvo ratificacion escrita por ambas partes. Aunque se esfuerza al maximo por mantener su red libre de virus, el emisor no puede garantizar nada al respecto y no sera responsable de cualesquiera danos que puedan resultar de una transmision de virus. ------------------------------------------------------------------ -------------- next part -------------- An HTML attachment was scrubbed... URL: From pascal.bisson at thalesgroup.com Mon Jun 13 15:26:37 2011 From: pascal.bisson at thalesgroup.com (BISSON Pascal) Date: Mon, 13 Jun 2011 15:26:37 +0200 Subject: [Fiware-security] Fi-ware High Level Description of the Optional Security Service enabler In-Reply-To: References: Message-ID: <24529_1307971598_4DF6100E_24529_3411_1_CBBCD6C304123F4AB23FAAE3055C8C0E02014AA2FB32@THSONEA01CMS04P.one.grp> Hi Slim, Don't forget to provide me as well with references to add and question marks (from your T8.4 side). More feedback to come once having received other inputs and assembled new release of the doc. Regards, Pascal De : TRABELSI, Slim [mailto:slim.trabelsi at sap.com] Envoy? : dimanche 12 juin 2011 18:36 ? : BISSON Pascal Cc : Fiware-security at lists.fi-ware.eu Objet : Fi-ware High Level Description of the Optional Security Service enabler Hi Pascal, I've updated the task8.4 contribution according to the comments and recommendation that I had during the last F2F meeting. Thank you Regards Slim ===================================== Dr Slim Trabelsi Researcher Security & Trust SAP Labs France 805, Avenue du Docteur Maurice Donat BP 1216 - 06254 Mougins Cedex, France T +33 4 9228 6345 M + 33 6 98 32 69 14 www.sap.com -------------- next part -------------- An HTML attachment was scrubbed... URL: From pascal.bisson at thalesgroup.com Tue Jun 14 10:23:00 2011 From: pascal.bisson at thalesgroup.com (BISSON Pascal) Date: Tue, 14 Jun 2011 10:23:00 +0200 Subject: [Fiware-security] FI-WARE - WP8 - Message-ID: <3100_1308039784_4DF71A68_3100_14847_1_f673c9c1-6ab9-4fe4-bb7d-e3bb558b0367@THSONEA01HUB02P.one.grp> Dear All, You will find hereafter some important messages received from Juanjo (also discussed at the audio conf CA-WPL/WPA I had with him yesterday) and that I wanted to relay you and more specifically to task leaders since important to have in mind in the context of the work undertaken with respect to finalization of their inputs to WP8 input document to D2.1a. 1. FI-WARE High-level Description document M2 deliverable (aka FI-WARE High-level Description document) would be a sort of "Product vision" document in line with what the Agile methodology proposes. Notice that the true consolidated "Product Vision" document is the one we expect to deliver by end of month 5, i.e., end of September. Once we get that "Product Vision" ready, we should start materializing our vision in subsequent Sprints (duration of our Sprints should be two months). By end of month 5 we should also have a first release of our FI-WARE features backlog, made up of the features we have identified ourselves and plan to implement for each and every GE in FI-WARE. We should be able to develop that backlog independently of the input by UC projects, I mean, we should have a plan/roadmap ready for each and every GE by end of month 5. What we are going to deliver in month 2 should be considered an early draft of this "Product Vision". It's something that is helpful for starting the dialogue with the UC projects. Kind of: "you know, this is an early description of what we are planning to deliver, your feedback is welcome". But doesn't need to be a) complete, i.e., meaning there might be things we will declare "work under progress and expected to be finished by end of month 5" nor b) as exhaustive as it will be by end of month 5. Indeed, I want only to provide the description of GEs we are rather confident about in our release in month 2. Anything that we don't considered yet closed should go to the "Question Marks" section (which I'm considering to retitle as "Question marks and work still under progress" or simply "Work still under progress"). [This is something I would suggest NSN to consider for what concerns GE on Auditing (this in view of what exists so far and what we discussed during our audio conf on Friday. ] As for other GE owners/Task leads please check your input accordingly From month 2 until month 5, UC projects will be entitled to generate "request for inclusion" of features to our backlog. We will see how many of these feature request will finally be accepted and how accepted features will be prioritized against the features we have already identified on our own. Analysis and management of feature requests coming from UC projects is something we will carry out from month 5 to month 7. Deadline to have input document coming from Technical WP was set mid of June but could be extended (although not yet confirmed - will let you know) so I can only encourage each of the task lead to finalize and send me asap their finalized and polished version of their sections in view of the above. 2. Workplan updates Deadline to have input document coming from Technical WP was set mid of June but could be extended (although not yet confirmed - will let you know) so I can only encourage each of the task lead to finalize and send me asap their finalized and polished version of their sections in view of the above. >From June 22 until June 30 TID will try to make a complete integration of all contributions as to deliver a first consolidated draft of the document. On June 22 TID will come with a proposal on what precise tasks we will carry out during that period and how we are going to manage things. The following anticipated tasks will be included in the plan: * TID will plan peer reviews of those chapters we may consider closer to a final version. Concrete partners will be assigned this task. * TID will setup a number of task forces, typically one per WP, to analyze security issues with regard to each WP. This is of concern to us as it means that WP8 will have to participate to these task forces and review each of the input document produced by other WPs (for this we will rely primarily although not uniquely on people appointed by WP8 to monitor activities of each other Technical WPs - see attached slide). When discussing this topic with TID Juanjo I called to consider first not to start from scratch (make use of initial input produced by each of the WPs) and second to have for these task forces mixed team made of representatives of WP8 and of representatives (having preferably some background on Security) of the WP at hands. This was agreed by TID since: The task force corresponding to a given WP would involve people from that WP and people from the Security WP. I can only encourage WP8 partners appointed to monitor activities of each of the other Technical WP (as per slide attached) to be prepared to answer this demand (being said input documents from other WPs are available on the repository - D2.2 contribs folder). Obviously all these topics and other would be discussed at our next audio conf (17/06/11 - 10am-12am - details will follow) Best Regards, Pascal -------------- next part -------------- An HTML attachment was scrubbed... URL: From gabor.marton at nsn.com Tue Jun 14 21:41:37 2011 From: gabor.marton at nsn.com (Marton, Gabor (NSN - HU/Budapest)) Date: Tue, 14 Jun 2011 22:41:37 +0300 Subject: [Fiware-security] Updated contribution from T8.2 to D2.1a References: <30901_1307712858_4DF21D5A_30901_8991_1_CBBCD6C304123F4AB23FAAE3055C8C0E02014A92B129@THSONEA01CMS04P.one.grp> Message-ID: <57CF2CA7825F474DACFAEB9EA1ED3A54041F367B@FIESEXC014.nsn-intra.net> Hi Pascal, please find attached a new version. From the backlog we had last time, the first and third items are solved. The second item requires more time; because of my schedule (being out of office tomorrow, having another task on Thursday and being on vacation next week), I can see only Friday as a possible day for the discussion with Daniel. So please use the attached version for the time being. Kind regards, G?bor ________________________________ From: Marton, Gabor (NSN - HU/Budapest) Sent: Friday, June 10, 2011 6:39 PM To: 'ext BISSON Pascal' Cc: Seidl, Robert (NSN - DE/Munich); Fiware-security at lists.fi-ware.eu Subject: Updated contribution from T8.2 to D2.1a Hi Pascal, please find attached the updated version of our previous T8.2 contribution document. N.B.: I moved back the basic privacy protection mechanism into the IdM core enabler, so we have now only 2 enahanced priv & trust enabler. This is a more correct formulation as it better reflects our available assets (IdM core = NSN's asset). I had to stop the work now, so unfortunately I have some backlog: * no question marks about audit yet * no discussion yet on this topic: For what concerns Trust in the context of T8.2 talk to both SAP (based on proposals made) and INIRIA (Daniel Le Metayer) to give some directions on how Trust would be addressed this together in view of assets related to Trust (Prime Life Privacy Engine, IBM/ Reputation Engine/reputation model SAP as first and second INIRIA asset on accountability - talk here to both SAP and INRIA). * TBD in terms and definitions Kind regards, G?bor ________________________________ From: ext BISSON Pascal [mailto:pascal.bisson at thalesgroup.com] Sent: Friday, June 10, 2011 3:34 PM To: Marton, Gabor (NSN - HU/Budapest) Cc: Seidl, Robert (NSN - DE/Munich) Subject: FI-WARE - T8.3 (follow-up of our audio conf of today) Importance: High Hi Gabor, Find attached to this email the working document object our redrafting of today with some comments for you to redraft it (see my comments in the text in cyan blue) according to what we discussed at this audio conf of this morning. Hope it helps you to do/check your redrafting. Best Regards, Pascal -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: FI-WARE High-Level Description 25-05-11 v0 1-SecurityAT-T8.2_NSN_SAP_IBM_v3.doc Type: application/msword Size: 492544 bytes Desc: FI-WARE High-Level Description 25-05-11 v0 1-SecurityAT-T8.2_NSN_SAP_IBM_v3.doc URL: From pascal.bisson at thalesgroup.com Wed Jun 15 11:15:34 2011 From: pascal.bisson at thalesgroup.com (BISSON Pascal) Date: Wed, 15 Jun 2011 11:15:34 +0200 Subject: [Fiware-security] FI-WARE -WP8 - Latest update of WP8 input document / Friday audio conf details Message-ID: <8134_1308129339_4DF8783B_8134_390_1_439b1cd7-1d64-40d1-b98c-1042e1ae188b@THSONEA01HUB05P.one.grp> Dear All, Based on latest input I got from G?bor I updated the latest version of our WP8 input document to D2.1a and uploaded it on our repository (using new naming conventions as per demand of TID). This document is available at the following address: https://forge.fi-ware.eu/docman/view.php/19/149/FI-WARE+High-Level+Description++Security+v1.0+11-06-15+valid+until+11-06-16.doc @task leaders : please use this document for your subsequent imput/changes. As for the rest don't forget our weekly audio conf this Friday (17/06/11) starting at 10am sharp. Counting on each organization involved in WP8 to be represented. On the Agenda of this audio conf: ? Report on status of WP8 input document to D2.1a ? Report on Security issues derived from WP6 document (THA, ATOS, INRIA and others) ? Update on next steps on M2 till submission Here are the details to join: Meeting room number would be the following one : 391581 LocalConnect number to join: Australia Australia Toll Free 1800 005 574 Australia Sydney +61 (0) 282 239 767 Austria Vienna +43 (0) 2682 205 6609 Belgium Brussels +32 (0) 2 789 8678 Denmark Copenhagen +45 3271 4340 Finland Helsinki +358 (0) 923 142 830 France Lyon +33 (0) 426 840 285 France Marseille +33 (0) 488 915 385 France Paris +33 (0) 170 994 816 Germany Berlin +49 (0) 3072 616 7342 Germany D?sseldorf +49 (0) 2115 407 3902 Germany Frankfurt +49 (0) 6971 044 5635 Germany Hamburg +49 (0) 4080 902 0684 Germany Munich +49 (0) 8924 443 2893 Germany Stuttgart +49 (0) 7111 856 2130 Hong Kong Hong Kong +852 301 145 59 Hungary Budapest +36 (06) 1-889-3286 Ireland Dublin +353 (0) 14 860 780 Israel Israel Toll Free 1809 245 981 Italy Milan +39 0 230 413 017 Italy Rome +39 0 645 217 056 Italy Turin +39 0 112 179 2159 Japan Japan Toll Free 005 311 212 65 Japan Tokyo +81 (0) 357 675 025 Korea, Republic Of Seoul +82 (0) 234 831 224 Luxembourg Luxemburg City +352 2700 41 42 Malaysia Kuala Lumpur +60 (0) 377 124 640 Netherlands Amsterdam +31 (0) 207 948 529 New Zealand Auckland +64 (0) 9 919 2428 Norway Oslo +47 2153 3919 Poland Poland Toll Free 0080 0121 1304 Portugal Portugal Toll Free 800 814 183 Russia Russia Toll Free 81080 02209 4011 Singapore Singapore +65 6622 1068 Spain Barcelona +34 93 492 3235 Spain Madrid +34 91 788 9908 Sweden Stockholm +46 (0) 850 520 145 Switzerland Geneva +41 (0) 225 927 428 United Kingdom Birmingham +44 (0) 121 260 4686 United Kingdom London +44 (0) 207 153 9902 United Kingdom Manchester +44 (0) 161 250 0679 United States USA & Canada Toll Free 1888 249 0050 United States USA Toll +1 954 334 1559 -------------- next part -------------- An HTML attachment was scrubbed... URL: From slim.trabelsi at sap.com Wed Jun 15 15:48:49 2011 From: slim.trabelsi at sap.com (TRABELSI, Slim) Date: Wed, 15 Jun 2011 15:48:49 +0200 Subject: [Fiware-security] FI-WARE -WP8 - Latest update of WP8 input document / Friday audio conf details In-Reply-To: <8134_1308129339_4DF8783B_8134_390_1_439b1cd7-1d64-40d1-b98c-1042e1ae188b@THSONEA01HUB05P.one.grp> References: <8134_1308129339_4DF8783B_8134_390_1_439b1cd7-1d64-40d1-b98c-1042e1ae188b@THSONEA01HUB05P.one.grp> Message-ID: Hi Pascal, Sorry for answering late, I was in day-off. Here is the updated version of the document including the question mark and the reference. Regards Slim From: fiware-security-bounces at lists.fi-ware.eu [mailto:fiware-security-bounces at lists.fi-ware.eu] On Behalf Of BISSON Pascal Sent: mercredi 15 juin 2011 11:16 To: Fiware-security at lists.fi-ware.eu Subject: [Fiware-security] FI-WARE -WP8 - Latest update of WP8 input document / Friday audio conf details Dear All, Based on latest input I got from G?bor I updated the latest version of our WP8 input document to D2.1a and uploaded it on our repository (using new naming conventions as per demand of TID). This document is available at the following address: https://forge.fi-ware.eu/docman/view.php/19/149/FI-WARE+High-Level+Description++Security+v1.0+11-06-15+valid+until+11-06-16.doc @task leaders : please use this document for your subsequent imput/changes. As for the rest don't forget our weekly audio conf this Friday (17/06/11) starting at 10am sharp. Counting on each organization involved in WP8 to be represented. On the Agenda of this audio conf: ? Report on status of WP8 input document to D2.1a ? Report on Security issues derived from WP6 document (THA, ATOS, INRIA and others) ? Update on next steps on M2 till submission Here are the details to join: Meeting room number would be the following one : 391581 LocalConnect number to join: Australia Australia Toll Free 1800 005 574 Australia Sydney +61 (0) 282 239 767 Austria Vienna +43 (0) 2682 205 6609 Belgium Brussels +32 (0) 2 789 8678 Denmark Copenhagen +45 3271 4340 Finland Helsinki +358 (0) 923 142 830 France Lyon +33 (0) 426 840 285 France Marseille +33 (0) 488 915 385 France Paris +33 (0) 170 994 816 Germany Berlin +49 (0) 3072 616 7342 Germany