From pascal.bisson at thalesgroup.com Mon Jul 2 14:50:23 2012 From: pascal.bisson at thalesgroup.com (BISSON Pascal) Date: Mon, 2 Jul 2012 14:50:23 +0200 Subject: [Fiware-security] TR: [Fiware-wpl] Software delivery (how to provide Deliverable D.x.2.a) - REORGANIZED Message-ID: <18003_1341233425_4FF19911_18003_12826_1_CBBCD6C304123F4AB23FAAE3055C8C0E0206D314920E@THSONEA01CMS04P.one.grp> FYI De : fiware-wpl-bounces at lists.fi-ware.eu [mailto:fiware-wpl-bounces at lists.fi-ware.eu] De la part de Miguel Carrillo Envoy? : lundi 2 juillet 2012 12:46 ? : fiware at lists.fi-ware.eu Cc : fiware-wpl at lists.fi-ware.eu; fiware-wpa at lists.fi-ware.eu Objet : Re: [Fiware-wpl] Software delivery (how to provide Deliverable D.x.2.a) - REORGANIZED Dear all We have found that deliverables tagged as PP (private within the PPP programme ) need a different treatment and therefore we will have to reorganise the whole delivery process. We apologise for all the inconveniences caused to the ones that have already done the delivery. Wait until you receive further instructions. Best regards, Miguel El 27/06/2012 17:05, Miguel Carrillo escribi?: Dear all, As editing the wiki will take a bit longer I will write a (rather long) email and will explain how to proceed with some aspects of the software delivery that were not clearly explained yet. Given the urgency of this I send it to the general list but please proceed to discuss any concerns internally in your respective WP lists. This message refers to software delivery. This means: * 1) Delivery for installation on the testbed(packages, properties and binaries) * 2) Source code delivery - this does not apply to those GE who have agreed not to provide it I will add all tall his to the private wiki later, putting alongside all the guidelines that are there already. First of all, the software delivery will take place on the forge. As regards the project within the forge, we will use the project of the WP (Iot, Data, Apps, Tools...) PART 1 - Delivery for installation on the testbed ======================================== The packages, properties and binaries go to the "Files" part of the project. [cid:part1.08060007.04020604 at tid.es] We have already delivered a GE in cloud and you can use it as an example: * https://forge.fi-ware.eu/frs/?group_id=14 First you create a Package (this goes with the GE name) Then you create 3 blocks per GE (using the "Create New Release" feature) * Packages (rpm, debian... ) - this does not apply to the particular example we provide but it should apply in many cases in your GEs * Binaries * Properties - miscelaneous files Please follow the same naming convention for the 3 blocks (Packages, Binaries, Properties). Add all three even if one of them is empty in your particular case. I see that this deliverable is Public according to the DoW so this should be publicly available, not private (the WPL must administrate this). If there are any particular concerns, let me know (privately - please do not reply to this email, it gets to more than 100 people!). For the WPL/WPA - hint: if you still cannot see this publicly, go to the admin part of the "Users" of the "Admin" section of the project and tweak the "Observer" user. [cid:part3.07080901.06020708 at tid.es] (this is not visible to most users, just those with admin right on the project) PART 2 - Delivery of source code ======================================== Depending on the GE, you may have decided to provide this or not. We would expect this for most of the GEs. This goes to the "SCM" tool in the project. [cid:part4.02000203.00020706 at tid.es] There you have a link to subversion where you can upload all the software. The admin of each WP (WPL and WPA, please proceed to do so) has the right to make their SCM public on the internet on the admin page of the SCM: [cid:part5.05030704.07060508 at tid.es] It is "all or nothing". Once this is made public, you cannot hide branches. Let us settle this: the SVN will be made public for each technical WP so the code that is uploaded here will be public. If something is private, you will not upload it here. When the testbed environment is fully set up we will send further instructions to provide extended info for the deployment (we will ask for maven - *.pom files - or test scripts, for instance). But this is not strictly necessary to meet the deadline that is upon us so we will do it later (but very soon!) Best regards, Miguel -- ---------------------------------------------------------------------- _/ _/_/ Miguel Carrillo Pacheco _/ _/ _/ _/ Telef?nica Distrito Telef?nica _/ _/_/_/ _/ _/ Investigaci?n y Edifico Oeste 1, Planta 9 _/ _/ _/ _/ Desarrollo Ronda de la Comunicaci?n S/N _/ _/_/ 28050 Madrid (Spain) Tel: (+34) 91 483 26 77 e-mail: mcp at tid.es Follow FI-WARE on the net Website: http://www.fi-ware.eu Facebook: http://www.facebook.com/pages/FI-WARE/251366491587242 Twitter: http://twitter.com/Fiware LinkedIn: http://www.linkedin.com/groups/FIWARE-4239932 ---------------------------------------------------------------------- -- ---------------------------------------------------------------------- _/ _/_/ Miguel Carrillo Pacheco _/ _/ _/ _/ Telef?nica Distrito Telef?nica _/ _/_/_/ _/ _/ Investigaci?n y Edifico Oeste 1, Planta 9 _/ _/ _/ _/ Desarrollo Ronda de la Comunicaci?n S/N _/ _/_/ 28050 Madrid (Spain) Tel: (+34) 91 483 26 77 e-mail: mcp at tid.es Follow FI-WARE on the net Website: http://www.fi-ware.eu Facebook: http://www.facebook.com/pages/FI-WARE/251366491587242 Twitter: http://twitter.com/Fiware LinkedIn: http://www.linkedin.com/groups/FIWARE-4239932 ---------------------------------------------------------------------- ________________________________ Este mensaje se dirige exclusivamente a su destinatario. Puede consultar nuestra pol?tica de env?o y recepci?n de correo electr?nico en el enlace situado m?s abajo. This message is intended exclusively for its addressee. We only send and receive email on the basis of the terms set out at. http://www.tid.es/ES/PAGINAS/disclaimer.aspx -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: ATT00001.png Type: image/png Size: 6424 bytes Desc: ATT00001.png URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: ATT00002.png Type: image/png Size: 8244 bytes Desc: ATT00002.png URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: ATT00003.png Type: image/png Size: 3857 bytes Desc: ATT00003.png URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: ATT00004.png Type: image/png Size: 2746 bytes Desc: ATT00004.png URL: -------------- next part -------------- An embedded and charset-unspecified text was scrubbed... Name: ATT00005.txt URL: From pascal.bisson at thalesgroup.com Tue Jul 3 12:20:43 2012 From: pascal.bisson at thalesgroup.com (BISSON Pascal) Date: Tue, 3 Jul 2012 12:20:43 +0200 Subject: [Fiware-security] FI-WARE Security Chapter - IMPORTANT MESSAGE Requesting your Message-ID: <15958_1341310864_4FF2C790_15958_15316_1_7e48225d-7b44-4ab9-9d64-a4fbeb59e374@THSONEA01HUB06P.one.grp> Dear All, This email as a reminder for each of the task leads (TS, NSN, ATOS, SAP) with support of their GE owners to: Confirm me and Daniel that features linked to FI-WARE GEs attached to their tasks have been properly documented (i.e. document all features of every GEs, including those Features already supported in baseline assets). I remind you here this is a pre-requisite for proper development of the Unit Testing Plans we are engaged in and that it would be used to help each of the Chapters and so Security Chapter to address the major comments regarding FI-WARE Technical Roadmap. Indeed we will provide the details of what each GE will bring in any release by means of listing the Features of the GE. As such please each of the task leads (Daniel, Robert, Antonio, Slim/Francesco) confirm me that this work has been done just because it is now assumed as such. In case not please report to me the issues and take necessary steps to have it done asap and by end July 5th EOB at the very latest. >From now till mid of July work among others will be engaged to: 1. review Technical Roadmap so that features supported by GEs is described for each of the releases. Some template on how to do this is expected here to come from TID. In the meantime this should not prevent you to prepare the work 2. review "stakeholder" field linked to each Feature. We should document whether a Feature is required by any of the FI-WARE partners, some UC project (for this, we should review the "Theme/Epic/Feature requests" tracker) or both. This will allow to solve the issue about traceability raised by reviewers. o Here the work we did for the review and which was appreciated by the reviewers should be used and valued. In the meantime some new tickets may have also been created in the meantime that we could also refer to to further anchor our GEs according to demands received from the UC projects although not uniquely. Hearing from each of the task leads and also counting on them to organize the work with their team (incl. GE and asset owners). Best Regards, Pascal -------------- next part -------------- An HTML attachment was scrubbed... URL: From slim.trabelsi at sap.com Tue Jul 3 13:30:30 2012 From: slim.trabelsi at sap.com (TRABELSI, Slim) Date: Tue, 3 Jul 2012 13:30:30 +0200 Subject: [Fiware-security] Questions for GE providers (4).doc Message-ID: Hi Pascal, Here is the answers related to the Data Handling GE Best Slim -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: Questions for GE providers (4).doc Type: application/msword Size: 34304 bytes Desc: Questions for GE providers (4).doc URL: From francesco.di.cerbo at sap.com Tue Jul 3 13:33:51 2012 From: francesco.di.cerbo at sap.com (DI CERBO, Francesco) Date: Tue, 3 Jul 2012 13:33:51 +0200 Subject: [Fiware-security] DB Anonymizer answers Message-ID: <71C0C7C7A712EE4CA636EDFD663B4E27048AE48DD4@DEWDFECCR09.wdf.sap.corp> Dear Pascal, Please find also DB Anonymizer answers Best francesco ___ Francesco Di Cerbo, PhD Security & Trust SAP Research SAP Labs France 805, avenue Maurice Donat Font de l'Orme BP 1216 06250 Mougins Cedex France Tel. +33 4 92 28 64 45 e-mail: Francesco.Di.Cerbo at sap.com -------------- next part -------------- A non-text attachment was scrubbed... Name: Questions for GE providers-DBAnonymizer.doc Type: application/msword Size: 33792 bytes Desc: Questions for GE providers-DBAnonymizer.doc URL: From pascal.bisson at thalesgroup.com Tue Jul 3 14:23:55 2012 From: pascal.bisson at thalesgroup.com (BISSON Pascal) Date: Tue, 3 Jul 2012 14:23:55 +0200 Subject: [Fiware-security] TR: [Fiware-wpl] Instructions to give the deliverables Message-ID: <13068_1341318238_4FF2E45E_13068_17086_1_d470a3c4-a7da-4ad4-8cf2-bcc293cc3f21@THSONEA01HUB05P.one.grp> Dear colleagues, I'm forwarding you this email with detailed instructions provided by TID to close the work on M14 deliverables. To ALL Task leads with full support of GE owners for first major release: Please check those guidelines and follow instructions given to finalize your input to M14 deliverables (i. e D8.2a GE software release, D8.3a Installation & admin guide, D8.4 User & programmers' guide, D8.5 Unit testing plan & report). Let me and Daniel know once the work has been done for GEs attached to your task. Please take necessary steps to have it done asap and prior to our next audio conference (i.e. Friday 10am-12am) Please note "Unit Testing plan and Report" (meaning apart from testing plan some of you already produced) there would also be a Report (template provide by TID will follow this email ..) Thanks in advance, Best Regards, Pascal De : fiware-wpl-bounces at lists.fi-ware.eu [mailto:fiware-wpl-bounces at lists.fi-ware.eu] De la part de Miguel Carrillo Envoy? : mardi 3 juillet 2012 13:05 ? : fiware at lists.fi-ware.eu Cc : fiware-wpl at lists.fi-ware.eu; fiware-wpa at lists.fi-ware.eu Objet : [Fiware-wpl] Instructions to give the deliverables Dear all, I apologise for the long email but I prefer to put all the info in one single message and provide detailed instructions. After discussing things in the weekly confcall with the WPLs and the WPAs we saw the need to reorganize the delivery of our commitments with the EC. We apologize again for all the trouble. It is the first release, the next one will be smoother as we all will know how to do things. Please note that the common reference is still valid: * [REF 1] - https://forge.fi-ware.eu/plugins/mediawiki/wiki/fi-ware-private/index.php/FiwareDeliverables We have 5 basic blocks that will be explained separately. To make clear that we share the same interpretation of the terms I will first clarify this: * Public = open to the whole world * Private = open to the PPP (Use Case Projects, EC ...) but not to the outside world BLOCK 1 - Source code ====================================================== Publicly available - upload it to the SVN (it appears as "SCM" in the forge) of the project "FI-WARE" Privately available - do not bother to deliver, it is not mandatory in this case. If some one for whatever reason wants to deliver it anyway keeping it private, he can use the SVN of his chapter (FI-WARE Data, FI-WARE IoT ,etc.) , it will be fully private. Please follow this naming convention and structure on SVN: * A directory called FI-WARE will be the first level * The second level will be named after the chapter. Take the same names as used in the Features names under "Materializing...". To be more precise use these: "Apps", "Cloud", "IoT", "Data","I2ND" and "Security". [cid:part2.08030600.09080201 at tid.es] * The third level will be named after the GE, using the same name as in "Materializing...". For instance, in the following example the GE must be called "PublishSubscribe" [cid:part3.09020906.06070908 at tid.es] * In the 4th level you upload the different releases of your software. In summary, something like this: [cid:part4.09020907.01030705 at tid.es] BLOCK 2 - Binaries, packages, configuration ====================================================== After discussing this with a few people, we will do it on SVN now (it appears as "SCM" in the forge) - the "Files" part of the forge will no longer be used. Here is a big change, actually. Two cases: * Publicly available - upload it to the SVN (it appears as "SCM" in the forge) of the project "FI-WARE" * Privately available - upload it to the SVN (it appears as "SCM" in the forge) of the project "FI-WARE PPP Restricted" In this case there is one more naming rule. The files (binaries, packages, properties), whatever their original name is, must be appended with a string that identifies the release. For instance, the file: * openstack-tcloud would turn into * openstack-tcloud-1.1.19-SNAPSHOT (major release 1, minor release1, version 19) - the version is internal to each company, what you put here is your business!. The "SNAPSHOT" string is compulsory. All the files here will be tagged with "Release_1_1" BLOCK 3 - Installation and administration guide ====================================================== * If the GE is Public - to be edited on [REF1] and then moved to the public wiki, following the instructions in [REF 1] * If the GE is Private (accessible to PPP members only) - to be edited on [REF1] and then moved to the wiki of the project "FI-WARE PPP Restricted" BLOCK 4 - User and programmer's guide ====================================================== This is fully public and will be edited on the private wiki on the link on [REF 1]. Then, once matured, it will be ported to the public wiki BLOCK 5 - Unit Testing Plan and Report ====================================================== Two parts: * Unit Testing Plan is public and it will be created as explained in [REF 1] * The report will be will be a private document only accessible to the PPP members and the CE. It will be created by filling in a template that I will provide to the WPLs/WPAs. I have added a template, an example and instructions in the private wiki. Those with no access to the project FI-WARE or the project FI-WARE PPP Restricted can apply following the procedure explained in this tutorial: * https://wiki.fi-ware.eu/How_to_join_a_FI-WARE_project_in_FusionForge Ask your WPLs/WPAs to approve your request. They have the permissions to do it. Best regards, Miguel -- ---------------------------------------------------------------------- _/ _/_/ Miguel Carrillo Pacheco _/ _/ _/ _/ Telef?nica Distrito Telef?nica _/ _/_/_/ _/ _/ Investigaci?n y Edifico Oeste 1, Planta 9 _/ _/ _/ _/ Desarrollo Ronda de la Comunicaci?n S/N _/ _/_/ 28050 Madrid (Spain) Tel: (+34) 91 483 26 77 e-mail: mcp at tid.es Follow FI-WARE on the net Website: http://www.fi-ware.eu Facebook: http://www.facebook.com/pages/FI-WARE/251366491587242 Twitter: http://twitter.com/Fiware LinkedIn: http://www.linkedin.com/groups/FIWARE-4239932 ---------------------------------------------------------------------- ________________________________ Este mensaje se dirige exclusivamente a su destinatario. Puede consultar nuestra pol?tica de env?o y recepci?n de correo electr?nico en el enlace situado m?s abajo. This message is intended exclusively for its addressee. We only send and receive email on the basis of the terms set out at. http://www.tid.es/ES/PAGINAS/disclaimer.aspx -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: abeebffj.png Type: image/png Size: 14179 bytes Desc: abeebffj.png URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: ATT00001.png Type: image/png Size: 6226 bytes Desc: ATT00001.png URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: ffhgfhjj.png Type: image/png Size: 6198 bytes Desc: ffhgfhjj.png URL: -------------- next part -------------- An embedded and charset-unspecified text was scrubbed... Name: ATT00002.txt URL: From lucie.gaspard at thalesgroup.com Tue Jul 3 14:31:43 2012 From: lucie.gaspard at thalesgroup.com (GASPARD Lucie) Date: Tue, 3 Jul 2012 14:31:43 +0200 Subject: [Fiware-security] SSS answers In-Reply-To: <71C0C7C7A712EE4CA636EDFD663B4E27048AE48DD4@DEWDFECCR09.wdf.sap.corp> References: <71C0C7C7A712EE4CA636EDFD663B4E27048AE48DD4@DEWDFECCR09.wdf.sap.corp> Message-ID: <1650_1341318655_4FF2E5FF_1650_2075_1_455bc6cb-ff8d-4840-9a2d-27bc30c84016@THSONEA01HUB05P.one.grp> Dear Pascal, Here are the SSS answers. BR, Lucie [@@THALES GROUP RESTRICTED@@] -----Message d'origine----- De?: fiware-security-bounces at lists.fi-ware.eu [mailto:fiware-security-bounces at lists.fi-ware.eu] De la part de DI CERBO, Francesco Envoy??: mardi 3 juillet 2012 13:34 ??: BISSON Pascal Cc?: fiware-security at lists.fi-ware.eu Objet?: [Fiware-security] DB Anonymizer answers Dear Pascal, Please find also DB Anonymizer answers Best francesco ___ Francesco Di Cerbo, PhD Security & Trust SAP Research SAP Labs France 805, avenue Maurice Donat Font de l'Orme BP 1216 06250 Mougins Cedex France Tel. +33 4 92 28 64 45 e-mail: Francesco.Di.Cerbo at sap.com -------------- next part -------------- A non-text attachment was scrubbed... Name: Questions for GE providers_SSS.doc Type: application/msword Size: 30208 bytes Desc: Questions for GE providers_SSS.doc URL: From pascal.bisson at thalesgroup.com Tue Jul 3 14:40:40 2012 From: pascal.bisson at thalesgroup.com (BISSON Pascal) Date: Tue, 3 Jul 2012 14:40:40 +0200 Subject: [Fiware-security] [Fiware-wpl] Unit Test Report In-Reply-To: <4FF2D2A3.1050309@tid.es> References: <4FF2D2A3.1050309@tid.es> Message-ID: <22155_1341319243_4FF2E84B_22155_13507_1_34373b9a-108b-4b49-85bb-3b3a560789a8@THSONEA01HUB02P.one.grp> Dear Colleagues, Here is where you could find guidelines regarding D8.5 https://forge.fi-ware.eu/plugins/mediawiki/wiki/fi-ware-private/index.php/FiwareDeliverableD2.3-8.5 also an example regaridng the newly added test report ... https://forge.fi-ware.eu/docman/view.php/7/1143/Unit+Testing+Report_example.docx Hope it helps you. BR Pascal -----Message d'origine----- De?: fiware-wpl-bounces at lists.fi-ware.eu [mailto:fiware-wpl-bounces at lists.fi-ware.eu] De la part de Miguel Carrillo Envoy??: mardi 3 juillet 2012 13:08 ??: fiware-wpl at lists.fi-ware.eu; fiware-wpa at lists.fi-ware.eu Objet?: [Fiware-wpl] Unit Test Report Dear all, This is just to draw to your attention that there is a template and an example of the unit test report. Detailed instructions are in the private wiki. You must append this to the deliverable in pdf and it will be complete. BR Miguel -- ---------------------------------------------------------------------- _/ _/_/ Miguel Carrillo Pacheco _/ _/ _/ _/ Telef?nica Distrito Telef?nica _/ _/_/_/ _/ _/ Investigaci?n y Edifico Oeste 1, Planta 9 _/ _/ _/ _/ Desarrollo Ronda de la Comunicaci?n S/N _/ _/_/ 28050 Madrid (Spain) Tel: (+34) 91 483 26 77 e-mail: mcp at tid.es Follow FI-WARE on the net Website: http://www.fi-ware.eu Facebook: http://www.facebook.com/pages/FI-WARE/251366491587242 Twitter: http://twitter.com/Fiware LinkedIn: http://www.linkedin.com/groups/FIWARE-4239932 ---------------------------------------------------------------------- ________________________________ Este mensaje se dirige exclusivamente a su destinatario. Puede consultar nuestra pol?tica de env?o y recepci?n de correo electr?nico en el enlace situado m?s abajo. This message is intended exclusively for its addressee. We only send and receive email on the basis of the terms set out at. http://www.tid.es/ES/PAGINAS/disclaimer.aspx _______________________________________________ Fiware-wpl mailing list Fiware-wpl at lists.fi-ware.eu http://lists.fi-ware.eu/listinfo/fiware-wpl From pascal.bisson at thalesgroup.com Tue Jul 3 16:41:35 2012 From: pascal.bisson at thalesgroup.com (BISSON Pascal) Date: Tue, 3 Jul 2012 16:41:35 +0200 Subject: [Fiware-security] TR: [Fiware] *** NEWS ON THE CATALOGUE *** Message-ID: <1650_1341326498_4FF304A2_1650_8563_1_080f2f90-c6e8-4e4a-bd65-088dce25fde6@THSONEA01HUB03P.one.grp> Dear All, I'm forwarding you this email where you will find the link where to find instructions to publish/advertise you GE on the FI-WARE Catalogue. Please GE owners of First Major Release proceed according to instructions provided by WP9. In case you need help don't hesitate to contact the WP9 team starting first with Matteo Melideo (matteo.melideo at eng.it) or Davide (davide.dallecarbonare at eng.it). Also inform me when your GE has been published. Progress will be assessed starting at next weekly audio conf. BR Pascal De : fiware-bounces at lists.fi-ware.eu [mailto:fiware-bounces at lists.fi-ware.eu] De la part de Matteo Melideo Envoy? : mardi 3 juillet 2012 13:06 ? : fiware at lists.fi-ware.eu Objet : [Fiware] *** NEWS ON THE CATALOGUE *** Dear All, this is to inform you that at https://forge.fi-ware.eu/plugins/mediawiki/wiki/fiware/index.php/Tools.Catalogue more additional information and tips are available on usage and population of the FI-WARE Catalogue. Enjoy!!! Matteo Melideo on behalf of Tools Chapter -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: matteo_melideo.vcf Type: text/x-vcard Size: 368 bytes Desc: matteo_melideo.vcf URL: -------------- next part -------------- An embedded and charset-unspecified text was scrubbed... Name: ATT00001.txt URL: From pascal.bisson at thalesgroup.com Wed Jul 4 11:42:48 2012 From: pascal.bisson at thalesgroup.com (BISSON Pascal) Date: Wed, 4 Jul 2012 11:42:48 +0200 Subject: [Fiware-security] TR: [Fiware-testbed] Administrative IPs Range Specification Message-ID: <3473_1341394973_4FF4101D_3473_15730_1_7c4d3012-8b25-4eb9-9fda-69b3332414da@THSONEA01HUB06P.one.grp> Dear ALL, Here is an email I received from WP10 and with respect to which I'd like each of the GE owners to take immediate action and deliver what WP10 is requested according to the set deadline (by end of the Week). Information that has to be delivered has to be entered on the cockpit implementation page [1] see below for instructions/guidance @GE owners: please refer to instructions provided below by Paulo to provide the requested information (i.e. the IPs address range you want to exploit to access the Testbed (the VM which will contain the GE) for administrative purposes (installation/managing etc...)). Hearing from you and this is something that I will also check at Friday's audio (hope at that time most of oyu would have entered the requested information). BR Pascal De : fiware-testbed-bounces at lists.fi-ware.eu [mailto:fiware-testbed-bounces at lists.fi-ware.eu] De la part de Paolo Zampognaro Envoy? : mercredi 4 juillet 2012 11:27 ? : fiware-testbed at lists.fi-ware.eu Objet : [Fiware-testbed] Administrative IPs Range Specification Importance : Haute Hi All, this mail to inform all chapter representatives, inside WP10, about a pending action for them. They should ask each GE owner, inside their specific chapter, to provide the IPs address range they want to exploit to access the Testbed (the VM which will contain the GE) for administrative purposes (installation/managing etc...) How to Each GE owner has to put such information by (i) accessing the cockpit implementation page [1] and (ii) by filling the "IP range for administrative access (please specify company network W.X.Y.Z/32, ...)" field of the form associated to its GE. Deadline It is needed to complete such activity by the end of this week at most. Please don't hesitate to contact the Testbed team for clarification about this really critical action. Cheers, Paolo [1] https://forge.fi-ware.eu/plugins/mediawiki/wiki/testbed/index.php/Testbed_V1_Implementation_Cockpit Ing. Paolo Zampognaro Software Engineer Direzione Centrale Ricerca & Innovazione paolo.zampognaro at eng.it Engineering Ingegneria Informatica spa Via Gianturco, 15 - 80146 Napoli Tel. +39-081.6103524 Mob. +39-3451227587 Fax. +39-081.6103200 www.eng.it -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- An embedded and charset-unspecified text was scrubbed... Name: ATT00001.txt URL: From pascal.bisson at thalesgroup.com Thu Jul 5 16:02:18 2012 From: pascal.bisson at thalesgroup.com (BISSON Pascal) Date: Thu, 5 Jul 2012 16:02:18 +0200 Subject: [Fiware-security] FI-WARE - Secu - Weekly audio conf of Tomorrow (06/07/2012 - 10am-12am) Message-ID: <22895_1341496945_4FF59E71_22895_17859_1_372c841c-cc14-481e-8f62-98fe77226257@THSONEA01HUB01P.one.grp> Dear All, This email just to remind you our WP8 audio conf of tomorrow starting at 10am. On the Agenda 1. Review of progress on updating the Security Chapter backlog for the sake of GE features completeness 2. M14 (June!) deliverables review of status of the various contributions Review (per task and per GE) D8.2,3,4,5a .. 3. Review of progress on UC projects tickets handling (+ some UC Projects initiatives e.g. Outsmart) 4. Review of progress on advertising Security GEs on FI-WARE catalogue (collab between WP8 & WP9) 5. Answer to WP10 demand (IP range to access the testbed) (colab between WP8 & WP10) 6. Report by people appointed regarding effective use of Security GE in the context of either other FI-WARE Chapters or UC Projects (mapping of GEs on UC projects archi.) 