D?sseldorf +49 (0) 2115 407 3902 Germany Frankfurt +49 (0) 6971 044 5635 Germany Hamburg +49 (0) 4080 902 0684 Germany Munich +49 (0) 8924 443 2893 Germany Stuttgart +49 (0) 7111 856 2130 Hong Kong Hong Kong +852 301 145 59 Hungary Budapest +36 (06) 1-889-3286 Ireland Dublin +353 (0) 14 860 780 Israel Israel Toll Free 1809 245 981 Italy Milan +39 0 230 413 017 Italy Rome +39 0 645 217 056 Italy Turin +39 0 112 179 2159 Japan Japan Toll Free 005 311 212 65 Japan Tokyo +81 (0) 357 675 025 Korea, Republic Of Seoul +82 (0) 234 831 224 Luxembourg Luxemburg City +352 2700 41 42 Malaysia Kuala Lumpur +60 (0) 377 124 640 Netherlands Amsterdam +31 (0) 207 948 529 New Zealand Auckland +64 (0) 9 919 2428 Norway Oslo +47 2153 3919 Poland Poland Toll Free 0080 0121 1304 Portugal Portugal Toll Free 800 814 183 Russia Russia Toll Free 81080 02209 4011 Singapore Singapore +65 6622 1068 Spain Barcelona +34 93 492 3235 Spain Madrid +34 91 788 9908 Sweden Stockholm +46 (0) 850 520 145 Switzerland Geneva +41 (0) 225 927 428 United Kingdom Birmingham +44 (0) 121 260 4686 United Kingdom London +44 (0) 207 153 9902 United Kingdom Manchester +44 (0) 161 250 0679 United States USA & Canada Toll Free 1888 249 0050 United States USA Toll +1 954 334 1559 -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: FI-WARE+High-Level+Description++Security+v1.0+11-06-15+valid+until+11-06-16.doc Type: application/msword Size: 1473536 bytes Desc: FI-WARE+High-Level+Description++Security+v1.0+11-06-15+valid+until+11-06-16.doc URL: From pascal.bisson at thalesgroup.com Wed Jun 15 18:43:38 2011 From: pascal.bisson at thalesgroup.com (BISSON Pascal) Date: Wed, 15 Jun 2011 18:43:38 +0200 Subject: [Fiware-security] FI-WARE - 1st SYSSEC Workshop (FI-WARE presence) Message-ID: <27530_1308156221_4DF8E13D_27530_6489_1_f4b2164c-10eb-4cc9-9a1b-449d0fbc9807@THSONEA01HUB06P.one.grp> Dear All, This just to let you know that the NoE Syssec has announced its 1st Workshop on July 6 in Amsterdam which is obviously of interest to us as FI-WARE Security Project (this more specifically for what concerns T8.1) For your information I remind you that Syssec is a Network of Excellence in the field of Systems Security, working towards: 1. creating a virtual center of excellence, to consolidate the Systems Security research community in Europe 2. promoting cybersecurity education 3. engaging a think-tank in discovering the threats and vulnerabilities of the Current and Future Internet, 4. creating an active research roadmap in the area, and 5. developing a joint working plan to conduct State-of-the-Art collaborative research 1st Workshop program is available at the following address: http://www.syssec-project.eu/events/1st-syssec-workshop-program/ For the time being Daniel and I are planning to attend this event and represent FI-WARE. Of course if you were also planning to attend this workshop let me and Daniel know. Best regards, Pascal -------------- next part -------------- An HTML attachment was scrubbed... URL: From antonio.garcia at atosresearch.eu Thu Jun 16 12:58:50 2011 From: antonio.garcia at atosresearch.eu (Antonio Garcia Vazquez) Date: Thu, 16 Jun 2011 12:58:50 +0200 Subject: [Fiware-security] FI-WARE: Security 2.1a Doc update & Security review of WP6 Message-ID: <0385F69C47D8694EA885D34BE18BCCC402F1492B@INTMAIL02.es.int.atosorigin.com> Good morning, See attached: 1) Document with the security issues I?ve detected in WP6. (FI-WARE_WP6_D2.1 Security Issues.doc). 2) New version of WP8 document where I?ve included: - A paragraph about business risk analysis I?ve send to Pascal last Tuesday and missed on the last version. - Misprint correction in 3.1.2.4. Now the reference is to the G.E. (FI-WARE+High-Level+Description++Security+v1 0+11-06-15+valid+until+11-06-16 (2.1).doc) Regards ************************************ * Antonio Garc?a V?zquez * * (+34) 91 214 9384 * * antonio.garcia at atosresearch.eu * ************************************ ------------------------------------------------------------------ This e-mail and the documents attached are confidential and intended solely for the addressee; it may also be privileged. If you receive this e-mail in error, please notify the sender immediately and destroy it. As its integrity cannot be secured on the Internet, the Atos Origin group liability cannot be triggered for the message content. Although the sender endeavours to maintain a computer virus-free network, the sender does not warrant that this transmission is virus-free and will not be liable for any damages resulting from any virus transmitted. Este mensaje y los ficheros adjuntos pueden contener informacion confidencial destinada solamente a la(s) persona(s) mencionadas anteriormente pueden estar protegidos por secreto profesional. Si usted recibe este correo electronico por error, gracias por informar inmediatamente al remitente y destruir el mensaje. Al no estar asegurada la integridad de este mensaje sobre la red, Atos Origin no se hace responsable por su contenido. Su contenido no constituye ningun compromiso para el grupo Atos Origin, salvo ratificacion escrita por ambas partes. Aunque se esfuerza al maximo por mantener su red libre de virus, el emisor no puede garantizar nada al respecto y no sera responsable de cualesquiera danos que puedan resultar de una transmision de virus. ------------------------------------------------------------------ -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: FI-WARE_WP6_D2.1 Security Issues.doc Type: application/msword Size: 25088 bytes Desc: FI-WARE_WP6_D2.1 Security Issues.doc URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: FI-WARE+High-Level+Description++Security+v1 0+11-06-15+valid+until+11-06-16 (2.1).doc Type: application/msword Size: 1479680 bytes Desc: FI-WARE+High-Level+Description++Security+v1 0+11-06-15+valid+until+11-06-16 (2.1).doc URL: From pascal.bisson at thalesgroup.com Thu Jun 16 16:10:31 2011 From: pascal.bisson at thalesgroup.com (BISSON Pascal) Date: Thu, 16 Jun 2011 16:10:31 +0200 Subject: [Fiware-security] FI-WARE: Security 2.1a Doc update & Security review of WP6 In-Reply-To: <0385F69C47D8694EA885D34BE18BCCC402F1492B@INTMAIL02.es.int.atosorigin.com> References: <0385F69C47D8694EA885D34BE18BCCC402F1492B@INTMAIL02.es.int.atosorigin.com> Message-ID: <11464_1308233433_4DFA0ED9_11464_8210_1_ade59da6-5a4a-4a20-b90c-a884ba282f4c@THSONEA01HUB05P.one.grp> Thanks Antonio, See few comments in the text of yuor email below De : fiware-security-bounces at lists.fi-ware.eu [mailto:fiware-security-bounces at lists.fi-ware.eu] De la part de Antonio Garcia Vazquez Envoy? : jeudi 16 juin 2011 12:59 ? : Fiware-security at lists.fi-ware.eu Objet : [Fiware-security] FI-WARE: Security 2.1a Doc update & Security review of WP6 Good morning, See attached: 1) Document with the security issues I?ve detected in WP6. (FI-WARE_WP6_D2.1 Security Issues.doc). Thanks. We also have been working here at Thales on Security issues by WP6 input document to D2.1. We do plan to release our document prior today EOB to have it discussed tomorrow as yours being said we would have to merge the two. Apart from Thales and ATOS I also we?d like to get the input from INRIA (so please Guillaume try with colleagues Olivier, Daniel to provide us also with your feedback in terms of security issues you identified also from your side. Useless to say that other partners can also join the discussion and especially partners from T8.2 since in my view most of issues raised relate to privacy, access control, ? 2) New version of WP8 document where I?ve included: - A paragraph about business risk analysis I?ve send to Pascal last Tuesday and missed on the last version. Yes I got your input but since Daniel as T8.1 lead was busy collecting the missing inputs to finalize and polish that Section I let him the control. To my knowledge Daniel will deliver by EOB today the redrafted he performed. - Misprint correction in 3.1.2.4. Now the reference is to the G.E. Thanks for the correction (FI-WARE+High-Level+Description++Security+v1 0+11-06-15+valid+until+11-06-16 (2.1).doc) Regards ************************************ * Antonio Garc?a V?zquez * * (+34) 91 214 9384 * * antonio.garcia at atosresearch.eu * ************************************ ------------------------------------------------------------------ This e-mail and the documents attached are confidential and intended solely for the addressee; it may also be privileged. If you receive this e-mail in error, please notify the sender immediately and destroy it. As its integrity cannot be secured on the Internet, the Atos Origin group liability cannot be triggered for the message content. Although the sender endeavours to maintain a computer virus-free network, the sender does not warrant that this transmission is virus-free and will not be liable for any damages resulting from any virus transmitted. Este mensaje y los ficheros adjuntos pueden contener informacion confidencial destinada solamente a la(s) persona(s) mencionadas anteriormente pueden estar protegidos por secreto profesional. Si usted recibe este correo electronico por error, gracias por informar inmediatamente al remitente y destruir el mensaje. Al no estar asegurada la integridad de este mensaje sobre la red, Atos Origin no se hace responsable por su contenido. Su contenido no constituye ningun compromiso para el grupo Atos Origin, salvo ratificacion escrita por ambas partes. Aunque se esfuerza al maximo por mantener su red libre de virus, el emisor no puede garantizar nada al respecto y no sera responsable de cualesquiera danos que puedan resultar de una transmision de virus. ------------------------------------------------------------------ -------------- next part -------------- An HTML attachment was scrubbed... URL: From gabor.marton at nsn.com Thu Jun 16 18:04:24 2011 From: gabor.marton at nsn.com (Marton, Gabor (NSN - HU/Budapest)) Date: Thu, 16 Jun 2011 19:04:24 +0300 Subject: [Fiware-security] FI-WARE - WP8 - WP6 input document to D2.1a foryour review In-Reply-To: <16991_1307715915_4DF2294B_16991_9327_1_CBBCD6C304123F4AB23FAAE3055C8C0E02014A92B2FC@THSONEA01CMS04P.one.grp> References: <16991_1307715915_4DF2294B_16991_9327_1_CBBCD6C304123F4AB23FAAE3055C8C0E02014A92B2FC@THSONEA01CMS04P.one.grp> Message-ID: <57CF2CA7825F474DACFAEB9EA1ED3A5404262161@FIESEXC014.nsn-intra.net> Dear Pascal and All, I would like to point out to the following security/privacy-related issues w.r.t. the context data enablers. On p.22: 3.1.2.5 Intelligent Services Plugins (algorithms) The Intelligent Services plug-ins interact with the off-line and real-time stream processing enablers, as well as with data that resides in memory and the persistence layer, to provide analytical and algorithmic capabilities in the following main areas: a) Social Network Analysis, b) Mobility Analysis, c) Real-Time Recommendations, d) Behavioural and Web Profiling, and e) Opinion Mining. These topics are privacy-sensitive, therefore we should have the following measures in place. For a), b), d), and e): * user consent for carrying out such analysis and storing the results (derived attributes); * methods for anonymization (de-identification) of the collected data when the processing is carried out by another party; * ensuring, if possible, that the derived attributes cannot be linked to the users' real identity; * user consent for disclosing the derived attributes to third parties; and for c): * user consent for targeting them with such recommendations. On p.30: 3.1.2.7 Publish/Subscribe Broker Target usage Publish /Subscribe Enabler includes the features that allows for a data or context consumer to subscribe for certain type of data or context. The Enabler provides the subscribed data or context back to the subscribed consumer on certain condition and until the subscription will not expire or cancelled. [...] Any component or customer requiring data or context can be subscribed to required information through this Enabler. This Enabler should be designed very carefully from access control point of view, because brokering context data is a privacy-sensitive topic. The notifications about context change must only be sent to such components/services/users that are entitled to receive the information. User consent (among other factors) must be taken into consideration when making the authorization decision. Kind regards, G?bor ________________________________ From: fiware-security-bounces at lists.fi-ware.eu [mailto:fiware-security-bounces at lists.fi-ware.eu] On Behalf Of ext BISSON Pascal Sent: Friday, June 10, 2011 4:25 PM To: Fiware-security at lists.fi-ware.eu Subject: [Fiware-security] FI-WARE - WP8 - WP6 input document to D2.1a foryour review Dear All, As a follow-up of our today's meeting please find attached to this email the WP6 input document to D2.1a I would ask you to read and comment in order to raise security issues we can derive from it as WP8 Security WP. Would appreciate your feedback by next Thursady end of business. Thales & ATOS will consolidate the feedback to answer WP6 demand. Thanks in advance for your cooperation. Regards, Pascal -------------- next part -------------- An HTML attachment was scrubbed... URL: From pascal.bisson at thalesgroup.com Thu Jun 16 18:19:36 2011 From: pascal.bisson at thalesgroup.com (BISSON Pascal) Date: Thu, 16 Jun 2011 18:19:36 +0200 Subject: [Fiware-security] FI-WARE - WP8 - WP6 input document to D2.1a foryour review In-Reply-To: <57CF2CA7825F474DACFAEB9EA1ED3A5404262161@FIESEXC014.nsn-intra.net> References: <16991_1307715915_4DF2294B_16991_9327_1_CBBCD6C304123F4AB23FAAE3055C8C0E02014A92B2FC@THSONEA01CMS04P.one.grp> <57CF2CA7825F474DACFAEB9EA1ED3A5404262161@FIESEXC014.nsn-intra.net> Message-ID: <27457_1308241178_4DFA2D1A_27457_4908_1_CBBCD6C304123F4AB23FAAE3055C8C0E02014AD6D0D4@THSONEA01CMS04P.one.grp> Thanks for your input I share and really welcome. Regards, Pascal De : Marton, Gabor (NSN - HU/Budapest) [mailto:gabor.marton at nsn.com] Envoy? : jeudi 16 juin 2011 18:04 ? : BISSON Pascal; Fiware-security at lists.fi-ware.eu Objet : RE: [Fiware-security] FI-WARE - WP8 - WP6 input document to D2.1a foryour review Dear Pascal and All, I would like to point out to the following security/privacy-related issues w.r.t. the context data enablers. On p.22: 3.1.2.5 Intelligent Services Plugins (algorithms) The Intelligent Services plug-ins interact with the off-line and real-time stream processing enablers, as well as with data that resides in memory and the persistence layer, to provide analytical and algorithmic capabilities in the following main areas: a) Social Network Analysis, b) Mobility Analysis, c) Real-Time Recommendations, d) Behavioural and Web Profiling, and e) Opinion Mining. These topics are privacy-sensitive, therefore we should have the following measures in place. For a), b), d), and e): * user consent for carrying out such analysis and storing the results (derived attributes); * methods for anonymization (de-identification) of the collected data when the processing is carried out by another party; * ensuring, if possible, that the derived attributes cannot be linked to the users' real identity; * user consent for disclosing the derived attributes to third parties; and for c): * user consent for targeting them with such recommendations. On p.30: 3.1.2.7 Publish/Subscribe Broker Target usage