7. Other topics ? (feel free to propose some) Counting on each of you to be there and be prepared to discuss and report on the above topics. Talk with you tomorrow Best Regards Pascal PS: be reminded it is important for each of the WP8 partners to be represented at our weekly audio conference PS2: details to join = same as usual [meeting room (unchanged) : 391581] Australia Australia Toll Free 1800 005 574 Australia Sydney +61 (0) 282 239 767 Austria Vienna +43 (0) 2682 205 6609 Belgium Brussels +32 (0) 2 789 8678 Denmark Copenhagen +45 3271 4340 Finland Helsinki +358 (0) 923 142 830 France Lyon +33 (0) 426 840 285 France Marseille +33 (0) 488 915 385 France Paris +33 (0) 170 994 816 Germany Berlin +49 (0) 3072 616 7342 Germany D?sseldorf +49 (0) 2115 407 3902 Germany Frankfurt +49 (0) 6971 044 5635 Germany Hamburg +49 (0) 4080 902 0684 Germany Munich +49 (0) 8924 443 2893 Germany Stuttgart +49 (0) 7111 856 2130 Hong Kong Hong Kong +852 301 145 59 Hungary Budapest +36 (06) 1-889-3286 Ireland Dublin +353 (0) 14 860 780 Israel Israel Toll Free 1809 245 981 Italy Milan +39 0 230 413 017 Italy Rome +39 0 645 217 056 Italy Turin +39 0 112 179 2159 Japan Japan Toll Free 005 311 212 65 Japan Tokyo +81 (0) 357 675 025 Korea, Republic Of Seoul +82 (0) 234 831 224 Luxembourg Luxemburg City +352 2700 41 42 Malaysia Kuala Lumpur +60 (0) 377 124 640 Netherlands Amsterdam +31 (0) 207 948 529 New Zealand Auckland +64 (0) 9 919 2428 Norway Oslo +47 2153 3919 Poland Poland Toll Free 0080 0121 1304 Portugal Portugal Toll Free 800 814 183 Russia Russia Toll Free 81080 02209 4011 Singapore Singapore +65 6622 1068 Spain Barcelona +34 93 492 3235 Spain Madrid +34 91 788 9908 Sweden Stockholm +46 (0) 850 520 145 Switzerland Geneva +41 (0) 225 927 428 United Kingdom Birmingham +44 (0) 121 260 4686 United Kingdom London +44 (0) 207 153 9902 United Kingdom Manchester +44 (0) 161 250 0679 United States USA & Canada Toll Free 1888 249 0050 United States USA Toll +1 954 334 1559 -------------- next part -------------- An HTML attachment was scrubbed... URL: From antonio.garcia at atosresearch.eu Fri Jul 6 13:34:29 2012 From: antonio.garcia at atosresearch.eu (Antonio Garcia Vazquez) Date: Fri, 6 Jul 2012 13:34:29 +0200 Subject: [Fiware-security] [Fiware-testbed] Administrative IPs Range Specification In-Reply-To: <3473_1341394973_4FF4101D_3473_15730_1_7c4d3012-8b25-4eb9-9fda-69b3332414da@THSONEA01HUB06P.one.grp> References: <3473_1341394973_4FF4101D_3473_15730_1_7c4d3012-8b25-4eb9-9fda-69b3332414da@THSONEA01HUB06P.one.grp> Message-ID: <8E18929A6C79354FB4BD9BD4636DCB06C37CE7@INTMAIL03.es.int.atosorigin.com> Hello, Atos IP is already included. Best Regards ************************************ * Antonio Garc?a-V?zquez * * (+34) 91 214 9384 * * antonio.garcia at atosresearch.eu * ************************************ From: BISSON Pascal [mailto:pascal.bisson at thalesgroup.com] Sent: mi?rcoles, 04 de julio de 2012 11:43 To: Seidl, Robert (NSN - DE/Munich); Wolfgang.Steigerwald at telekom.de; GIDOIN Daniel; TRABELSI, Slim; DI CERBO, Francesco; GASPARD Lucie; Antonio Garcia Vazquez; Alexandre Boeglin; Michael Osborne; Anja Lehmann Cc: BISSON Pascal; GIDOIN Daniel; LELEU Philippe; fiware-security at lists.fi-ware.eu Subject: TR: [Fiware-testbed] Administrative IPs Range Specification Importance: High Dear ALL, Here is an email I received from WP10 and with respect to which I'd like each of the GE owners to take immediate action and deliver what WP10 is requested according to the set deadline (by end of the Week). Information that has to be delivered has to be entered on the cockpit implementation page [1] see below for instructions/guidance @GE owners: please refer to instructions provided below by Paulo to provide the requested information (i.e. the IPs address range you want to exploit to access the Testbed (the VM which will contain the GE) for administrative purposes (installation/managing etc...)). Hearing from you and this is something that I will also check at Friday's audio (hope at that time most of oyu would have entered the requested information). BR Pascal De : fiware-testbed-bounces at lists.fi-ware.eu [mailto:fiware-testbed-bounces at lists.fi-ware.eu] De la part de Paolo Zampognaro Envoy? : mercredi 4 juillet 2012 11:27 ? : fiware-testbed at lists.fi-ware.eu Objet : [Fiware-testbed] Administrative IPs Range Specification Importance : Haute Hi All, this mail to inform all chapter representatives, inside WP10, about a pending action for them. They should ask each GE owner, inside their specific chapter, to provide the IPs address range they want to exploit to access the Testbed (the VM which will contain the GE) for administrative purposes (installation/managing etc...) How to Each GE owner has to put such information by (i) accessing the cockpit implementation page [1] and (ii) by filling the "IP range for administrative access (please specify company network W.X.Y.Z/32, ...)" field of the form associated to its GE. Deadline It is needed to complete such activity by the end of this week at most. Please don't hesitate to contact the Testbed team for clarification about this really critical action. Cheers, Paolo [1] https://forge.fi-ware.eu/plugins/mediawiki/wiki/testbed/index.php/Testbed_V1_Implementation_Cockpit Ing. Paolo Zampognaro Software Engineer Direzione Centrale Ricerca & Innovazione paolo.zampognaro at eng.it Engineering Ingegneria Informatica spa Via Gianturco, 15 - 80146 Napoli Tel. +39-081.6103524 Mob. +39-3451227587 Fax. +39-081.6103200 www.eng.it ------------------------------------------------------------------ This e-mail and the documents attached are confidential and intended solely for the addressee; it may also be privileged. If you receive this e-mail in error, please notify the sender immediately and destroy it. As its integrity cannot be secured on the Internet, the Atos group liability cannot be triggered for the message content. Although the sender endeavours to maintain a computer virus-free network, the sender does not warrant that this transmission is virus-free and will not be liable for any damages resulting from any virus transmitted. Este mensaje y los ficheros adjuntos pueden contener informacion confidencial destinada solamente a la(s) persona(s) mencionadas anteriormente pueden estar protegidos por secreto profesional. Si usted recibe este correo electronico por error, gracias por informar inmediatamente al remitente y destruir el mensaje. Al no estar asegurada la integridad de este mensaje sobre la red, Atos no se hace responsable por su contenido. Su contenido no constituye ningun compromiso para el grupo Atos, salvo ratificacion escrita por ambas partes. Aunque se esfuerza al maximo por mantener su red libre de virus, el emisor no puede garantizar nada al respecto y no sera responsable de cualesquiera danos que puedan resultar de una transmision de virus. ------------------------------------------------------------------ -------------- next part -------------- An HTML attachment was scrubbed... URL: From pascal.bisson at thalesgroup.com Fri Jul 6 17:59:46 2012 From: pascal.bisson at thalesgroup.com (BISSON Pascal) Date: Fri, 6 Jul 2012 17:59:46 +0200 Subject: [Fiware-security] FI-WARE - Security - Minutes of today's weekly audio conf Message-ID: <14274_1341590392_4FF70B77_14274_16175_1_394270f8-61ac-4ad1-bee8-1d00eed27cc7@THSONEA01HUB03P.one.grp> Dear All, Minutes of today's audio conf have been uploaded on the repository. You can access them at: https://forge.fi-ware.eu/docman/view.php/19/1166/FI-WARE_WP8_Minutes_06-07-12.doc please check and perform your actions. BR Pascal -------------- next part -------------- An HTML attachment was scrubbed... URL: From antonio.garcia at atosresearch.eu Mon Jul 9 10:48:21 2012 From: antonio.garcia at atosresearch.eu (Antonio Garcia Vazquez) Date: Mon, 9 Jul 2012 10:48:21 +0200 Subject: [Fiware-security] [FI-WARE security] bacl log & tracker Message-ID: <8E18929A6C79354FB4BD9BD4636DCB06C37EF6@INTMAIL03.es.int.atosorigin.com> Pascal, Backlog entries & tracker depending from ATOS are already updated. I've included new entries related to Context-based security & compliance, USDL-SEC & SIEM-OSSIM. As items related with the last two topics should be revised by Daniel and Slim or Francesco; I'm also to notify them the situation. Best Regards. ************************************ * Antonio Garc?a-V?zquez * * (+34) 91 214 9384 * * antonio.garcia at atosresearch.eu * ************************************ ------------------------------------------------------------------ This e-mail and the documents attached are confidential and intended solely for the addressee; it may also be privileged. If you receive this e-mail in error, please notify the sender immediately and destroy it. As its integrity cannot be secured on the Internet, the Atos group liability cannot be triggered for the message content. Although the sender endeavours to maintain a computer virus-free network, the sender does not warrant that this transmission is virus-free and will not be liable for any damages resulting from any virus transmitted. Este mensaje y los ficheros adjuntos pueden contener informacion confidencial destinada solamente a la(s) persona(s) mencionadas anteriormente pueden estar protegidos por secreto profesional. Si usted recibe este correo electronico por error, gracias por informar inmediatamente al remitente y destruir el mensaje. Al no estar asegurada la integridad de este mensaje sobre la red, Atos no se hace responsable por su contenido. Su contenido no constituye ningun compromiso para el grupo Atos, salvo ratificacion escrita por ambas partes. Aunque se esfuerza al maximo por mantener su red libre de virus, el emisor no puede garantizar nada al respecto y no sera responsable de cualesquiera danos que puedan resultar de una transmision de virus. ------------------------------------------------------------------ -------------- next part -------------- An HTML attachment was scrubbed... URL: From antonio.garcia at atosresearch.eu Mon Jul 9 10:48:48 2012 From: antonio.garcia at atosresearch.eu (Antonio Garcia Vazquez) Date: Mon, 9 Jul 2012 10:48:48 +0200 Subject: [Fiware-security] [FI-WARE security] USDL-SEC features & work items form release 2 Message-ID: <8E18929A6C79354FB4BD9BD4636DCB06C37EF9@INTMAIL03.es.int.atosorigin.com> Slim, Francesco, I've included two new inputs on the Materializing Security in FI-WARE wiki page to reflect some of the the USDL-SEC objectives for second release. 1) New feature to describe USDL-SEC editor. I guess this feature will be an objective of second release on May-June 2013, so no associated backlog entry has been created; although some detailed work-items depicting it could be useful. 2) New Work-item to show the necessity of a USDL-SEC specifications review in order to decide if a second version is needed as declared on the roadmap. I've created a backlog entry associated to this by sprint 2.1.3 (December 2012); please validated this point and modify it if needed. Any way fell free to modify, include or delete any entry USDL-SEC related. Best Regards. ************************************ * Antonio Garc?a-V?zquez * * (+34) 91 214 9384 * * antonio.garcia at atosresearch.eu * ************************************ ------------------------------------------------------------------ This e-mail and the documents attached are confidential and intended solely for the addressee; it may also be privileged. If you receive this e-mail in error, please notify the sender immediately and destroy it. As its integrity cannot be secured on the Internet, the Atos group liability cannot be triggered for the message content. Although the sender endeavours to maintain a computer virus-free network, the sender does not warrant that this transmission is virus-free and will not be liable for any damages resulting from any virus transmitted. Este mensaje y los ficheros adjuntos pueden contener informacion confidencial destinada solamente a la(s) persona(s) mencionadas anteriormente pueden estar protegidos por secreto profesional. Si usted recibe este correo electronico por error, gracias por informar inmediatamente al remitente y destruir el mensaje. Al no estar asegurada la integridad de este mensaje sobre la red, Atos no se hace responsable por su contenido. Su contenido no constituye ningun compromiso para el grupo Atos, salvo ratificacion escrita por ambas partes. Aunque se esfuerza al maximo por mantener su red libre de virus, el emisor no puede garantizar nada al respecto y no sera responsable de cualesquiera danos que puedan resultar de una transmision de virus. ------------------------------------------------------------------ -------------- next part -------------- An HTML attachment was scrubbed... URL: From antonio.garcia at atosresearch.eu Mon Jul 9 10:49:00 2012 From: antonio.garcia at atosresearch.eu (Antonio Garcia Vazquez) Date: Mon, 9 Jul 2012 10:49:00 +0200 Subject: [Fiware-security] [FI-WARE ssecurity] OSSIM/SIEM user stories & roadmap for next mothns Message-ID: <8E18929A6C79354FB4BD9BD4636DCB06C37EFA@INTMAIL03.es.int.atosorigin.com> Daniel, I've included two entries both under Materializing Security in FI-WARE wiki page and security backlog tracker to describe: - The release one deliverable - The expected progress form next months Please, validate them. Best Regards ************************************ * Antonio Garc?a-V?zquez * * (+34) 91 214 9384 * * antonio.garcia at atosresearch.eu * ************************************ ------------------------------------------------------------------ This e-mail and the documents attached are confidential and intended solely for the addressee; it may also be privileged. If you receive this e-mail in error, please notify the sender immediately and destroy it. As its integrity cannot be secured on the Internet, the Atos group liability cannot be triggered for the message content. Although the sender endeavours to maintain a computer virus-free network, the sender does not warrant that this transmission is virus-free and will not be liable for any damages resulting from any virus transmitted. Este mensaje y los ficheros adjuntos pueden contener informacion confidencial destinada solamente a la(s) persona(s) mencionadas anteriormente pueden estar protegidos por secreto profesional. Si usted recibe este correo electronico por error, gracias por informar inmediatamente al remitente y destruir el mensaje. Al no estar asegurada la integridad de este mensaje sobre la red, Atos no se hace responsable por su contenido. Su contenido no constituye ningun compromiso para el grupo Atos, salvo ratificacion escrita por ambas partes. Aunque se esfuerza al maximo por mantener su red libre de virus, el emisor no puede garantizar nada al respecto y no sera responsable de cualesquiera danos que puedan resultar de una transmision de virus. ------------------------------------------------------------------ -------------- next part -------------- An HTML attachment was scrubbed... URL: From pascal.bisson at thalesgroup.com Mon Jul 9 11:02:26 2012 From: pascal.bisson at thalesgroup.com (BISSON Pascal) Date: Mon, 9 Jul 2012 11:02:26 +0200 Subject: [Fiware-security] [FI-WARE security] USDL-SEC features & work items form release 2 In-Reply-To: <8E18929A6C79354FB4BD9BD4636DCB06C37EF9@INTMAIL03.es.int.atosorigin.com> References: <8E18929A6C79354FB4BD9BD4636DCB06C37EF9@INTMAIL03.es.int.atosorigin.com> Message-ID: <14293_1341824549_4FFA9E25_14293_16687_1_CBBCD6C304123F4AB23FAAE3055C8C0E0206D3341B8E@THSONEA01CMS04P.one.grp> Thank Antonio for your check and update of the features on the trackers for what concerns your GE. May I ask other GEs to urgently to do the same for their GEs ? Thanks to you and them. Bear in mind it has to be done urgently and the deadline was set end of business today !!! Proceed like Antonio did provide me with an email highlighting your changes (redrafted tickets or new tickets created precsing their type features, work items , ...) Best Regards, Pascal De : fiware-security-bounces at lists.fi-ware.eu [mailto:fiware-security-bounces at lists.fi-ware.eu] De la part de Antonio Garcia Vazquez Envoy? : lundi 9 juillet 2012 10:49 ? : slim.trabelsi at sap.com; francesco.di.cerbo at sap.com Cc : fiware-security at lists.fi-ware.eu Objet : [Fiware-security] [FI-WARE security] USDL-SEC features & work items form release 2 Slim, Francesco, I've included two new inputs on the Materializing Security in FI-WARE wiki page to reflect some of the the USDL-SEC objectives for second release. 1) New feature to describe USDL-SEC editor. I guess this feature will be an objective of second release on May-June 2013, so no associated backlog entry has been created; although some detailed work-items depicting it could be useful. 2) New Work-item to show the necessity of a USDL-SEC specifications review in order to decide if a second version is needed as declared on the roadmap. I've created a backlog entry associated to this by sprint 2.1.3 (December 2012); please validated this point and modify it if needed. Any way fell free to modify, include or delete any entry USDL-SEC related. Best Regards. ************************************ * Antonio Garc?a-V?zquez * * (+34) 91 214 9384 * * antonio.garcia at atosresearch.eu * ************************************ ------------------------------------------------------------------ This e-mail and the documents attached are confidential and intended solely for the addressee; it may also be privileged. If you receive this e-mail in error, please notify the sender immediately and destroy it. As its integrity cannot be secured on the Internet, the Atos group liability cannot be triggered for the message content. Although the sender endeavours to maintain a computer virus-free network, the sender does not warrant that this transmission is virus-free and will not be liable for any damages resulting from any virus transmitted. Este mensaje y los ficheros adjuntos pueden contener informacion confidencial destinada solamente a la(s) persona(s) mencionadas anteriormente pueden estar protegidos por secreto profesional. Si usted recibe este correo electronico por error, gracias por informar inmediatamente al remitente y destruir el mensaje. Al no estar asegurada la integridad de este mensaje sobre