Publish[jh1] /Subscribe Enabler includes the features that allows for a data or context [jh2] consumer to subscribe for certain type of data or context. The Enabler provides the subscribed data or context back [jh3] to the subscribed consumer on certain condition and until the subscription will not expire or cancelled. [...] Any component or customer requiring data or context can be subscribed to required information through this Enabler. This Enabler should be designed very carefully from access control point of view, because brokering context data is a privacy-sensitive topic. The notifications about context change must only be sent to such components/services/users that are entitled to receive the information. User consent (among other factors) must be taken into consideration when making the authorization decision. Kind regards, G?bor ________________________________ From: fiware-security-bounces at lists.fi-ware.eu [mailto:fiware-security-bounces at lists.fi-ware.eu] On Behalf Of ext BISSON Pascal Sent: Friday, June 10, 2011 4:25 PM To: Fiware-security at lists.fi-ware.eu Subject: [Fiware-security] FI-WARE - WP8 - WP6 input document to D2.1a foryour review Dear All, As a follow-up of our today's meeting please find attached to this email the WP6 input document to D2.1a I would ask you to read and comment in order to raise security issues we can derive from it as WP8 Security WP. Would appreciate your feedback by next Thursady end of business. Thales & ATOS will consolidate the feedback to answer WP6 demand. Thanks in advance for your cooperation. Regards, Pascal ________________________________ [jh1] [jh2] [jh3] -------------- next part -------------- An HTML attachment was scrubbed... URL: From pascal.bisson at thalesgroup.com Fri Jun 17 10:09:35 2011 From: pascal.bisson at thalesgroup.com (BISSON Pascal) Date: Fri, 17 Jun 2011 10:09:35 +0200 Subject: [Fiware-security] TR: FI-WARE -WP8 - Latest update of WP8 input document / Friday audio conf details Message-ID: <16734_1308298190_4DFB0BCE_16734_19846_1_33c736d0-c113-4ec9-9fe0-f539f706da6c@THSONEA01HUB04P.one.grp> Dear colleagues, Prior to our audio conf this just to inform you that I put on the repository the last update of WP8 input document to D2.1a based on latest inputs I got. You will find it at the following address: https://forge.fi-ware.eu/docman/admin/index.php?editdoc=1&docid=159&group_id=19 (FI-WARE+High-Level+Description++Security+v1.1+11-06-17+valid+until+11-06-19.doc) I also put under the repository the initial draft regarding security issues identified by WP8 (THA, ATOS and NSN ) for what concerns WP6 input document to D2.1a https://forge.fi-ware.eu/docman/admin/index.php?editdoc=1&docid=160&group_id=19 (FI-WARE-Security Issues WP6 - WP8 input document THA-ATOS-NSN v1.0.doc) Talk to you in a couple of minutes at our audio. Regards, Pascal De : BISSON Pascal Envoy? : mercredi 15 juin 2011 11:16 ? : Fiware-security at lists.fi-ware.eu Cc : BISSON Pascal Objet : FI-WARE -WP8 - Latest update of WP8 input document / Friday audio conf details Dear All, Based on latest input I got from G?bor I updated the latest version of our WP8 input document to D2.1a and uploaded it on our repository (using new naming conventions as per demand of TID). This document is available at the following address: https://forge.fi-ware.eu/docman/view.php/19/149/FI-WARE+High-Level+Description++Security+v1.0+11-06-15+valid+until+11-06-16.doc @task leaders : please use this document for your subsequent imput/changes. As for the rest don't forget our weekly audio conf this Friday (17/06/11) starting at 10am sharp. Counting on each organization involved in WP8 to be represented. On the Agenda of this audio conf: ? Report on status of WP8 input document to D2.1a ? Report on Security issues derived from WP6 document (THA, ATOS, INRIA and others) ? Update on next steps on M2 till submission Here are the details to join: Meeting room number would be the following one : 391581 LocalConnect number to join: Australia Australia Toll Free 1800 005 574 Australia Sydney +61 (0) 282 239 767 Austria Vienna +43 (0) 2682 205 6609 Belgium Brussels +32 (0) 2 789 8678 Denmark Copenhagen +45 3271 4340 Finland Helsinki +358 (0) 923 142 830 France Lyon +33 (0) 426 840 285 France Marseille +33 (0) 488 915 385 France Paris +33 (0) 170 994 816 Germany Berlin +49 (0) 3072 616 7342 Germany D?sseldorf +49 (0) 2115 407 3902 Germany Frankfurt +49 (0) 6971 044 5635 Germany Hamburg +49 (0) 4080 902 0684 Germany Munich +49 (0) 8924 443 2893 Germany Stuttgart +49 (0) 7111 856 2130 Hong Kong Hong Kong +852 301 145 59 Hungary Budapest +36 (06) 1-889-3286 Ireland Dublin +353 (0) 14 860 780 Israel Israel Toll Free 1809 245 981 Italy Milan +39 0 230 413 017 Italy Rome +39 0 645 217 056 Italy Turin +39 0 112 179 2159 Japan Japan Toll Free 005 311 212 65 Japan Tokyo +81 (0) 357 675 025 Korea, Republic Of Seoul +82 (0) 234 831 224 Luxembourg Luxemburg City +352 2700 41 42 Malaysia Kuala Lumpur +60 (0) 377 124 640 Netherlands Amsterdam +31 (0) 207 948 529 New Zealand Auckland +64 (0) 9 919 2428 Norway Oslo +47 2153 3919 Poland Poland Toll Free 0080 0121 1304 Portugal Portugal Toll Free 800 814 183 Russia Russia Toll Free 81080 02209 4011 Singapore Singapore +65 6622 1068 Spain Barcelona +34 93 492 3235 Spain Madrid +34 91 788 9908 Sweden Stockholm +46 (0) 850 520 145 Switzerland Geneva +41 (0) 225 927 428 United Kingdom Birmingham +44 (0) 121 260 4686 United Kingdom London +44 (0) 207 153 9902 United Kingdom Manchester +44 (0) 161 250 0679 United States USA & Canada Toll Free 1888 249 0050 United States USA Toll +1 954 334 1559 -------------- next part -------------- An HTML attachment was scrubbed... URL: From antonio.garcia at atosresearch.eu Fri Jun 17 16:07:41 2011 From: antonio.garcia at atosresearch.eu (Antonio Garcia Vazquez) Date: Fri, 17 Jun 2011 16:07:41 +0200 Subject: [Fiware-security] FI-WARE Security - Presence in IoS & SW Message-ID: <0385F69C47D8694EA885D34BE18BCCC402F14D30@INTMAIL02.es.int.atosorigin.com> Dear All, This just to let you know that ATOS will present a paper on FI-WARE security at this forums: - Internet of Services 2011: Trust and Security (Brussels 28-29 Sep. ) - Security, Privacy and Trust track at ServiceWave 2011 (Poznan 26-28 Oct.) Abstract. Security is becoming a major issue in the development of new environments. Within the European Commission Programs oriented to define the Future Internet; the challenge taken on by FI-WARE project has been the design of server oriented architecture inspired by Secure by Design principles. Security in FI-WARE is defined as context adaptive architecture that guarantees protection against external attacks; privacy in communications & personal data sharing; and secure & trustworthy services as the default operation mode of the Future Internet. Keywords: Future Internet, Context based security, Dynamic Security and dependency. Run-time adaptive services In case you were planning to be at this event let me know Regards ************************************ * Antonio Garc?a V?zquez * * (+34) 91 214 9384 * * antonio.garcia at atosresearch.eu * ************************************ ------------------------------------------------------------------ This e-mail and the documents attached are confidential and intended solely for the addressee; it may also be privileged. If you receive this e-mail in error, please notify the sender immediately and destroy it. As its integrity cannot be secured on the Internet, the Atos Origin group liability cannot be triggered for the message content. Although the sender endeavours to maintain a computer virus-free network, the sender does not warrant that this transmission is virus-free and will not be liable for any damages resulting from any virus transmitted. Este mensaje y los ficheros adjuntos pueden contener informacion confidencial destinada solamente a la(s) persona(s) mencionadas anteriormente pueden estar protegidos por secreto profesional. Si usted recibe este correo electronico por error, gracias por informar inmediatamente al remitente y destruir el mensaje. Al no estar asegurada la integridad de este mensaje sobre la red, Atos Origin no se hace responsable por su contenido. Su contenido no constituye ningun compromiso para el grupo Atos Origin, salvo ratificacion escrita por ambas partes. Aunque se esfuerza al maximo por mantener su red libre de virus, el emisor no puede garantizar nada al respecto y no sera responsable de cualesquiera danos que puedan resultar de una transmision de virus. ------------------------------------------------------------------ -------------- next part -------------- An HTML attachment was scrubbed... URL: From gabor.marton at nsn.com Fri Jun 17 16:40:04 2011 From: gabor.marton at nsn.com (Marton, Gabor (NSN - HU/Budapest)) Date: Fri, 17 Jun 2011 17:40:04 +0300 Subject: [Fiware-security] FI-WARE - WP8 - T8.2 partner assets-->partner contribution needed In-Reply-To: <70B7C2744D52BB4282F0E0D3DC965E0C04F28622@DEMUEXC006.nsn-intra.net> References: <70B7C2744D52BB4282F0E0D3DC965E0C04E6A032@DEMUEXC006.nsn-intra.net> <70B7C2744D52BB4282F0E0D3DC965E0C04EEDA7F@DEMUEXC006.nsn-intra.net> <70B7C2744D52BB4282F0E0D3DC965E0C04F28622@DEMUEXC006.nsn-intra.net> Message-ID: <57CF2CA7825F474DACFAEB9EA1ED3A5404262966@FIESEXC014.nsn-intra.net> Dear All, I'll be on vacation next week, back in office on the 27th. Kind regards, G?bor ________________________________ From: Seidl, Robert (NSN - DE/Munich) Sent: Sunday, June 12, 2011 10:55 PM To: Fiware-security at lists.fi-ware.eu Cc: Marton, Gabor (NSN - HU/Budapest) Subject: RE: [Fiware-security] FI-WARE - WP8 - T8.2 partner assets-->partner contribution needed Hi, before my vacation please find attached the latest version of the T8.2 assets. Still AI for Thales and Deutsche Telekom. Gabor will step in for me during my holiday. Greetings Robert ________________________________ From: Seidl, Robert (NSN - DE/Munich) Sent: Friday, June 10, 2011 10:40 AM To: Fiware-security at lists.fi-ware.eu; Wolfgang.Steigerwald at telekom.de Subject: RE: [Fiware-security] FI-WARE - WP8 - T8.2 partner assets-->partner contribution needed Hi, here the latest status update regarding assets for T8.2 as input for your meeting in Paris. Still missing (marked in yellow in the attached document): Thales: should I delete the additional mentioned assets (see document)? DT: should I delete the additional mentioned asset (one remaining, will be clarified latest by end of the week by Wolfgang) Greetings Robert ________________________________ From: fiware-security-bounces at lists.fi-ware.eu [mailto:fiware-security-bounces at lists.fi-ware.eu] On Behalf Of Seidl, Robert (NSN - DE/Munich) Sent: Wednesday, June 08, 2011 5:06 PM To: Fiware-security at lists.fi-ware.eu; xavier.aghina at orange-ftgroup.com; Wolfgang.Steigerwald at telekom.de Subject: Re: [Fiware-security] FI-WARE - WP8 - T8.2 partner assets-->partner contribution needed Hi, just one more status update: Still missing: Thales: should I delete the additional mentioned assets (see document)? Orange: no input so far, please Xavier provide the input for Orange DT: should I delete the additional mentioned asset (one remaining, will be clarified latest by end of the week by Wolfgang) Please find the newest version attached. Greetings Robert ________________________________ From: fiware-security-bounces at lists.fi-ware.eu [mailto:fiware-security-bounces at lists.fi-ware.eu] On Behalf Of Seidl, Robert (NSN - DE/Munich) Sent: Monday, June 06, 2011 8:51 AM To: Fiware-security at lists.fi-ware.eu Subject: Re: [Fiware-security] FI-WARE - WP8 - T8.2 partner assets -->partner contribution needed Dear partners, please find attached the newest version for T8.2 assets based on the inputs I received so far. Still missing: Thales: should I delete the additional mentioned assets (see document)? Orange: no input so far INIRA: input received, please adapt your input to the format used in the document (mentioning Maturity, IPR, Enablers, ...) DT: should I delete the additional mentioned assets (see document)? Many thanks in advance Robert ________________________________ From: Seidl, Robert (NSN - DE/Munich) Sent: Friday, June 03, 2011 11:03 AM To: 'Fiware-security at lists.fi-ware.eu' Subject: RE: FI-WARE - WP8 - T8.2 partner assets --> partner contribution needed Hi all, please find attached the newest version of the partner assets of task T8.2. Missing input from following partners: Thales: should I delete the additional mentioned assets (see document)? Orange: no input so far INIRA: no input so far Please provide the missing input. Greetings and have a nice weekend Robert ________________________________ From: Seidl, Robert (NSN - DE/Munich) Sent: Wednesday, June 01, 2011 9:41 AM To: Fiware-security at lists.fi-ware.eu Subject: FW: FI-WARE - WP8 - T8.2 partner assets --> partner contribution needed Hi all, this is just to remind all of you, who have not done so far, to contribute your detailed asset description to the attached document for task 8.2. Deadline is end of this week. Greetings Robert ________________________________ From: ext TRABELSI, Slim [mailto:slim.trabelsi at sap.com] Sent: Tuesday, May 31, 2011 10:43 AM To: Seidl, Robert (NSN - DE/Munich) Cc: Fiware-security at lists.fi-ware.eu Subject: RE: FI-WARE - WP8 - T8.2 partner assets --> partner contribution needed Hi Robert, You can find the description asset of SAP. This asset is strongly related to IBM's one, since one compoenent is designed and developed by IBM (Credential Handler). SAP and IBM assets will work together for delivering the PPL engine asset with the Credential and IDMix capabilities. Thank you Regards Slim From: Seidl, Robert (NSN - DE/Munich) [mailto:robert.seidl at nsn.com] Sent: jeudi 26 mai 2011 18:12 To: ext BISSON Pascal; Fiware-security at lists.fi-ware.eu Cc: Marton, Gabor (NSN - HU/Budapest); Antonio Garcia Vazquez; Pedro Soria Rodriguez; TRABELSI, Slim; Schaad, Andreas; Michael Osborne; SIEUX Corinne; Philippe.LELEU at fr.thalesgroup.com; GIDOIN Daniel; EGAN Richard Subject: FI-WARE - WP8 - T8.2 partner assets --> partner contribution needed Hi WP8, we need to collect all the assets from each partner (to be provided in template form). I collected the input I received so far and included as well the input I collected during our physical meeting in Madrid. Still some input is missing and also some detailed descriptons according to our template. To be concrete follwing is missing or at least to be checked if the asset is still valid: SAP IBM Thales Orange DTAG INRIA It would be nice if you could provide the missing input as soon as possible. Greetings Robert -------------- next part -------------- An HTML attachment was scrubbed... URL: From pascal.bisson at thalesgroup.com Mon Jun 20 11:31:14 2011 From: pascal.bisson at thalesgroup.com (BISSON Pascal) Date: Mon, 20 Jun 2011 11:31:14 +0200 Subject: [Fiware-security] FI-WARE Security - Presence in IoS & SW In-Reply-To: <0385F69C47D8694EA885D34BE18BCCC402F14D30@INTMAIL02.es.int.atosorigin.com> References: <0385F69C47D8694EA885D34BE18BCCC402F14D30@INTMAIL02.es.int.atosorigin.com> Message-ID: <12374_1308562279_4DFF1367_12374_1389_1_432cd212-e3d6-49f4-8333-b7ded635b626@THSONEA01HUB03P.one.grp> Hi Antonio, Daniel and/or I do plan to attend both events. As for the rest thanks for informing me/us