la red, Atos no se hace responsable por su contenido. Su contenido no constituye ningun compromiso para el grupo Atos, salvo ratificacion escrita por ambas partes. Aunque se esfuerza al maximo por mantener su red libre de virus, el emisor no puede garantizar nada al respecto y no sera responsable de cualesquiera danos que puedan resultar de una transmision de virus. ------------------------------------------------------------------ -------------- next part -------------- An HTML attachment was scrubbed... URL: From daniel.gidoin at thalesgroup.com Mon Jul 9 12:23:02 2012 From: daniel.gidoin at thalesgroup.com (GIDOIN Daniel) Date: Mon, 9 Jul 2012 12:23:02 +0200 Subject: [Fiware-security] FI-WARE- materializing security / Unit testing Plan Message-ID: <24333_1341829386_4FFAB10A_24333_9980_1_0ce322dc-c186-4771-bed9-1478640a3e43@THSONEA01HUB02P.one.grp> Dear Robert, Have you heard from DT on this subject? This becomes very urgent. I think that the unit test proposed by Thales (SSS) may be used as a model https://forge.fi-ware.eu/plugins/mediawiki/wiki/fiware/index.php/FIWARE.UnitTestingPlan.Security.OptionalSecurityEnablers.SSS Best regards Daniel -------------- next part -------------- An HTML attachment was scrubbed... URL: From mcp at tid.es Mon Jul 9 17:49:53 2012 From: mcp at tid.es (Miguel Carrillo) Date: Mon, 09 Jul 2012 17:49:53 +0200 Subject: [Fiware-security] FI-WARE- materializing security / Unit testing Plan In-Reply-To: <24333_1341829386_4FFAB10A_24333_9980_1_0ce322dc-c186-4771-bed9-1478640a3e43@THSONEA01HUB02P.one.grp> References: <24333_1341829386_4FFAB10A_24333_9980_1_0ce322dc-c186-4771-bed9-1478640a3e43@THSONEA01HUB02P.one.grp> Message-ID: <4FFAFDA1.9010006@tid.es> Dear Daniel, I suggest that you use as a model the one that we created for that purpose. For general guidance use the guidelines that we provided here: * https://forge.fi-ware.eu/plugins/mediawiki/wiki/fi-ware-private/index.php/FiwareDeliverables (general guidelines for deliverables) More precisely, here you have the concrete guide for the Unit Testing Plan & report: * https://forge.fi-ware.eu/plugins/mediawiki/wiki/fi-ware-private/index.php/FiwareDeliverableD3-8.5.1 I have already provided Pascal my feedback to the SSS Unit Testing Plan and there are a few things to modify . Please take the above link as the reference, it also points to a very good example. Hope it helps Miguel El 09/07/2012 12:23, GIDOIN Daniel escribi?: Dear Robert, Have you heard from DT on this subject? This becomes very urgent. I think that the unit test proposed by Thales (SSS) may be used as a model https://forge.fi-ware.eu/plugins/mediawiki/wiki/fiware/index.php/FIWARE.UnitTestingPlan.Security.OptionalSecurityEnablers.SSS Best regards Daniel -- ---------------------------------------------------------------------- _/ _/_/ Miguel Carrillo Pacheco _/ _/ _/ _/ Telef?nica Distrito Telef?nica _/ _/_/_/ _/ _/ Investigaci?n y Edifico Oeste 1, Planta 9 _/ _/ _/ _/ Desarrollo Ronda de la Comunicaci?n S/N _/ _/_/ 28050 Madrid (Spain) Tel: (+34) 91 483 26 77 e-mail: mcp at tid.es Follow FI-WARE on the net Website: http://www.fi-ware.eu Facebook: http://www.facebook.com/pages/FI-WARE/251366491587242 Twitter: http://twitter.com/Fiware LinkedIn: http://www.linkedin.com/groups/FIWARE-4239932 ---------------------------------------------------------------------- ________________________________ Este mensaje se dirige exclusivamente a su destinatario. Puede consultar nuestra pol?tica de env?o y recepci?n de correo electr?nico en el enlace situado m?s abajo. This message is intended exclusively for its addressee. We only send and receive email on the basis of the terms set out at. http://www.tid.es/ES/PAGINAS/disclaimer.aspx -------------- next part -------------- An HTML attachment was scrubbed... URL: From francesco.di.cerbo at sap.com Mon Jul 9 19:03:14 2012 From: francesco.di.cerbo at sap.com (DI CERBO, Francesco) Date: Mon, 9 Jul 2012 19:03:14 +0200 Subject: [Fiware-security] [FI-WARE security] USDL-SEC features & work items form release 2 In-Reply-To: <8E18929A6C79354FB4BD9BD4636DCB06C37EF9@INTMAIL03.es.int.atosorigin.com> References: <8E18929A6C79354FB4BD9BD4636DCB06C37EF9@INTMAIL03.es.int.atosorigin.com> Message-ID: <71C0C7C7A712EE4CA636EDFD663B4E27048BD2021D@DEWDFECCR09.wdf.sap.corp> Hello Antonio, I checked your new elements in the Security backlog, and I have no problem with them, even if I slightly updated their wording. I also made some modifications to the Security Roadmap, http://forge.fi-ware.eu/plugins/mediawiki/wiki/fiware/index.php/Roadmap_of_Security but I could not find modifications from your side, or maybe I have overlooked them; could you please check if any modification you made is actually there? @Pascal, I also updated on the wiki page the Data Handling and DB Anonymizer sections. Best regards, Francesco From: Antonio Garcia Vazquez [mailto:antonio.garcia at atosresearch.eu] Sent: lundi 9 juillet 2012 10:49 To: TRABELSI, Slim; DI CERBO, Francesco Cc: fiware-security at lists.fi-ware.eu Subject: [FI-WARE security] USDL-SEC features & work items form release 2 Slim, Francesco, I've included two new inputs on the Materializing Security in FI-WARE wiki page to reflect some of the the USDL-SEC objectives for second release. 1) New feature to describe USDL-SEC editor. I guess this feature will be an objective of second release on May-June 2013, so no associated backlog entry has been created; although some detailed work-items depicting it could be useful. 2) New Work-item to show the necessity of a USDL-SEC specifications review in order to decide if a second version is needed as declared on the roadmap. I've created a backlog entry associated to this by sprint 2.1.3 (December 2012); please validated this point and modify it if needed. Any way fell free to modify, include or delete any entry USDL-SEC related. Best Regards. ************************************ * Antonio Garc?a-V?zquez * * (+34) 91 214 9384 * * antonio.garcia at atosresearch.eu * ************************************ ------------------------------------------------------------------ This e-mail and the documents attached are confidential and intended solely for the addressee; it may also be privileged. If you receive this e-mail in error, please notify the sender immediately and destroy it. As its integrity cannot be secured on the Internet, the Atos group liability cannot be triggered for the message content. Although the sender endeavours to maintain a computer virus-free network, the sender does not warrant that this transmission is virus-free and will not be liable for any damages resulting from any virus transmitted. Este mensaje y los ficheros adjuntos pueden contener informacion confidencial destinada solamente a la(s) persona(s) mencionadas anteriormente pueden estar protegidos por secreto profesional. Si usted recibe este correo electronico por error, gracias por informar inmediatamente al remitente y destruir el mensaje. Al no estar asegurada la integridad de este mensaje sobre la red, Atos no se hace responsable por su contenido. Su contenido no constituye ningun compromiso para el grupo Atos, salvo ratificacion escrita por ambas partes. Aunque se esfuerza al maximo por mantener su red libre de virus, el emisor no puede garantizar nada al respecto y no sera responsable de cualesquiera danos que puedan resultar de una transmision de virus. ------------------------------------------------------------------ -------------- next part -------------- An HTML attachment was scrubbed... URL: From pascal.bisson at thalesgroup.com Thu Jul 12 17:49:17 2012 From: pascal.bisson at thalesgroup.com (BISSON Pascal) Date: Thu, 12 Jul 2012 17:49:17 +0200 Subject: [Fiware-security] FI-WARE - Secu - Weekly audio conf of Tomorrow (13/07/2012 - 10am-12am) Message-ID: <26351_1342108160_4FFEF200_26351_18880_1_fc321fd4-4c82-4d12-92c5-02e6c8ea1913@THSONEA01HUB03P.one.grp> Dear All, This email just to remind you our WP8 audio conf of tomorrow starting at 10am. On the Agenda 1. Review of features added per GE for the sake of completeness also re-submission of D2.4 Technical Roadmap 2. M14 (June!) deliverables review of status of the various contributions Review (per task and per GE) D8.2,3,4,5a .. 