on your publications plans regarding IoS 2011 and ServiceWave 2011. Regarding publications on FI-WARE Security project to such events I would suggest to indeed better coordinate our efforts. So let?s discuss at next audio conf our publication plans and see how we can join forces and be better organized to reach our publications goals. Best Regards, Pascal De : fiware-security-bounces at lists.fi-ware.eu [mailto:fiware-security-bounces at lists.fi-ware.eu] De la part de Antonio Garcia Vazquez Envoy? : vendredi 17 juin 2011 16:08 ? : Fiware-security at lists.fi-ware.eu Objet : [Fiware-security] FI-WARE Security - Presence in IoS & SW Dear All, This just to let you know that ATOS will present a paper on FI-WARE security at this forums: - Internet of Services 2011: Trust and Security (Brussels 28-29 Sep. ) - Security, Privacy and Trust track at ServiceWave 2011 (Poznan 26-28 Oct.) Abstract. Security is becoming a major issue in the development of new environments. Within the European Commission Programs oriented to define the Future Internet; the challenge taken on by FI-WARE project has been the design of server oriented architecture inspired by Secure by Design principles. Security in FI-WARE is defined as context adaptive architecture that guarantees protection against external attacks; privacy in communications & personal data sharing; and secure & trustworthy services as the default operation mode of the Future Internet. Keywords: Future Internet, Context based security, Dynamic Security and dependency. Run-time adaptive services In case you were planning to be at this event let me know Regards ************************************ * Antonio Garc?a V?zquez * * (+34) 91 214 9384 * * antonio.garcia at atosresearch.eu * ************************************ ------------------------------------------------------------------ This e-mail and the documents attached are confidential and intended solely for the addressee; it may also be privileged. If you receive this e-mail in error, please notify the sender immediately and destroy it. As its integrity cannot be secured on the Internet, the Atos Origin group liability cannot be triggered for the message content. Although the sender endeavours to maintain a computer virus-free network, the sender does not warrant that this transmission is virus-free and will not be liable for any damages resulting from any virus transmitted. Este mensaje y los ficheros adjuntos pueden contener informacion confidencial destinada solamente a la(s) persona(s) mencionadas anteriormente pueden estar protegidos por secreto profesional. Si usted recibe este correo electronico por error, gracias por informar inmediatamente al remitente y destruir el mensaje. Al no estar asegurada la integridad de este mensaje sobre la red, Atos Origin no se hace responsable por su contenido. Su contenido no constituye ningun compromiso para el grupo Atos Origin, salvo ratificacion escrita por ambas partes. Aunque se esfuerza al maximo por mantener su red libre de virus, el emisor no puede garantizar nada al respecto y no sera responsable de cualesquiera danos que puedan resultar de una transmision de virus. ------------------------------------------------------------------ -------------- next part -------------- An HTML attachment was scrubbed... URL: From pascal.bisson at thalesgroup.com Mon Jun 20 14:00:04 2011 From: pascal.bisson at thalesgroup.com (BISSON Pascal) Date: Mon, 20 Jun 2011 14:00:04 +0200 Subject: [Fiware-security] FI-WARE - Security AT - WP8 - Audio-conf Minutes (17/06/2011) Message-ID: <11675_1308571209_4DFF3649_11675_656_1_a8243426-fd9c-4057-a7fa-722702d1b37a@THSONEA01HUB05P.one.grp> Dear Colleague, Please find attached to this email the minutes from our last weekly audio-conf on WP8 (17/06/2011). Counting on each of you to go through these minutes and make your actions. As you will see there are actions for ALL and more specifically for INRIA and FT-Orange which were unfortunately not on the call. Counting on INRIA and FT-Orange to catch up on things with help of these minutes and by contacting Task lead for which they have still pending actions. Counting on you all to make your duties. Best Regards, Pascal -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: WP8 Audio-conf 170611 Minutes.doc Type: application/msword Size: 39424 bytes Desc: WP8 Audio-conf 170611 Minutes.doc URL: From Olivier.Festor at inria.fr Mon Jun 20 16:28:14 2011 From: Olivier.Festor at inria.fr (Olivier Festor) Date: Mon, 20 Jun 2011 16:28:14 +0200 Subject: [Fiware-security] FI-WARE - Security AT - WP8 - Audio-conf Minutes (17/06/2011) In-Reply-To: <11675_1308571209_4DFF3649_11675_656_1_a8243426-fd9c-4057-a7fa-722702d1b37a@THSONEA01HUB05P.one.grp> References: <11675_1308571209_4DFF3649_11675_656_1_a8243426-fd9c-4057-a7fa-722702d1b37a@THSONEA01HUB05P.one.grp> Message-ID: <4E2A07E2-37FF-4564-AD60-3D4FCC8C3CCA@inria.fr> Dear Pascal, I did answer to Daniel G. on June 15th, regarding Attacks and Exploits clearly stating that this was out of the scope of our contribution to Fi-Ware. We aim at providing an OVAL compliant framework which deals with configuration vulnerabilities NOT attack or exploit modeling. We therefore do not have anything particular to describe regarding exploits and attacks. We can provide access to a malware repository to the project. My input to Daniel did also include some data on vulnerabilities description (OVAL) and related repositories. If we have to provide more details please advice. Best Regards /Olivier Festor INRIA On Jun 20, 2011, at 2:00 PM, BISSON Pascal wrote: > Dear Colleague, > > > Please find attached to this email the minutes from our last weekly audio-conf on WP8 (17/06/2011). > > Counting on each of you to go through these minutes and make your actions. > > As you will see there are actions for ALL and more specifically for INRIA and FT-Orange which were unfortunately not on the call. > > Counting on INRIA and FT-Orange to catch up on things with help of these minutes and by contacting Task lead for which they have still pending actions. > > Counting on you all to make your duties. > > > Best Regards, > > Pascal > > -------------- next part -------------- An HTML attachment was scrubbed... URL: From pascal.bisson at thalesgroup.com Mon Jun 20 17:18:44 2011 From: pascal.bisson at thalesgroup.com (BISSON Pascal) Date: Mon, 20 Jun 2011 17:18:44 +0200 Subject: [Fiware-security] FI-WARE - Security AT - WP8 - Audio-conf Minutes (17/06/2011) In-Reply-To: <4E2A07E2-37FF-4564-AD60-3D4FCC8C3CCA@inria.fr> References: <11675_1308571209_4DFF3649_11675_656_1_a8243426-fd9c-4057-a7fa-722702d1b37a@THSONEA01HUB05P.one.grp> <4E2A07E2-37FF-4564-AD60-3D4FCC8C3CCA@inria.fr> Message-ID: <11675_1308583130_4DFF64DA_11675_1369_1_9a04d890-e100-4fa5-a79c-37bb51457f60@THSONEA01HUB06P.one.grp> Dear Olivier, Thanks for being back to me on the topic also the clarification. I will let Daniel decide and be back to you in case he would request additional input from your side regarding OVAL. In the meantime please provide him also me with your review comments and/or suggested changes of Security monitoring GE section as participant to T8.1. Don't forget also to provide any missing definition of terms, questions marks and/or references regarding your contribution through OVAL. Useless to say I would ask INRIA to conduct the same type of review for other sections coming from Tasks where INRIA is a partner (especially true for what concerns T8.2 where some input text was requested by NSN from INRIA side together with SAP). So either you or Daniel Le Metayer please try to make some text proposals here on which you could agree with SAP (for demand see minutes of last audio-conf I sent this morning) Hearing from you. Thanks Regards, Pascal De : Olivier Festor [mailto:Olivier.Festor at inria.fr] Envoy? : lundi 20 juin 2011 16:28 ? : BISSON Pascal Cc : Fiware-security at lists.fi-ware.eu; emmanuel.mayer at orange-ftgroup.com; xavier.aghina at orange-ftgroup.com; Daniel Le Metayer; GIDOIN Daniel; Guillaume Bonfante; michel cezon Objet : Re: FI-WARE - Security AT - WP8 - Audio-conf Minutes (17/06/2011) Importance : Haute Dear Pascal, I did answer to Daniel G. on June 15th, regarding Attacks and Exploits clearly stating that this was out of the scope of our contribution to Fi-Ware. We aim at providing an OVAL compliant framework which deals with configuration vulnerabilities NOT attack or exploit modeling. We therefore do not have anything particular to describe regarding exploits and attacks. We can provide access to a malware repository to the project. My input to Daniel did also include some data on vulnerabilities description (OVAL) and related repositories. If we have to provide more details please advice. Best Regards /Olivier Festor INRIA On Jun 20, 2011, at 2:00 PM, BISSON Pascal wrote: Dear Colleague, Please find attached to this email the minutes from our last weekly audio-conf on WP8 (17/06/2011). Counting on each of you to go through these minutes and make your actions. As you will see there are actions for ALL and more specifically for INRIA and FT-Orange which were unfortunately not on the call. Counting on INRIA and FT-Orange to catch up on things with help of these minutes and by contacting Task lead for which they have still pending actions. Counting on you all to make your duties. Best Regards, Pascal -------------- next part -------------- An HTML attachment was scrubbed... URL: From pascal.bisson at thalesgroup.com Wed Jun 22 17:21:55 2011 From: pascal.bisson at thalesgroup.com (BISSON Pascal) Date: Wed, 22 Jun 2011 17:21:55 +0200 Subject: [Fiware-security] FI-WARE WP8 input document to D2.1 Message-ID: <4300_1308756125_4E02089D_4300_870_1_4d1be611-28ab-42e8-a07a-67ef77a68e20@THSONEA01HUB04P.one.grp> Dear All, Find attached to this email, the latest version of WP8 input document to D2.1a that I just submitted to FusionForge. https://forge.fi-ware.eu/docman/admin/index.php?editdoc=1&docid=190&group_id=7 Latest changes include: * Last changes to Security Monitoring GE (including proofread of that section) * Text provided by SAP regarding accountability & trust (added to question marks section) Please perform all final check. In case of improvements send them to TL. As for Task leads and Caretakers please do final check and polish and confirm me the document is fine with you. Best regards, Pascal -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: FI-WARE High-Level Description Security v2.1 11-06-21 valid until 11-06-22.doc Type: application/msword Size: 1487360 bytes Desc: FI-WARE High-Level Description Security v2.1 11-06-21 valid until 11-06-22.doc URL: From pascal.bisson at thalesgroup.com Wed Jun 22 17:42:17 2011 From: pascal.bisson at thalesgroup.com (BISSON Pascal) Date: Wed, 22 Jun 2011 17:42:17 +0200 Subject: [Fiware-security] FI-WARE WP8 input document to D2.1 Message-ID: <24593_1308757341_4E020D5D_24593_1464_1_3a251394-5e49-4564-85de-bcfd2b0dfa7d@THSONEA01HUB01P.one.grp> Dear All, Here is the right link to gain access to the latest version of the WP8 input document I was referring to in my previous email. Hopefully this time I also attached but in case you'd like to access it from the repository here is the link ... https://forge.fi-ware.eu/docman/view.php/7/190/FI-WARE+High-Level+Description+Security+v2.1+11-06-21+valid+until+11-06-22.doc Thanks to Juanjo to have noticed I was not using the right one. Best Regards, Pascal De : BISSON Pascal Envoy? : mercredi 22 juin 2011 17:22 ? : Fiware-security at lists.fi-ware.eu Cc : Seidl, Robert (NSN - DE/Munich); 'TRABELSI, Slim'; GIDOIN Daniel; 'Antonio Garcia Vazquez'; 'Michael Osborne'; 'Jan Camenisch'; BISSON Pascal; SIEUX Corinne Objet : FI-WARE WP8 input document to D2.1 Dear All, Find attached to this email, the latest version of WP8 input document to D2.1a that I just submitted to FusionForge. https://forge.fi-ware.eu/docman/admin/index.php?editdoc=1&docid=190&group_id=7 Latest changes include: ? Last changes to Security Monitoring GE (including proofread of that section) ? Text provided by SAP regarding accountability & trust (added to question marks section) Please perform all final check. In case of improvements send them to TL. As for Task leads and Caretakers please do final check and polish and confirm me the document is fine with you. Best regards, Pascal -------------- next part -------------- An HTML attachment was scrubbed... URL: From jca at zurich.ibm.com Thu Jun 23 15:11:48 2011 From: jca at zurich.ibm.com (Jan Camenisch) Date: Thu, 23 Jun 2011 15:11:48 +0200 Subject: [Fiware-security] FI-WARE - Security AT - WP8 - Audio-conf Minutes (17/06/2011) In-Reply-To: <11675_1308571209_4DFF3649_11675_656_1_a8243426-fd9c-4057-a7fa-722702d1b37a@THSONEA01HUB05P.one.grp> References: <11675_1308571209_4DFF3649_11675_656_1_a8243426-fd9c-4057-a7fa-722702d1b37a@THSONEA01HUB05P.one.grp> Message-ID: <6347DE3E-AFEF-49DA-8FBD-896E57C4660F@zurich.ibm.com> Hej Pascal, Here's references that can be included in the High-Level description. As I do not have microsoft word available (no licenses by IBM policy), here they are in acsii (I could edit in openoffice, but that might be more of a pain for references than plain ascii, I'm afraid). Hope that works. [idemixspec] IBM Research ? Zurich, Specification of the Identity Mixer Cryptographic Library, Version 2.3.3 http://www.zurich.ibm.com/~pbi/identityMixer_gettingStarted/IdentityMixer_ProtocolSpecification_2-3-3.pdf [idemixlib] http://www.zurich.ibm.com/~pbi/identityMixer_gettingStarted/index.html [biccam] P. Bichsel and J. Camenisch. Mixing Identities with Ease. IFIP Working Conference on Policies & Research in Identity Management (IDMAN '10), Oslo, Norway, November 18-19, 2010. For the terms, section 3.1.4, I'd like to add: Partial identity: a partial identity is a set of attributes of a user. Thus, an identity is composed of all attributes of a user, a partial identity is a subset of a user's identity. Typically, a user is known to another party only as a partial identity. A partial identity can have a unique identifier. The latter is a strong identifier if is allows for a strong authentication of the user (holder) of the partial identity, such a cryptographic "identification" protocol. In the paragraph about identity management I'd like to replace "idenfied" by "authenticated" Regarding to the document itself: right now, the enablers of NSN, IBM, and SAP are described independently, however they are overlapping and would need to be integrated into each other. I guess for this documents we won't do this, but it would be good if we would point that out to the reader. What do you think? Best, Jan On 20.06.2011, at 14:00, BISSON Pascal wrote: > Dear Colleague, > > > Please find attached to this email the minutes from our last weekly audio-conf on WP8 (17/06/2011). > > Counting on each of you to go through these minutes and make your actions. > > As you will see there are actions for ALL and more specifically for INRIA and FT-Orange which were unfortunately not on the call. > > Counting on INRIA and FT-Orange to catch up on things with help of these minutes and by contacting Task lead for which they have still pending actions. > > Counting on you all to make your duties. > > > Best Regards, > > Pascal > > _______________________________________________ > Fiware-security mailing list > Fiware-security at lists.fi-ware.eu > http://lists.fi-ware.eu/listinfo/fiware-security Dr. Jan Camenisch Member, IBM Academy of Technology IBM Research - Zurich www.zurich.ibm.com/~jca tel: +41 44 724 8279 fax: +41 44 724 8953 http://twitter.com/#!