3. D2.5a Third party innovation enablement o organization of the work to meet set deadlines 4. D11.4 Standardization o organization of the work to meet set deadlines 5. FI-WARE Security Chapter _ OUTSMART UC Project virtual meeting o Information and requested attendees 6. Other topics (according to time left) o Review of progress on advertising Security GEs on FI-WARE catalogue (collab between WP8 & WP9) o Review of progress on UC projects tickets handling (+ some UC Projects initiatives e.g. Outsmart) o Answer to WP10 demand (IP range to access the testbed) (colab between WP8 & WP10) o Report by people appointed regarding effective use of Security GE in the context of either other FI-WARE Chapters or UC Projects (mapping of GEs on UC projects archi.) o Mvt of resources o ..? Counting on each of you to be there and be prepared to discuss and report on the above topics. Talk with you tomorrow Best Regards Pascal PS: be reminded it is important for each of the WP8 partners to be represented at our weekly audio conference PS2: details to join = same as usual [meeting room (unchanged) : 391581] Australia Australia Toll Free 1800 005 574 Australia Sydney +61 (0) 282 239 767 Austria Vienna +43 (0) 2682 205 6609 Belgium Brussels +32 (0) 2 789 8678 Denmark Copenhagen +45 3271 4340 Finland Helsinki +358 (0) 923 142 830 France Lyon +33 (0) 426 840 285 France Marseille +33 (0) 488 915 385 France Paris +33 (0) 170 994 816 Germany Berlin +49 (0) 3072 616 7342 Germany D?sseldorf +49 (0) 2115 407 3902 Germany Frankfurt +49 (0) 6971 044 5635 Germany Hamburg +49 (0) 4080 902 0684 Germany Munich +49 (0) 8924 443 2893 Germany Stuttgart +49 (0) 7111 856 2130 Hong Kong Hong Kong +852 301 145 59 Hungary Budapest +36 (06) 1-889-3286 Ireland Dublin +353 (0) 14 860 780 Israel Israel Toll Free 1809 245 981 Italy Milan +39 0 230 413 017 Italy Rome +39 0 645 217 056 Italy Turin +39 0 112 179 2159 Japan Japan Toll Free 005 311 212 65 Japan Tokyo +81 (0) 357 675 025 Korea, Republic Of Seoul +82 (0) 234 831 224 Luxembourg Luxemburg City +352 2700 41 42 Malaysia Kuala Lumpur +60 (0) 377 124 640 Netherlands Amsterdam +31 (0) 207 948 529 New Zealand Auckland +64 (0) 9 919 2428 Norway Oslo +47 2153 3919 Poland Poland Toll Free 0080 0121 1304 Portugal Portugal Toll Free 800 814 183 Russia Russia Toll Free 81080 02209 4011 Singapore Singapore +65 6622 1068 Spain Barcelona +34 93 492 3235 Spain Madrid +34 91 788 9908 Sweden Stockholm +46 (0) 850 520 145 Switzerland Geneva +41 (0) 225 927 428 United Kingdom Birmingham +44 (0) 121 260 4686 United Kingdom London +44 (0) 207 153 9902 United Kingdom Manchester +44 (0) 161 250 0679 United States USA & Canada Toll Free 1888 249 0050 United States USA Toll +1 954 334 1559 -------------- next part -------------- An HTML attachment was scrubbed... URL: From francesco.di.cerbo at sap.com Fri Jul 13 10:23:34 2012 From: francesco.di.cerbo at sap.com (DI CERBO, Francesco) Date: Fri, 13 Jul 2012 10:23:34 +0200 Subject: [Fiware-security] New features added for Data Handling GE and DB Anonymizer Message-ID: <71C0C7C7A712EE4CA636EDFD663B4E27048BFF34A1@DEWDFECCR09.wdf.sap.corp> Hello Pascal, all, Please find a list of new information added in this week. New Features: Data Handling: https://forge.fi-ware.eu/tracker/index.php?func=detail&aid=2065&group_id=19&atid=195 https://forge.fi-ware.eu/tracker/index.php?func=detail&aid=2067&group_id=19&atid=195 DB Anonymizer: https://forge.fi-ware.eu/tracker/index.php?func=detail&aid=2067&group_id=19&atid=195 Moreover, the D2.4 wiki page was also updated accordingly, as well as respective Unit Test Plans. Best regards, Francesco ___ Francesco Di Cerbo, PhD Security & Trust SAP Research SAP Labs France 805, avenue Maurice Donat Font de l'Orme BP 1216 06250 Mougins Cedex France Tel. +33 4 92 28 64 45 e-mail: Francesco.Di.Cerbo at sap.com From francesco.di.cerbo at sap.com Fri Jul 13 11:20:25 2012 From: francesco.di.cerbo at sap.com (DI CERBO, Francesco) Date: Fri, 13 Jul 2012 11:20:25 +0200 Subject: [Fiware-security] DB Anonymizer description on the catalog Message-ID: <71C0C7C7A712EE4CA636EDFD663B4E27048C099F74@DEWDFECCR09.wdf.sap.corp> http://fi-ware.cloud.labs.ericsson.net/node/64 best regards, Francesco ___ Francesco Di Cerbo, PhD Security & Trust SAP Research SAP Labs France 805, avenue Maurice Donat Font de l'Orme BP 1216 06250 Mougins Cedex France Tel. +33 4 92 28 64 45 e-mail: Francesco.Di.Cerbo at sap.com From pascal.bisson at thalesgroup.com Fri Jul 13 16:05:15 2012 From: pascal.bisson at thalesgroup.com (BISSON Pascal) Date: Fri, 13 Jul 2012 16:05:15 +0200 Subject: [Fiware-security] FI-WARE - Security - Minutes of today's audio conf (13/07/2012 10am-12am) Message-ID: <6436_1342188319_50002B1F_6436_167_1_cf6c72a4-9233-473c-a6b7-35e840a0c249@THSONEA01HUB06P.one.grp> Dear Colleagues, Minutes of today's audio conf have now been uploaded on the repository. You can reach them at: https://forge.fi-ware.eu/docman/view.php/19/1172/FI-WARE_WP8_Minutes_13-07-12.doc Counting on each of you to carefully read them and perform your action points. Best Regards, Pascal PS: Next audio conf would be next Friday 20/07 10am-12am - same details as usual -------------- next part -------------- An HTML attachment was scrubbed... URL: From pascal.bisson at thalesgroup.com Tue Jul 17 10:03:45 2012 From: pascal.bisson at thalesgroup.com (BISSON Pascal) Date: Tue, 17 Jul 2012 10:03:45 +0200 Subject: [Fiware-security] FI-WARE - Security : Measures to enforce timely delivery Message-ID: <22732_1342512226_50051C62_22732_18611_1_d6ff53c3-8d33-418b-be4c-53214c8109f4@THSONEA01HUB06P.one.grp> Dear All, As announced already at one of our previous Security Chapter conf call there would be now measures imposed by TID with approval of FI-WARE PCC to ensure timely delivery (starting first with M14 deliverables). Those measures are detailed below and translate into rejection of costs by those partners that do not deliver by July 23rd. * Partners involved in development of a given FI-WARE GE that is not delivered by July 23rd will not be allowed to justify any PM in WP3-WP8 until they deliver. Once they deliver, it will be assumed that the PMs consumed had been those that were reported until month 12, so that no additional PMs will be accepted. Planning of PMs for the remaining of the project will be adjusted accordingly. * Delivery of software that doesn't work or proves to be rather unstable in the FI-WARE Testbed will not be considered as actually delivered. This intends to prevent that some partner delivers software which doesn't meet enough quality by July 23rd ust to avoid costs rejections. * Partners that deliver by July 23rd will be allowed to justify the PMs planned until July 23rd (provided that the software they have delivered is not rejected as stated in the previous point). This means they would not suffer any impact. * PMs of any partner within a given WP (WP3-8) are distributed from month 10 on across deliverables as follows (note: we propose to include whatever distribution gets approved in the next amendment of the DoW): * Contributions to WP2 deliverables: 10% * FI-WARE Open Specifications: 20% * SW Release: 40% * Installation and Admin Guides: 7,5% * Users' and Programmers' Guides: 7,5% * Unit Testing Plan and Report: 15% * Deliverables of a given WP rejected by the WPL will be rejected. TID and the WPL agree on any amendment of the above rules that may apply (e.g., failing in delivery of a given GE may not be the fault of all partners involved in development of that GE so that they agree not to apply penalization to some partners). TID may reject some additional deliverables if it considers that they do not meet the defined guidelines or expected quality, after discussion with the WPL. * Similar rules would apply to WP9 (development tools) In view of those measures I'm now counting on those who still have actions to perform to perform them asap not to be penalized nor penalize the Security Chapter as a whole. Best Regards, Pascal -------------- next part -------------- An HTML attachment was scrubbed... URL: From pascal.bisson at thalesgroup.com Tue Jul 17 11:44:33 2012 From: pascal.bisson at thalesgroup.com (BISSON Pascal) Date: Tue, 17 Jul 2012 11:44:33 +0200 Subject: [Fiware-security] TR: Review of deliverables Message-ID: <31616_1342518279_50053407_31616_5333_1_54c31c16-4995-497f-9992-0bbc3175501c@THSONEA01HUB04P.one.grp> Dear Colleagues, I'm forwarding you this email with review comments of TID regarding: * Features added in the backlog per GE * Unit Testing Plan & Report * Installation & Administration Guides * User and Programmers Guide As you will see there are a number of comments that request immediate action from GE owners under supervision of task leads and WPL/WPA Especially: ? Daniel (Thales) for Security Monitoring GE ? Robert (NSN) & Wolfgang (DT) for Identity Management GE ? Slim & Francesco (SAP) for Data Handling GE ? Francesco & Slim (SAP) for DB Anonymizer ? Lucie (DSC) for Security Storage Service Being said everything should be settled the sooner, the better and prior to set ultimate deadline not to suffer penalties (cut in budget for faulty partners) I'm now counting on each of the above and all GE owners to address those comments and make the necessary corrections (also inform me and Daniel once done). Last but not least and relating to "Features added in the backlog per GE" don't forget (GE owners/task leads) to confirm me and Daniel you have checked the features of you GE and that it is considered as complete (you added missing features - bear in mind here we should find here also features offered by the baselines assets). Without answer from your side by Wednesday 18/07 EOB, I and Daniel will assume you performed this check and that you are fine with the reported features. Thanks in advance for your cooperation and support. Best Regards, Pascal De : Miguel Carrillo [mailto:mcp at tid.es] Envoy? : mardi 17 juillet 2012 09:21 ? : BISSON Pascal; GIDOIN Daniel Cc : JUAN JOSE HIERRO SUREDA Objet : Review of deliverables Dear WPL/WPA, This is the summary of my review of the deliverables due on July, 23. I may also check the status of the binaries on SCM nearer the date. Take into account that this is a first pass (I might have time to do more) and that: * This is the snapshot of the deliverable as I saw it when I reviewed each one of them (take into account that there are 6 chapters and 4 deliverables per chapter, this takes a lot of time to inspect). Same of them may have changed so the situation could have improved depending on the changes your chapter have made since then. * The review for new Features on the wiki and Unit Testing was already sent to you if I am right * This review is more formal than technical and it is performed to filter out the most obvious mistakes. This could be subject to a later review by technical staff that may reject deliverables that have an "OK" in my review In this speadsheet you will find 4 columns with comments to: * Features added in the backlog per GE * Unit Testing Plan & Report * Installation & Administration Guides * User and Programmers Guide Please let the partners concerned know ASAP to allow them to react. Best regards, Miguel -- ---------------------------------------------------------------------- _/ _/_/ Miguel Carrillo Pacheco _/ _/ _/ _/ Telef?nica Distrito Telef?nica _/ _/_/_/ _/ _/ Investigaci?n y Edifico Oeste 1, Planta 9 _/ _/ _/ _/ Desarrollo Ronda de la Comunicaci?n S/N _/ _/_/ 28050 Madrid (Spain) Tel: (+34) 91 483 26 77 e-mail: mcp at tid.es Follow FI-WARE on the net Website: http://www.fi-ware.eu Facebook: http://www.facebook.com/pages/FI-WARE/251366491587242 Twitter: http://twitter.com/Fiware LinkedIn: http://www.linkedin.com/groups/FIWARE-4239932 ---------------------------------------------------------------------- ________________________________ Este mensaje se dirige exclusivamente a su destinatario. Puede consultar nuestra pol?tica de env?o y recepci?n de correo electr?nico en el enlace situado m?s abajo. This message is intended exclusively for its addressee. We only send and receive email on the basis of the terms set out at. http://www.tid.es/ES/PAGINAS/disclaimer.aspx -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: Audit_Release_WP8.xlsx Type: application/vnd.openxmlformats-officedocument.spreadsheetml.sheet Size: 13888 bytes Desc: Audit_Release_WP8.xlsx URL: From slim.trabelsi at sap.com Tue Jul 17 12:03:10 2012 From: slim.trabelsi at sap.com (TRABELSI, Slim) Date: Tue, 17 Jul 2012 12:03:10 +0200 Subject: [Fiware-security] Review of deliverables In-Reply-To: <31616_1342518279_50053407_31616_5333_1_54c31c16-4995-497f-9992-0bbc3175501c@THSONEA01HUB04P.one.grp> Message-ID: Hi Pascal, I'm currently in a business trip. I cannot make the modifications before thursday. Francesco is in vacation this week. Best Slim De : BISSON Pascal [mailto:pascal.bisson at thalesgroup.com] Envoy? : Tuesday, July 17, 2012 11:44 AM ? : fiware-security at lists.fi-ware.eu ; GASPARD Lucie ; GIDOIN Daniel ; DI CERBO, Francesco; TRABELSI, Slim; Seidl, Robert (NSN - DE/Munich) ; Wolfgang.Steigerwald at telekom.de Cc : BISSON Pascal ; GIDOIN Daniel ; LELEU Philippe Objet : TR: Review of deliverables Dear Colleagues, I?m forwarding you this email with review comments of TID regarding: * Features added in the backlog per GE * Unit Testing Plan & Report * Installation & Administration Guides * User and Programmers Guide As you will see there are a number of comments that request immediate action from GE owners under supervision of task leads and WPL/WPA Especially: ? Daniel (Thales) for Security Monitoring GE ? Robert (NSN) & Wolfgang (DT) for Identity Management GE ? Slim & Francesco (SAP) for Data Handling GE ? Francesco & Slim (SAP) for DB Anonymizer ? Lucie (DSC) for Security Storage Service Being said everything should be settled the sooner, the better and prior to set ultimate deadline not to suffer penalties (cut in budget for faulty partners) I?m now counting on each of the above and all GE owners to address those comments and make the necessary corrections (also inform me and Daniel once done). Last but not least and relating to ?Features added in the backlog per GE? don?t forget (GE owners/task leads) to confirm me and Daniel you have checked the features of you GE and that it is considered as complete (you added missing features ? bear in mind here we should find here also features offered by the baselines assets). Without answer from your side by Wednesday 18/07 EOB, I and Daniel will assume you performed this check and that you are fine with the reported features. Thanks in advance for your cooperation and support. Best Regards, Pascal De : Miguel Carrillo [mailto:mcp at tid.es] Envoy? : mardi 17 juillet 2012 09:21 ? : BISSON Pascal; GIDOIN Daniel Cc : JUAN JOSE HIERRO SUREDA Objet : Review of deliverables Dear WPL/WPA, This is the summary of my review of the deliverables due on July, 23. I may also check the status of the binaries on SCM nearer the date. Take into account that this is a first pass (I might have time to do more) and that: * This is the snapshot of the deliverable as I saw it when I reviewed each one of them (take into account that there are 6 chapters and 4 deliverables per chapter, this takes a lot of time to inspect). Same of them may have changed so the situation could have improved depending on the changes your chapter have made since then. * The review for new Features on the wiki and Unit Testing was already sent to you if I am right * This review is more formal than technical and it is performed to filter out the most obvious mistakes. This could be subject to a later review by technical staff that may reject deliverables that have an "OK" in my review In this speadsheet you will find 4 columns with comments to: * Features added in the backlog per GE * Unit Testing Plan & Report * Installation & Administration Guides * User and Programmers Guide Please let the partners concerned know ASAP to allow them to react. Best regards, Miguel -- ---------------------------------------------------------------------- _/ _/_/ Miguel Carrillo Pacheco _/ _/ _/ _/ Telef?nica Distrito Telef?nica _/ _/_/_/ _/ _/ Investigaci?n y Edifico Oeste 1, Planta 9 _/ _/ _/ _/ Desarrollo Ronda de la Comunicaci?n S/N _/ _/_/ 28050 Madrid (Spain) Tel: (+34) 91 483 26 77 e-mail: mcp at tid.es Follow FI-WARE on the net Website: http://www.fi-ware.eu Facebook: http://www.facebook.com/pages/FI-WARE/251366491587242 Twitter: http://twitter.com/Fiware LinkedIn: http://www.linkedin.com/groups/FIWARE-4239932 ---------------------------------------------------------------------- ________________________________ Este mensaje se dirige exclusivamente a su destinatario. Puede consultar nuestra pol?tica de env?o y recepci?n de correo electr?nico en el enlace situado m?s abajo. This message is intended exclusively for its addressee. We only send and receive email on the basis of the terms set out at. http://www.tid.es/ES/PAGINAS/disclaimer.aspx -------------- next part -------------- An HTML attachment was scrubbed... URL: From robert.seidl at nsn.com Tue Jul 17 12:03:17 2012 From: robert.seidl at nsn.com (Seidl, Robert (NSN - DE/Munich)) Date: Tue, 17 Jul 2012 12:03:17 +0200 Subject: [Fiware-security] Review of deliverables In-Reply-To: <31616_1342518279_50053407_31616_5333_1_54c31c16-4995-497f-9992-0bbc3175501c@THSONEA01HUB04P.one.grp> References: <31616_1342518279_50053407_31616_5333_1_54c31c16-4995-497f-9992-0bbc3175501c@THSONEA01HUB04P.one.grp> Message-ID: <9739B018F0466A4CAB10A9DABBEBF5A6E5B5F4@DEMUEXC027.nsn-intra.net> Hi Pascal, one quick statement from my side for the comments on the IDM enabler from DT and NSN. It seems that TID has not understood that the IDM sw will not be provided to the test bed and therefore no binaries will be handed out. Taking this into account most of the comments mentioned by TID are obsolete. @Pascal: How to handle this issue? Greetings Robert From: ext BISSON Pascal [mailto:pascal.bisson at thalesgroup.com] Sent: Tuesday, July 17, 2012 11:45 AM To: fiware-security at lists.fi-ware.eu; GASPARD Lucie; GIDOIN Daniel; DI CERBO, Francesco; TRABELSI, Slim; Seidl, Robert (NSN - DE/Munich); Wolfgang.Steigerwald at telekom.de Cc: BISSON Pascal; GIDOIN Daniel; LELEU Philippe Subject: TR: Review of deliverables Importance: High Dear Colleagues, I'm forwarding you this email with review comments of TID regarding: * Features added in the backlog per GE * Unit Testing Plan & Report * Installation & Administration Guides * User and Programmers Guide As you will see there are a number of comments that request immediate action from GE owners under supervision of task leads and WPL/WPA Especially: ? Daniel (Thales) for Security Monitoring GE ? Robert (NSN) & Wolfgang (DT) for Identity Management GE ? Slim & Francesco (SAP) for Data Handling GE ? Francesco & Slim (SAP) for DB Anonymizer ? Lucie (DSC) for Security