/dtiIeynt_xreMi -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/pkcs7-signature Size: 4379 bytes Desc: not available URL: From pascal.bisson at thalesgroup.com Fri Jun 24 09:06:39 2011 From: pascal.bisson at thalesgroup.com (BISSON Pascal) Date: Fri, 24 Jun 2011 09:06:39 +0200 Subject: [Fiware-security] FI-WARE - Security AT - WP8 - Audio-conf Minutes (17/06/2011) In-Reply-To: <6347DE3E-AFEF-49DA-8FBD-896E57C4660F@zurich.ibm.com> References: <11675_1308571209_4DFF3649_11675_656_1_a8243426-fd9c-4057-a7fa-722702d1b37a@THSONEA01HUB05P.one.grp> <6347DE3E-AFEF-49DA-8FBD-896E57C4660F@zurich.ibm.com> Message-ID: <26571_1308899200_4E043780_26571_3534_1_CBBCD6C304123F4AB23FAAE3055C8C0E02014AFEAF2B@THSONEA01CMS04P.one.grp> Hi Jan, Thanks for this input will update the document accordingly. Talk to you tomorrow at our audio Regards, Pascal De : Jan Camenisch [mailto:jca at zurich.ibm.com] Envoy? : jeudi 23 juin 2011 15:12 ? : BISSON Pascal Cc : Fiware-security at lists.fi-ware.eu; Robert Seidl; Michael Osborne; Slim TRABELSI Objet : Re: [Fiware-security] FI-WARE - Security AT - WP8 - Audio-conf Minutes (17/06/2011) Importance : Haute Hej Pascal, Here's references that can be included in the High-Level description. As I do not have microsoft word available (no licenses by IBM policy), here they are in acsii (I could edit in openoffice, but that might be more of a pain for references than plain ascii, I'm afraid). Hope that works. [idemixspec] IBM Research - Zurich, Specification of the Identity Mixer Cryptographic Library, Version 2.3.3 http://www.zurich.ibm.com/~pbi/identityMixer_gettingStarted/IdentityMixer_ProtocolSpecification_2-3-3.pdf [idemixlib] http://www.zurich.ibm.com/~pbi/identityMixer_gettingStarted/index.html [biccam] P. Bichsel and J. Camenisch. Mixing Identities with Ease. IFIP Working Conference on Policies & Research in Identity Management (IDMAN '10), Oslo, Norway, November 18-19, 2010. For the terms, section 3.1.4, I'd like to add: Partial identity: a partial identity is a set of attributes of a user. Thus, an identity is composed of all attributes of a user, a partial identity is a subset of a user's identity. Typically, a user is known to another party only as a partial identity. A partial identity can have a unique identifier. The latter is a strong identifier if is allows for a strong authentication of the user (holder) of the partial identity, such a cryptographic "identification" protocol. In the paragraph about identity management I'd like to replace "idenfied" by "authenticated" Regarding to the document itself: right now, the enablers of NSN, IBM, and SAP are described independently, however they are overlapping and would need to be integrated into each other. I guess for this documents we won't do this, but it would be good if we would point that out to the reader. What do you think? Best, Jan On 20.06.2011, at 14:00, BISSON Pascal wrote: Dear Colleague, Please find attached to this email the minutes from our last weekly audio-conf on WP8 (17/06/2011). Counting on each of you to go through these minutes and make your actions. As you will see there are actions for ALL and more specifically for INRIA and FT-Orange which were unfortunately not on the call. Counting on INRIA and FT-Orange to catch up on things with help of these minutes and by contacting Task lead for which they have still pending actions. Counting on you all to make your duties. Best Regards, Pascal _______________________________________________ Fiware-security mailing list Fiware-security at lists.fi-ware.eu http://lists.fi-ware.eu/listinfo/fiware-security Dr. Jan Camenisch Member, IBM Academy of Technology IBM Research - Zurich www.zurich.ibm.com/~jca tel: +41 44 724 8279 fax: +41 44 724 8953 http://twitter.com/#!/dtiIeynt_xreMi -------------- next part -------------- An HTML attachment was scrubbed... URL: From pascal.bisson at thalesgroup.com Fri Jun 24 09:06:39 2011 From: pascal.bisson at thalesgroup.com (BISSON Pascal) Date: Fri, 24 Jun 2011 09:06:39 +0200 Subject: [Fiware-security] TR: Future Internet Assembly Newsletter - June 2011 Message-ID: <840_1308899200_4E043780_840_10890_1_CBBCD6C304123F4AB23FAAE3055C8C0E02014AFEAF2A@THSONEA01CMS04P.one.grp> FYI De : Anne-marie.SASSEN at ec.europa.eu [mailto:Anne-marie.SASSEN at ec.europa.eu] Envoy? : jeudi 23 juin 2011 11:25 ? : all at future-internet.eu Objet : [All at Future-Internet] Future Internet Assembly Newsletter - June 2011 In case this email does not display properly in your browser, please use http://ec.europa.eu/information_society/activities/foi/library/nl/newsletter16.html [cid:image001.jpg at 01CC31BF.1235C4D0]Newsletter Issue 16 - June 2011 Unsubscribe | Subscribe Save the date: FIA Poznan 25-26 October 2011 [cid:image002.png at 01CC31BF.1235C4D0] The next FIA will take place on 25-26 October in Poznan. The Steering Committee will select the topics that you have proposed on 24 June, and that way select the Programme Committee for Poznan. The selected members will be informed shortly after. [cid:image003.jpg at 01CC31BF.1235C4D0] News from the FIA working groups [cid:image004.png at 01CC31BF.1235C4D0]FIA ROADMAPPING The Future Internet Research Roadmapping Working Group met in Brussels on 3-4 May to discuss progress with the Research Roadmap and to identify areas of consensus and common themes. The themes that emerged, and which are described in detail in version 1.0 of the roadmap (available for download here) are summarised below. Research priorities * Building the Future Internet (research about foundational and enabling technologies): 1. Beyond converged infrastructure ? the Internet infrastructure beyond 2020 brings new capabilities and capacities 2. Networked data ? exploiting the Internet?s natural resource 3. Internet Security - maintaining the security of the Internet and its users online ? Using the Future Internet (research that will transform what we do and how we do it): 4. Networked interaction ? people interacting with each other, with information, and with cyber-physical worlds 5. Networked augmentation ? from an Internet of things to an Internet doing things 6. Networked innovation ?the Internet as an innovation ecosystem, supported by architecture, policy, and invention. Version 1.0 of the research document contains an executive summary, which elaborates the results of our analysis. This version of the roadmap was presented by Nick Wainwright to the Future Internet community at the FIA Conference in Budapest (16-20 May 2011). The research roadmap is being further developed and refined and will be presented for discussion at the next FIA Conference in Poznan. [cid:image005.jpg at 01CC31BF.1235C4D0] Future Internet Architecture The FIArch group took place on 23 May 2011 in BU25, Brussels. More than 40 experts from industry and academy participated in the meeting. The agenda of the workshop, contributions and presentations are available here. The major highlights of the workshop were the following: a) There was a strong interest of most participants on the FIArch group work and they would like to actively participate to the group b) A number of very interesting and diversing opinions on the FI Design Principles have been contributed , presented and discussed/debated in the workshop. c) The next step for FIArch group will be to analyse them from a technical and socio-economic point of view and decide on the most important ones, which received the maximum consensus. d) A schedule for the FI Design Principles white paper has been drafted. The next milestone for the group will be to draft the version to be presented in FIA Poznan and to collect feedback/comments, which will lead to the final version of the white paper in November. PARADISO open consultation The main objective of the PARADISO2 FP7 (FIRE) project is to reach a better understanding of the possible and probable interactions between Internet and societal developments in the next decades, from which recommendations on innovative research areas to explore today can be derived. The main findings are detailed in successive versions of the so-called ?PARADISO reference document?. The last version of this document, suggesting in particular to ?explore the Internet at its limits? has been made available on the PARADISO web site and is proposed to public consultation until June 30, 2011. Inputs from the FIA community are expected! The IOT International Forum IoT-I, CASAGRAS2, CATR and Wuxi SensingNet are pleased to announce the launch of The IoT International Forum, with the support of the European Commission. The IoT International Forum is a one-stop shop for actors to come together from both the global IoT community and from domains which could benefit from Internet of Things. The exchange of ideas and viewpoints will identify strategic directions for IoT, the related markets and business opportunities, societal impacts and benefits, and the legal and regulatory framework to enable this in a responsible manner. By fostering a culture of discussion and collaboration, The IoT International Forum will aim to produce outputs representing the views of its membership and participants which will influence standards and regulatory bodies, funding bodies, and the wider IoT related domains, as well as informing and educating its own membership. The Forum will be a not for profit organisation, open to all actors, and the initial events will feature free registration. There will be an open Forum information and planning meeting on 6th June 2011, as part of ?IoT Week? in Barcelona. The first full Forum event will take place in Berlin 22nd/23rd of November 2011, with details to be released in the summer. To receive details of The IoT International Forum, please register your interest via info at iot-i.eu, or monitor the website. [cid:image006.gif at 01CC31BF.1235C4D0]FIRE As for FIA-Budapest, you are invited to help create the agenda for the FIRE Day, via the FIRE wiki page The items below are currently provisionally included: - Introduction of the new FIRE IP projects from Call 7 - Outline of the FP8 Workprogramme and opportunities to supplement the information - Further details of Call 8 (deadline January, 2012) - A half-day workshop with MyFIRE on Standardisation, comprising 2 themes: (i) identifying the relevant standards for FIRE projects, and (ii) using the FIRE facilities as test sites for reference implementations of application standards - Presentations from the FI-PPP community - Presentations of the accepted proposals from the first Open Calls from BonFIRE, OFELIA and TEFIS. Future Internet Week in Budapest, 16-19 May 2011 [cid:image007.jpg at 01CC31BF.1235C4D0]In the warm spring sunshine of Budapest the Future Internet Week was bringing together more than 450 researchers from all over Europe. The technical issues of the future internet were firmly placed within their political and societal context. Concerns and challenges were shared, ideas voiced, suggestions debated. Europe is still a hotbed for internet research and the FIA is the place to discover the cutting edge of this endeavour. Please take a look here for uploaded presentations. The full report about the event will be published soon. FIA Budapest sessions related to ICT Trust and Security Within FIA Budapest, there were a number of sessions where Trust and Security issues were discussed, namely The Economics of Privacy, The Internet of Things and the Future Internet, Security and Usability, and the closing plenary on Cloud Computing. All materials related to those sessions can be found here. For further information, please contact Frances Cleary, Effectsplus coordinator: fcleary at tssg.org FIRE Research Workshop ( Budapest) Presentations from the FIRE Research workshop in Budapest (16 May) are now available here. Future Internet Award An Internet-of-Things initiative entitled SmartSantander has been announced as the winner of the second Future Internet Award. Prof. Robert Szabo from the Award?s Judging Panel made the announcement during the closing ceremony of Budapest?s Future Internet Assembly event on 19th May. Prof. Szabo, from the Budapest University of Technology and Economics, said SmartSantander, ?promotes smart services development? and provided exemplary work which ?could be replicated in other countries.? The SmartSantander initiative involves a city-wide experimental research facility to support applications and services for a ?smart city?. This unique development will be flexible enough to engage with other experimental facilities. It will also stimulate new user applications, facilitate research on Internet-of-Things technologies and assess real-life users? acceptability testing. [cid:image008.jpg at 01CC31BF.1235C4D0] Comprising more than 20,000 sensors, SmartSantander?s core facility will be located in the city of Santander, the capital of the Cantabria region on Spain?s north coast. The rich variety of partners involved in the SmartSantander initiative caught the particular attention of the Future Internet Award?s Judging Panel. One Judge said, ?the consortium is a perfect example of inclusion of local entities, citizens, communities, cross-regional and/or cross-national involvement and contacts with industry.? Another said ?there is a dialogue between cities, businesses, citizens, and ICT researchers and developers applying user-driven innovation methodologies.? Research Council Workshop ceFIMS has now hosted its first European-level workshop. The event took place in the beautiful surroundings of Gerbeaud House, during Budapest?s Future Internet Week. The majority of participants at the workshop were members of research councils and funding agencies from across 17 Member States. Also present were Future Internet Forum (FIF) Members and representatives from the INFINITY PPP project. Click here for background information on this workshop, including its official agenda. On the day, workshop participants divided themselves into four groups of 8-10 persons to discuss a number of topics. The conclusions from each of these discussions were then presented to the workshop?s closing plenary session. These conclusions will be included in the workshop report, which will be available shortly. [cid:image003.jpg at 01CC31BF.1235C4D0] Upcoming events 3rd Future Internet Usage Areas Workshop, 28-29 June 2011, Hotel Husa, Brussels This workshop aims to cultivate a common discussion between the stakeholders from all sectors using, and planning to use, the services and facilities of Future Internet (FI) to build an extended FI community and to foster a holistic cross sector approach to accelerating the Future Internet in Europe. The workshop will enable a detailed discussion on the Usage Areas requirements and in particular how they can be part of the bigger picture of Future Internet evolution in Europe. A specific ambition will be to identify how additional usage areas may share and benefit from the approach of the FI-PPP while working under complementary programmes. Another ambition is to promote an ongoing discussion about the priorities and the activities in the community not yet involved in the PPP and how to organise this. Effectsplus 2nd Trust and Security Clustering Event, 4-5 July 2011, Vrije Universiteit, Amsterdam Registration deadline June 27th 2011 This July clustering event will encompass 2 main workshops: 1. Services and Cloud cluster : ?software assurance and certification workshop?? 2. Systems and Networks cluster : ?Modelling workshop?? Building International Cooperation for Trustworthy ICT (BIC) is organising an afternoon session on 6th July 2011 as part of the SysSec workshop at Vrije Universiteit, Amsterdam. Further information can be found here. PARADISO high-level conference, 7-9 September 2011, Brussels [cid:image009.png at 01CC31BF.1235C4D0]The 2011 PARADISO conference will be held in the Charlemagne building of the European Commission in Brussels, on the theme ?Internet and societies - New innovation paths?. It is set to be one of the few major global events of 2011 focusing on Future Internet issues, taking place under the aegis of the European Commission and with the support of leading global institutions. It will be officially opened by Ms Neelie Kroes, Vice President of the European Commission, and European Digital Agenda Commissioner. Registration for this conference has to be done online. It is free of charge to register but early registration is recommended because of the limited room capacity at the venue. Open Calls FIRE Projects "Information Day", 14 September 2011, Brussels The projects CREW and SmartSantander and possibly new projects following Call 7, will shortly launch their Open Calls for new users. An "Information Day" about these projects and the Open Call procedures will be held in Brussels on 14 September 2011, Avenue de Beaulieu n?33 (am) / 25 (pm). Stay tuned at the website. [cid:image003.jpg at 01CC31BF.1235C4D0] Reports [cid:image010.gif at 01CC31BF.1235C4D0]The Internet of Things by Internet of Things experts In the framework of the IoT-i work, experts gave our journalist their view of the Internet of Things and its future ! Alessandro Bassi - We need a killer business model Stephan Haller - The entity of interest is a cow ________________________________ Future Networks Research and Innovation via Standardisation Report The Future Networks Research and Innovation via Standardisation Report is now available. Following the February 10th Concertation Plenary Meeting in Brussels, it highlights the latest FP7 projects having reached the standardisation stage. ________________________________ Study On Mobile Image Search published by Spiros Nikolopoulos, Chatzilari Elisavet,Yiannis Kompatsiaris from CERTH-ITI and Stavri Nikolov from JRC with contributions from Henning M?ller - HES-SO and Xavier Le Bourdon ? JCP "This study tackles the existing applications for visual-based mobile image search and investigates their technical and socio-economic aspects. To this end, the authors go through the basic architecture of these applications and list the utilized technologies. Moreover, they provide an overview of the user needs and usage patterns of such applications, as well as a brief description of the business models that are currently employed. The most significant part of the document is devoted on presenting 12 of such mobile image search applications, where for each one brief background information are provided, the functionality of the offered service and the domain of target users are described and the adopted business model is discussed. In concluding, they compare the examined applications in terms of the adopted technology, target users and business model and identify the most important trends in the sector both from a technological and socio-economic perspective." ________________________________ Think-Tank on the Future of Music Search, Access and Consumption Outcomes of the "Think-Tank on the Future of Music Search, Access and Consumption? Chorus + organised co-localised with MIDDEM in Cannes (January 2011). "The digital changeover has been highly disruptive to the music business so far. This 3rd Chorus+Think- Tank focused on analyzing what is lying ahead, especially from a technological viewpoint with regard to latest technologies emerging from R&D. The goal of this Think-Tank was to establish, with selected highly qualified market and technology experts, a possible consensual understanding of, and outlook on, the future of future musical services, to identify crucial technologies in relation to search and to outline the map of key enabling technologies in the area. The Think-Tank analyzed current music consumption patterns, emerging services and technologies and discussed technological gaps in the music industry in terms of search, recommendation and personalization. It identified and the open questions and the challenges of the music industry in the coming 10 years." The report written by Th. Lidy (Vienna University of Technology) P. Vander Linden (Technicolor) and JC. Point (JCP) can be downloaded here. ________________________________ NextMedia - Future Media Internet Architecture - Think Tank (FMIA-TT) whitepaper towards the design of a FMIA Reference Model This document has been produced by a discussion forum of experts in the area of media and networks, named: Future Media Internet - Think Tank (FMIA-TT). FMIA-TT aims to create a reference model of a ?Future Media Internet Architecture?, covering delivery, in the network adaptation/enrichment and consumption of media over the Future Internet ecosystem. This white paper concludes the first phase of the working group by proposing a FMIA reference model. ________________________________ FIRE projects whitepaper Benchmarking computers and computer networks - white paper Experts from FIRE projects, among others CREW, BonFIRE, Onelab2 and FIRESTATION has issued a white paper on benchmarking computer networks and computers. With ?benchmarking tools?, one usually refers to a program or set of programs, used to evaluate the performance of a solution under certain reference conditions, relative to the performance of another solution. Since the 1970s, benchmarking techniques have been used to measure the performance of computers and computer networks. Benchmarking of applications and virtual machines in an Infrastructure-as-a-Service (IaaS) context is being researched in a BonFIRE experiment and the benchmarking of wired and wireless computer networks is put forward as a research topic in the research projects CREW and OneLab2. The white paper elaborates on the interpretation of the term ?benchmarking? in these projects, and answers why research on benchmarking is still relevant today. After presenting a high-level generic benchmarking architecture, the possibilities of benchmarking are illustrated through two examples: benchmarking cloud services and benchmarking cognitive radio solutions. You are invited to contribute and comment on the white paper via the contact(at)ict-fire.eu form or directly to the editor Stefan Bouckaert stefan.bouckaert(at)intec.ugent.be. ________________________________ Going wireless for extra home comfort and transport safety: EU-funded ultra-wide band technology seen through EUWB (European Ultra-Wideband) project Wherever you may find yourself - at home, on an intercontinental flight or enjoying an exciting road trip - staying connected is no longer a whim, but a real necessity. EUWB (Coexisting Short Range Radio by Advanced Ultra-Wideband Radio Technology), an EU-funded FP7 project in the "Future Networks" area, has taken Ultra Wide Band Radio Technology (UWB) some good steps further. EUWB uses this technology to develop smarter solutions for more efficient home entertainment, air travel and cars. This effort helps define the aim of the Digital Agenda for Europe: turning "Every European Digital". [cid:image003.jpg at 01CC31BF.1235C4D0] Videos The FIRE STATION project has produced a new video that gives an overview of FIRE - Future Internet Research and Experimentation, and the current FIRE activities. ________________________________ The PURSUIT of... Future Internet EU researchers built an information-centric Internet architecture where no longer the mere transport of data but rather the information as such is in the main focus. This has many benefits in terms of information access anywhere and anytime, security and safety, and policy-based handling of information. What's exactly in it for you? Meet Jeffrey who benefits from this "new Internet": see how secured access to personal medical records enabled by this new approach could be used in the future for better patient care and an overall longer-lasting, more fulfilling life. Enjoy the video! ________________________________ SENSEI brings sustainable transport to smart cities Chilly, rainy morning? You're already late, and the bus is nowhere in sight. Forget about the schedule! A scenario we know all too well is soon to become a thing of the past. SENSEI's project ecoBUS and busTRACKER services provide solutions for smarter city transport. These are already deployed in the Serbian cities of Belgrade and Pan?evo and have come to light with the deployment of EU-funded research results. Enjoy the video! ________________________________ [cid:image011.jpg at 01CC31BF.1235C4D0] [cid:image012.jpg at 01CC31BF.1235C4D0] Editors: Frances Cleary (Effects+, TSSG Waterford) & Anne-Marie Sassen, Graziana Lonero (European Commission) To ensure you receive our newsletter, make sure you add infso-future-internet @ ec.europa.eu to your address book. If you prefer not to receive future email from the INFSO FUTURE INTERNET ASSEMBLY, please unsubscribe here. -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: image001.jpg Type: image/jpeg Size: 11309 bytes Desc: image001.jpg URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: image002.png Type: image/png Size: 136201 bytes Desc: image002.png URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: image003.jpg Type: image/jpeg Size: 11033 bytes Desc: image003.jpg URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: image004.png Type: image/png Size: 7978 bytes Desc: image004.png URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: image005.jpg Type: image/jpeg Size: 4044 bytes Desc: image005.jpg URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: image006.gif Type: image/gif Size: 3349 bytes Desc: image006.gif URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: image007.jpg Type: image/jpeg Size: 6098 bytes Desc: image007.jpg URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: image008.jpg Type: image/jpeg Size: 4532 bytes Desc: image008.jpg URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: image009.png Type: image/png Size: 32945 bytes Desc: image009.png URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: image010.gif Type: image/gif Size: 6800 bytes Desc: image010.gif URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: image011.jpg Type: image/jpeg Size: 16059 bytes Desc: image011.jpg URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: image012.jpg Type: image/jpeg Size: 4368 bytes Desc: image012.jpg URL: From pascal.bisson at thalesgroup.com Fri Jun 24 09:06:41 2011 From: pascal.bisson at thalesgroup.com (BISSON Pascal) Date: Fri, 24 Jun 2011 09:06:41 +0200 Subject: [Fiware-security] FI-WARE - Security AT - Weekly audio conf details for tomorrow's audio (24/06/2011 - 10am-12am) Message-ID: <26571_1308899206_4E043786_26571_3540_1_4549b5e6-b80e-4c54-9b90-2f8bb2d0c9cd@THSONEA01HUB01P.one.grp> Dear All, Here are the details for our audio conf of tomorrow Friday (24/06/11) starting at 10am sharp. Counting on each organization involved in WP8 to be represented. On the Agenda of this audio conf: ? Report on status of WP8 input document to D2.1a ? Report on Security issues derived from WP6 document (THA, ATOS, INRIA and others) ? Report on way forward till D2.1a submission 1. Task forces set-up to identify Security issues from other AT input document ? Events to come and papers ? Other topics Here are the details to join: Meeting room number would be the following one : 391581 LocalConnect number to join: Australia Australia Toll Free 1800 005 574 Australia Sydney +61 (0) 282 239 767 Austria Vienna +43 (0) 2682 205 6609 Belgium Brussels +32 (0) 2 789 8678 Denmark Copenhagen +45 3271 4340 Finland Helsinki +358 (0) 923 142 830 France Lyon +33 (0) 426 840 285 France Marseille +33 (0) 488 915 385 France Paris +33 (0) 170 994 816 Germany Berlin +49 (0) 3072 616 7342 Germany D?sseldorf +49 (0) 2115 407 3902 Germany Frankfurt +49 (0) 6971 044 5635 Germany Hamburg +49 (0) 4080 902 0684 Germany Munich +49 (0) 8924 443 2893 Germany Stuttgart +49 (0) 7111 856 2130 Hong Kong Hong Kong +852 301 145 59 Hungary Budapest +36 (06) 1-889-3286 Ireland Dublin +353 (0) 14 860 780 Israel Israel Toll Free 1809 245 981 Italy Milan +39 0 230 413 017 Italy Rome +39 0 645 217 056 Italy Turin +39 0 112 179 2159 Japan Japan Toll Free 005 311 212 65 Japan Tokyo +81 (0) 357 675 025 Korea, Republic Of Seoul +82 (0) 234 831 224 Luxembourg Luxemburg City +352 2700 41 42 Malaysia Kuala Lumpur +60 (0) 377 124 640 Netherlands Amsterdam +31 (0) 207 948 529 New Zealand Auckland +64 (0) 9 919 2428 Norway Oslo +47 2153 3919 Poland Poland Toll Free 0080 0121 1304 Portugal Portugal Toll Free 800 814 183 Russia Russia Toll Free 81080 02209 4011 Singapore Singapore +65 6622 1068 Spain Barcelona +34 93 492 3235 Spain Madrid +34 91 788 9908 Sweden Stockholm +46 (0) 850 520 145 Switzerland Geneva +41 (0) 225 927 428 United Kingdom Birmingham +44 (0) 121 260 4686 United Kingdom London +44 (0) 207 153 9902 United Kingdom Manchester +44 (0) 161 250 0679 United States USA & Canada Toll Free 1888 249 0050 United States USA Toll +1 954 334 1559 -------------- next part -------------- An HTML attachment was scrubbed... URL: From pascal.bisson at thalesgroup.com Fri Jun 24 09:06:41 2011 From: pascal.bisson at thalesgroup.com (BISSON Pascal) Date: Fri, 24 Jun 2011 09:06:41 +0200 Subject: [Fiware-security] FI-WARE - Security AT - WP8 - Audio-conf Minutes (17/06/2011) In-Reply-To: <6347DE3E-AFEF-49DA-8FBD-896E57C4660F@zurich.ibm.com> References: <11675_1308571209_4DFF3649_11675_656_1_a8243426-fd9c-4057-a7fa-722702d1b37a@THSONEA01HUB05P.one.grp> <6347DE3E-AFEF-49DA-8FBD-896E57C4660F@zurich.ibm.com> Message-ID: <840_1308899205_4E043785_840_10891_1_CBBCD6C304123F4AB23FAAE3055C8C0E02014AFEAF2D@THSONEA01CMS04P.one.grp> Dear Jan, Find attached the document with the two changes (add-ons) implemented. As for your remark that I share let's have it discussed tomorrow with TL and decide on it . In the meantime feel free to propose a text for TL to implement. Regards, Pascal De : Jan Camenisch [mailto:jca at zurich.ibm.com] Envoy? : jeudi 23 juin 2011 15:12 ? : BISSON Pascal Cc : Fiware-security at lists.fi-ware.eu; Robert Seidl; Michael Osborne; Slim TRABELSI Objet : Re: [Fiware-security] FI-WARE - Security AT - WP8 - Audio-conf Minutes (17/06/2011) Importance : Haute Hej Pascal, Here's references that can be included in the High-Level description. As I do not have microsoft word available (no licenses by IBM policy), here they are in acsii (I could edit in openoffice, but that might be more of a pain for references than plain ascii, I'm afraid). Hope that works. [idemixspec] IBM Research - Zurich, Specification of the Identity Mixer Cryptographic Library, Version 2.3.3 http://www.zurich.ibm.com/~pbi/identityMixer_gettingStarted/IdentityMixer_ProtocolSpecification_2-3-3.pdf [idemixlib] http://www.zurich.ibm.com/~pbi/identityMixer_gettingStarted/index.html [biccam] P. Bichsel and J. Camenisch. Mixing Identities with Ease. IFIP Working Conference on Policies & Research in Identity Management (IDMAN '10), Oslo, Norway, November 18-19, 2010. For the terms, section 3.1.4, I'd like to add: Partial identity: a partial identity is a set of attributes of a user. Thus, an identity is composed of all attributes of a user, a partial identity is a subset of a user's identity. Typically, a user is known to another party only as a partial identity. A partial identity can have a unique identifier. The latter is a strong identifier if is allows for a strong authentication of the user (holder) of the partial identity, such a cryptographic "identification" protocol. In the paragraph about identity management I'd like to replace "idenfied" by "authenticated" Regarding to the document itself: right now, the enablers of NSN, IBM, and SAP are described independently, however they are overlapping and would need to be integrated into each other. I guess for this documents we won't do this, but it would be good if we would point that out to the reader. What do you think? Best, Jan On 20.06.2011, at 14:00, BISSON Pascal wrote: Dear Colleague, Please find attached to this email the minutes from our last weekly audio-conf on WP8 (17/06/2011). Counting on each of you to go through these minutes and make your actions. As you will see there are actions for ALL and more specifically for INRIA and FT-Orange which were unfortunately not on the call. Counting on INRIA and FT-Orange to catch up on things with help of these minutes and by contacting Task lead for which they have still pending actions. Counting on you all to make your duties. Best Regards, Pascal _______________________________________________ Fiware-security mailing list Fiware-security at lists.fi-ware.eu http://lists.fi-ware.eu/listinfo/fiware-security Dr. Jan Camenisch Member, IBM Academy of Technology IBM Research - Zurich www.zurich.ibm.com/~jca tel: +41 44 724 8279 fax: +41 44 724 8953 http://twitter.com/#!/dtiIeynt_xreMi -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: FI-WARE High-Level Description Security v2.1 11-06-22 valid until 11-06-23.doc Type: application/msword Size: 1492992 bytes Desc: FI-WARE High-Level Description Security v2.1 11-06-22 valid until 11-06-23.doc URL: From pascal.bisson at thalesgroup.com Sun Jun 26 09:53:31 2011 From: pascal.bisson at thalesgroup.com (BISSON Pascal) Date: Sun, 26 Jun 2011 09:53:31 +0200 Subject: [Fiware-security] FI-WARE - Security AT - Audio-conf 24/06/11 - Minutes Message-ID: <10969_1309074815_4E06E57F_10969_7561_1_45b53438-4737-461d-b613-a5ed8e573017@THSONEA01HUB02P.one.grp> Dear colleagues, Find attached to this email the minutes of our last audio conference on WP8. (as usual if you see something missing, please let me know) Please read carefully and make your actions. For your information: ? I uploaded on the repository the latest version of WP8 input document to D2.1a (please use it for your subsequent updates): https://forge.fi-ware.eu/docman/view.php/7/190/FI-WARE+High-Level+Description+Security+v2.1+11-06-22+valid+until+11-06-26.doc ? I created a new folder under FI-WARE Security project entitled "Other AT input docs to D2.1". o This is the place where I put latest version of WP6 input document to D2.1a as well as security issues we (THA & ATOS since appointed to monitor WP6 - and NSN who joined) identified (as per document also put there https://forge.fi-ware.eu/docman/view.php/19/202/FI-WARE-Security+Issues+WP6+-+WP8+input+document+THA-ATOS-NSN+v1.0.doc) o I also put in this folder initial draft prepared by Thales respectively ThereSIS and TRT-UK for what concerns security issues identified when reading respectively Cloud hosting and IoT input docs to D2.1a. ? https://forge.fi-ware.eu/docman/view.php/19/203/FI-WARE-Security+Issues+WP4+-+WP8+input+document+v0.1+THA.doc, ? https://forge.fi-ware.eu/docman/view.php/19/204/FI-WARE-Security+Issues+WP5+-+WP8+input+document+v0.1+THA.doc Of course these documents would have now to be completed with inputs from other members of this team appointed (TID+NSN for Cloud Hosting) and FT-Orange (for IoT). This according to the set deadline (so by 27/06/11 EOB). As for the rest everything is in the minutes so counting on you to have an in-depth look. @Daniel please organize the doodle for audio conf this week (target mid of this week) in view of availabilities you have. Best Regards, Pascal -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: WP8 Audio-conf 240611 Minutes.doc Type: application/msword Size: 52224 bytes Desc: WP8 Audio-conf 240611 Minutes.doc URL: From pascal.bisson at thalesgroup.com Tue Jun 28 15:07:12 2011 From: pascal.bisson at thalesgroup.com (BISSON Pascal) Date: Tue, 28 Jun 2011 15:07:12 +0200 Subject: [Fiware-security] FI-WARE - WP6 Security issues (check & review) Message-ID: <2983_1309266444_4E09D20B_2983_5706_1_3933b54c-cca4-4fdd-a175-9260b595fad8@THSONEA01HUB06P.one.grp> Dear colleagues, Find attached to this email the latest version of the WP6 (Data/context management) input document to D2.1a High Level Description . I would like you since appointed to monitor with us WP6 activity to carefully check and review (provide comments, suggested changes, add-ons) what have been drafted by Juanjo (TID) and completed by Boris (Telecom Italia). Please put also this back into perspective of the security work we announced in WP8 and the security issues we identified from our side for what concerns WP6 (for your convenience I reattached the document produced by THA+ATOS+NSN). Bear in mind it's our duty to check in order to commit to security issues description we WP8 can share and agree with WP6. Looking forward receiving your view and feedback on latest version of the Security issues which has been drafted for WP6 (bear in mind our aim is to have shared so jointly drafted - just because it will commit us and here more specifically T8.2 although not uniquely). Feedback received would be discussed at our next audio conference (planned mid of this week so tomorrow or day after - @Daniel please urgently announced it to the team!). Based on outcomes of this audio conf feedback would be provided to other team for what concerns text to be inserted and on which hwe can agree (for WP6 & WP4 this would be done by me or Daniel, for WP5 it would be done by Xavier and Richard, for WP3 by SAP and for WP7 by Wolfgang - that's also why they are in cc of this email - of course others are more than welcome to support us). Last but not I can only urge SAP, FT, DT to send me and Daniel latest version of security issues they identified when going through respectively WP3, WP5 and WP7 input documents to D2.1a (for WP5 in complement of the work initiated already by Thales/TRT-UK/Richard) Hearing from all action owners. Best Regards, Pascal -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: FI-WARE High-Level Desc Data-Context Security_Extended_TI.doc Type: application/msword Size: 3476992 bytes Desc: FI-WARE High-Level Desc Data-Context Security_Extended_TI.doc URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: FI-WARE-Security Issues WP6 - WP8 input document THA-ATOS-NSN v1.0.doc Type: application/msword Size: 50688 bytes Desc: FI-WARE-Security Issues WP6 - WP8 input document THA-ATOS-NSN v1.0.doc URL: From pascal.bisson at thalesgroup.com Tue Jun 28 15:07:12 2011 From: pascal.bisson at thalesgroup.com (BISSON Pascal) Date: Tue, 28 Jun 2011 15:07:12 +0200 Subject: [Fiware-security] FI-WARE - WP6 Security issues (check & review) Message-ID: <2983_1309266444_4E09D20B_2983_5706_1_3933b54c-cca4-4fdd-a175-9260b595fad8@THSONEA01HUB06P.one.grp> Dear colleagues, Find attached to this email the latest version of the WP6 (Data/context management) input document to D2.1a High Level Description . I would like you since appointed to monitor with us WP6 activity to carefully check and review (provide comments, suggested changes, add-ons) what have been drafted by Juanjo (TID) and completed by Boris (Telecom Italia). Please put also this back into perspective of the security work we announced in WP8 and the security issues we identified from our side for what concerns WP6 (for your convenience I reattached the document produced by THA+ATOS+NSN). Bear in mind it's our duty to check in order to commit to security issues description we WP8 can share and agree with WP6. Looking forward receiving your view and feedback on latest version of the Security issues which has been drafted for WP6 (bear in mind our aim is to have shared so jointly drafted - just because it will commit us and here more specifically T8.2 although not uniquely). Feedback received would be discussed at our next audio conference (planned mid of this week so tomorrow or day after - @Daniel please urgently announced it to the team!). Based on outcomes of this audio conf feedback would be provided to other team for what concerns text to be inserted and on which hwe can agree (for WP6 & WP4 this would be done by me or Daniel, for WP5 it would be done by Xavier and Richard, for WP3 by SAP and for WP7 by Wolfgang - that's also why they are in cc of this email - of course others are more than welcome to support us). Last but not I can only urge SAP, FT, DT to send me and Daniel latest version of security issues they identified when going through respectively WP3, WP5 and WP7 input documents to D2.1a (for WP5 in complement of the work initiated already by Thales/TRT-UK/Richard) Hearing from all action owners. Best Regards, Pascal -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: FI-WARE High-Level Desc Data-Context Security_Extended_TI.doc Type: application/msword Size: 3476992 bytes Desc: FI-WARE High-Level Desc Data-Context Security_Extended_TI.doc URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: FI-WARE-Security Issues WP6 - WP8 input document THA-ATOS-NSN v1.0.doc Type: application/msword Size: 50688 bytes Desc: FI-WARE-Security Issues WP6 - WP8 input document THA-ATOS-NSN v1.0.doc URL: From daniel.gidoin at thalesgroup.com Wed Jun 29 17:20:42 2011 From: daniel.gidoin at thalesgroup.com (GIDOIN Daniel) Date: Wed, 29 Jun 2011 17:20:42 +0200 Subject: [Fiware-security] FI-WARE - WP6 Security issues (check & review) - Audio conf Message-ID: <2799_1309360849_4E0B42D1_2799_16951_1_48a10564-2320-4d8d-aa26-86061193b04c@THSONEA01HUB04P.one.grp> Dear colleagues, Pascal had planned an audio conf in the middle of week. I apologize but I must to move it in next Tuesday from 2 pm till 4 pm. This postponement is justified on one hand by unexpected strong constraints in my professional diary, on the other hand because we remain pending, Pascal and I, of numerous contributions (to refer to the last mails sent by Pascal and check if you are concerned). Of course, it is very important that the delays are respected and we count on the best efforts of every one for it Hearing from all action owners. Best Regards, Daniel -------------- next part -------------- An HTML attachment was scrubbed... URL: From JCA at zurich.ibm.com Thu Jun 30 13:58:19 2011 From: JCA at zurich.ibm.com (Jan Camenisch) Date: Thu, 30 Jun 2011 13:58:19 +0200 Subject: [Fiware-security] FI-WARE - WP6 Security issues (check & review) - Audio conf In-Reply-To: <2799_1309360849_4E0B42D1_2799_16951_1_48a10564-2320-4d8d-aa26-86061193b04c@THSONEA01HUB04P.one.grp> References: <2799_1309360849_4E0B42D1_2799_16951_1_48a10564-2320-4d8d-aa26-86061193b04c@THSONEA01HUB04P.one.grp> Message-ID: <5AD8F637-00D5-4C06-A5F3-E19826E321CB@zurich.ibm.com> Hej, Here a paragraph for the question mark section for integration into the WP8 High-Level Document. Question Mark The identity, trust, and privacy management component is concerned with authorization and authentication. This includes a (credential requirements) policy language to define with attributes (roles, identity, etc) and credentials are requested to grant access to a resources. It further include a (data handling) policy language that defines how the requested data (attributes, credentials,...) is handled and to whom it is passed on. Finally, it includes the means to release and verify such attributes and credentials. That raises three issues: The integration of the two policy languages into the access control system (e.g., XACML) of the FI-platform; The definition of the interfaces of the Generic Security Enabler; The integration of the different assets into components that realise the generic security enables interfaces. Best, Jan On 29.06.2011, at 17:20, GIDOIN Daniel wrote: > Dear colleagues, > > Pascal had planned an audio conf in the middle of week. I apologize but I must to move it in next Tuesday from 2 pm till 4 pm. > This postponement is justified on one hand by unexpected strong constraints in my professional diary, on the other hand because we remain pending, Pascal and I, of numerous contributions (to refer to the last mails sent by Pascal and check if you are concerned). > > Of course, it is very important that the delays are respected and we count on the best efforts of every one for it > > Hearing from all action owners. > > Best Regards, > > Daniel > Dr. Jan Camenisch Member, IBM Academy of Technology IBM Research - Zurich www.zurich.ibm.com/~jca tel: +41 44 724 8279 fax: +41 44 724 8953 http://twitter.com/#!/dtiIeynt_xreMi -------------- next part -------------- An HTML attachment was scrubbed... URL: From gabor.marton at nsn.com Thu Jun 30 14:50:47 2011 From: gabor.marton at nsn.com (Marton, Gabor (NSN - HU/Budapest)) Date: Thu, 30 Jun 2011 15:50:47 +0300 Subject: [Fiware-security] FI-WARE - Security issues identified in WP4 input doc In-Reply-To: <15017_1309301165_4E0A59AD_15017_2110_1_b815a2e5-a99a-431b-9f35-2eeee7aab0d7@THSONEA01HUB04P.one.grp> References: <15017_1309301165_4E0A59AD_15017_2110_1_b815a2e5-a99a-431b-9f35-2eeee7aab0d7@THSONEA01HUB04P.one.grp> Message-ID: <57CF2CA7825F474DACFAEB9EA1ED3A540434F9FA@FIESEXC014.nsn-intra.net> Dear Daniel, please find below some text that I compiled based on the white parts in your document and a discussion with a cloud security expert at NSN. Kind regards, G?bor Trusted resources As resources (CPU, storage, netowork) are hosted by a different party, usually called the cloud provider, there must be methods to ensure that the client can safely use and rely on these resources, i.e. they can trust these resources, as if they would be under its physical control. Confidentiality. For storage resources, the data should in many cases be stored in an encrypted form, and if the data is deleted it must not be possible to restore it for any other party than the client (irrevocable erasure). Irrevocable erasure is not only needed for storage services but it is also needed for secured VM provisioning/deprovisioning, client/user management (regarding customer data, temporary memory, object storage), released memory (in increasing/decreasing context), shared-memory servers (cloud sevice hosting user). Besides encryption, proper partitioning also (even better) serves confidentiality, for example secured partitioning between public and private clouds, partitioning of resources (in context of isolation between VM), customer data isolation, disk resource partitioning, shared-memory servers. Integrity. Naturally, integrity of data and components related to resources should also be ensured by proper measures. Such data cover Virtual Appliance description, Elasticity Rules defined by Cloud users or Cloud administrators, Final Application Deployment Description, Component that will be in charge of the Iaas provider and Cloud service provisioning, VM image repository, Scripting and advanced toolkits provided for administrators and advanced users (interfaces and interoperability), collected data (Monitoring and metering). Authenticity. The authenticity of (the identity of) the resources should be ensured. For example, the identity of VMs should always be verified (with different passwords and authentication keys on different on different VMs to prevent from VM impersonation), the provisioning of the VM identity should be designed secure (e.g. if it relies on a key embedded into the VM, then special attention must be payed to the security of key distribution), The architecture of Cloud Hosting and the interconnection between the elements should also be designed with keeping security in mind. For example, firewalls and/or security gateways should be established on the border of corporate/administration domains. Furthermore, proper risk analysis approaches should also be applied during design, for example VM vulnerability analysis (for secured VM provisioning / deprovisioning) and security breach research. ________________________________ From: ext GIDOIN Daniel [mailto:daniel.gidoin at thalesgroup.com] Sent: Wednesday, June 29, 2011 12:46 AM To: Marton, Gabor (NSN - HU/Budapest); Seidl, Robert (NSN - DE/Munich); JULIAN PEREZ VILA Cc: BISSON Pascal Subject: FI-WARE - Security issues identified in WP4 input doc Dear NSN qand TID partn ers, Could you please urgently send me and the mailing list the security issues you identified and also text you proposed to be inserted by WP4. I send you my personal compilation. Thank you for focusing primarily on the text not highlighted in yellow in the attached document. I will write the text about the part highlighted in yellow. Naturally, if you find another security issues, please to complete my document. Hearing from you. Best Regards, Pascal -------------- next part -------------- An HTML attachment was scrubbed... URL: From daniel.gidoin at thalesgroup.com Thu Jun 30 16:18:50 2011 From: daniel.gidoin at thalesgroup.com (GIDOIN Daniel) Date: Thu, 30 Jun 2011 16:18:50 +0200 Subject: [Fiware-security] FI-WARE - Security issues identified in WP4 input doc In-Reply-To: <57CF2CA7825F474DACFAEB9EA1ED3A540434F9FA@FIESEXC014.nsn-intra.net> References: <15017_1309301165_4E0A59AD_15017_2110_1_b815a2e5-a99a-431b-9f35-2eeee7aab0d7@THSONEA01HUB04P.one.grp> <57CF2CA7825F474DACFAEB9EA1ED3A540434F9FA@FIESEXC014.nsn-intra.net> Message-ID: <19084_1309443533_4E0C85CD_19084_16815_1_8ae55026-fcae-449d-8ed2-e0cd1d964e17@THSONEA01HUB04P.one.grp> Thank a lot G?bor Daniel De : Marton, Gabor (NSN - HU/Budapest) [mailto:gabor.marton at nsn.com] Envoy? : jeudi 30 juin 2011 14:51 ? : GIDOIN Daniel Cc : BISSON Pascal; Seidl, Robert (NSN - DE/Munich); JULIAN PEREZ VILA; Fiware-security at lists.fi-ware.eu Objet : RE: FI-WARE - Security issues identified in WP4 input doc Dear Daniel, please find below some text that I compiled based on the white parts in your document and a discussion with a cloud security expert at NSN. Kind regards, G?bor Trusted resources As resources (CPU, storage, netowork) are hosted by a different party, usually called the cloud provider, there must be methods to ensure that the client can safely use and rely on these resources, i.e. they can trust these resources, as if they would be under its physical control. Confidentiality. For storage resources, the data should in many cases be stored in an encrypted form, and if the data is deleted it must not be possible to restore it for any other party than the client (irrevocable erasure). Irrevocable erasure is not only needed for storage services but it is also needed for secured VM provisioning/deprovisioning, client/user management (regarding customer data, temporary memory, object storage), released memory (in increasing/decreasing context), shared-memory servers (cloud sevice hosting user). Besides encryption, proper partitioning also (even better) serves confidentiality, for example secured partitioning between public and private clouds, partitioning of resources (in context of isolation between VM), customer data isolation, disk resource partitioning, shared-memory servers. Integrity. Naturally, integrity of data and components related to resources should also be ensured by proper measures. Such data cover Virtual Appliance description, Elasticity Rules defined by Cloud users or Cloud administrators, Final Application Deployment Description, Component that will be in charge of the Iaas provider and Cloud service provisioning, VM image repository, Scripting and advanced toolkits provided for administrators and advanced users (interfaces and interoperability), collected data (Monitoring and metering). Authenticity. The authenticity of (the identity of) the resources should be ensured. For example, the identity of VMs should always be verified (with different passwords and authentication keys on different on different VMs to prevent from VM impersonation), the provisioning of the VM identity should be designed secure (e.g. if it relies on a key embedded into the VM, then special attention must be payed to the security of key distribution), The architecture of Cloud Hosting and the interconnection between the elements should also be designed with keeping security in mind. For example, firewalls and/or security gateways should be established on the border of corporate/administration domains. Furthermore, proper risk analysis approaches should also be applied during design, for example VM vulnerability analysis (for secured VM provisioning / deprovisioning) and security breach research. ________________________________ From: ext GIDOIN Daniel [mailto:daniel.gidoin at thalesgroup.com] Sent: Wednesday, June 29, 2011 12:46 AM To: Marton, Gabor (NSN - HU/Budapest); Seidl, Robert (NSN - DE/Munich); JULIAN PEREZ VILA Cc: BISSON Pascal Subject: FI-WARE - Security issues identified in WP4 input doc Dear NSN qand TID partn ers, Could you please urgently send me and the mailing list the security issues you identified and also text you proposed to be inserted by WP4. I send you my personal compilation. Thank you for focusing primarily on the text not highlighted in yellow in the attached document. I will write the text about the part highlighted in yellow. Naturally, if you find another security issues, please to complete my document. Hearing from you. Best Regards, Pascal -------------- next part -------------- An HTML attachment was scrubbed... URL: From daniel.gidoin at thalesgroup.com Thu Jun 30 16:25:09 2011 From: daniel.gidoin at thalesgroup.com (GIDOIN Daniel) Date: Thu, 30 Jun 2011 16:25:09 +0200 Subject: [Fiware-security] FI-WARE - WP6 Security issues (check & review) - Audio conf In-Reply-To: <5AD8F637-00D5-4C06-A5F3-E19826E321CB@zurich.ibm.com> References: <2799_1309360849_4E0B42D1_2799_16951_1_48a10564-2320-4d8d-aa26-86061193b04c@THSONEA01HUB04P.one.grp> <5AD8F637-00D5-4C06-A5F3-E19826E321CB@zurich.ibm.com> Message-ID: <18837_1309443914_4E0C874A_18837_5897_1_f2946bd5-25ce-4c41-8119-e1776af23209@THSONEA01HUB02P.one.grp> Thank Jan. I agree. We introduce it into the WP8 high-level document update. Daniel De : Jan Camenisch [mailto:JCA at zurich.ibm.com] Envoy? : jeudi 30 juin 2011 13:58 ? : GIDOIN Daniel Cc : robert.seidl at nsn.com; Marton, Gabor (NSN - HU/Budapest); Antonio Garcia Vazquez; osb at zurich.ibm.com; Daniel Le Metayer; Wolfgang.Steigerwald at telekom.de; xavier.aghina at orange-ftgroup.com; EGAN Richard; slim.trabelsi at sap.com; Fiware-security at lists.fi-ware.eu; BISSON Pascal Objet : Re: FI-WARE - WP6 Security issues (check & review) - Audio conf Hej, Here a paragraph for the question mark section for integration into the WP8 High-Level Document. Question Mark The identity, trust, and privacy management component is concerned with authorization and authentication. This includes a (credential requirements) policy language to define with attributes (roles, identity, etc) and credentials are requested to grant access to a resources. It further include a (data handling) policy language that defines how the requested data (attributes, credentials,...) is handled and to whom it is passed on. Finally, it includes the means to release and verify such attributes and credentials. That raises three issues: 1. The integration of the two policy languages into the access control system (e.g., XACML) of the FI-platform; 2. The definition of the interfaces of the Generic Security Enabler; 3. The integration of the different assets into components that realise the generic security enables interfaces. Best, Jan On 29.06.2011, at 17:20, GIDOIN Daniel wrote: Dear colleagues, Pascal had planned an audio conf in the middle of week. I apologize but I must to move it in next Tuesday from 2 pm till 4 pm. This postponement is justified on one hand by unexpected strong constraints in my professional diary, on the other hand because we remain pending, Pascal and I, of numerous contributions (to refer to the last mails sent by Pascal and check if you are concerned). Of course, it is very important that the delays are respected and we count on the best efforts of every one for it Hearing from all action owners. Best Regards, Daniel Dr. Jan Camenisch Member, IBM Academy of Technology IBM Research - Zurich www.zurich.ibm.com/~jca tel: +41 44 724 8279 fax: +41 44 724 8953 http://twitter.com/#!/dtiIeynt_xreMi -------------- next part -------------- An HTML attachment was scrubbed... URL: From Wolfgang.Steigerwald at telekom.de Thu Jun 30 16:29:00 2011 From: Wolfgang.Steigerwald at telekom.de (Wolfgang.Steigerwald at telekom.de) Date: Thu, 30 Jun 2011 16:29:00 +0200 Subject: [Fiware-security] FI-WARE - Security issues identified in WP7 input doc. In-Reply-To: <2983_1309275528_4E09F588_2983_13738_1_3f074002-d809-48c8-8ef3-bead11d46724@THSONEA01HUB01P.one.grp> References: <2983_1309275528_4E09F588_2983_13738_1_3f074002-d809-48c8-8ef3-bead11d46724@THSONEA01HUB01P.one.grp> Message-ID: Hello Pascal, find attached the security issues which I have extracted from the WP7 document. Best regards / Mit freundlichen Gr??en Wolfgang Deutsche Telekom AG T-Labs (Research & Development) Wolfgang Steigerwald Winterfeldtstra?e 21, 10781 Berlin +49 30 8353 54287 (Tel.) +49 171 5664350 (Mobil) E-Mail: wolfgang.steigerwald at telekom.de www.telekom.com Erleben, was verbindet. Deutsche Telekom AG Aufsichtsrat: Prof. Dr. Ulrich Lehner (Vorsitzender) Vorstand: Ren? Obermann (Vorsitzender), Dr. Manfred Balz, Reinhard Clemens, Niek Jan van Damme, Timotheus H?ttges, Edward R. Kozel, Thomas Sattelberger Handelsregister: Amtsgericht Bonn HRB 6794 Sitz der Gesellschaft Bonn WEEE-Reg.-Nr. DE50478376 Gro?e Ver?nderungen fangen klein an - Ressourcen schonen und nicht jede E-Mail drucken. ________________________________ Von: BISSON Pascal [mailto:pascal.bisson at thalesgroup.com] Gesendet: Dienstag, 28. Juni 2011 17:39 An: Steigerwald, Wolfgang Cc: BISSON Pascal; JULIAN PEREZ VILA; GIDOIN Daniel; LELEU Philippe Betreff: FI-WARE - Security issues identified in WP7 input doc. Wichtigkeit: Hoch Dear Wolfgang, Could you please urgently send me (cc Daniel and the mailing list) the security issues you identified and also text you (and appointed WP8 colleagues - aka Julian - to monitor WP7 activities ) proposed to be inserted by WP7. As for the rest would be nice to have it discussed and agreed at our next WP8 audio conf before having it discussed and finally agreed by both WP7 & WP8 (WP7 doing the insertion of joint text agreed). To speed up things please enter discussion with your colleagues involved in WP7. Hearing from you. Best Regards, Pascal -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: Security and Privacy Issues from WP7.doc Type: application/msword Size: 23552 bytes Desc: Security and Privacy Issues from WP7.doc URL: From Olivier.Festor at inria.fr Thu Jun 30 17:20:15 2011 From: Olivier.Festor at inria.fr (Olivier Festor) Date: Thu, 30 Jun 2011 17:20:15 +0200 Subject: [Fiware-security] FI-WARE - WP6 Security issues (check & review) In-Reply-To: <2983_1309266444_4E09D20B_2983_5706_1_3933b54c-cca4-4fdd-a175-9260b595fad8@THSONEA01HUB06P.one.grp> References: <2983_1309266444_4E09D20B_2983_5706_1_3933b54c-cca4-4fdd-a175-9260b595fad8@THSONEA01HUB06P.one.grp> Message-ID: <7C4B894F-5051-431A-9631-F173CD01D420@inria.fr> Dear Pascal I have added 2 issues linked to our expertise in fuzzing regarding input data/events sanitization/tracing/validation. The updated list is attached to the mail. Best Regards /Olivier Festor On Jun 28, 2011, at 3:07 PM, BISSON Pascal wrote: > Dear colleagues, > > Find attached to this email the latest version of the WP6 (Data/context management) input document to D2.1a High Level Description . > > I would like you since appointed to monitor with us WP6 activity to carefully check and review (provide comments, suggested changes, add-ons) what have been drafted by Juanjo (TID) and completed by Boris (Telecom Italia). > > Please put also this back into perspective of the security work we announced in WP8 and the security issues we identified from our side for what concerns WP6 (for your convenience I reattached the document produced by THA+ATOS+NSN). > > Bear in mind it?s our duty to check in order to commit to security issues description we WP8 can share and agree with WP6. > > Looking forward receiving your view and feedback on latest version of the Security issues which has been drafted for WP6 (bear in mind our aim is to have shared so jointly drafted ? just because it will commit us and here more specifically T8.2 although not uniquely). > > Feedback received would be discussed at our next audio conference (planned mid of this week so tomorrow or day after - @Daniel please urgently announced it to the team!). > > Based on outcomes of this audio conf feedback would be provided to other team for what concerns text to be inserted and on which hwe can agree (for WP6 & WP4 this would be done by me or Daniel, for WP5 it would be done by Xavier and Richard, for WP3 by SAP and for WP7 by Wolfgang ? that?s also why they are in cc of this email ? of course others are more than welcome to support us). > > Last but not I can only urge SAP, FT, DT to send me and Daniel latest version of security issues they identified when going through respectively WP3, WP5 and WP7 input documents to D2.1a (for WP5 in complement of the work initiated already by Thales/TRT-UK/Richard) > > Hearing from all action owners. > > Best Regards, > > Pascal > _______________________________________________ > Fiware-security mailing list > Fiware-security at lists.fi-ware.eu > http://lists.fi-ware.eu/listinfo/fiware-security -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: FI-WARE-Security Issues WP6 - WP8 input document THA-ATOS-NSN-INRIA v1.0.doc Type: application/msword Size: 52224 bytes Desc: not available URL: -------------- next part -------------- An HTML attachment was scrubbed... URL: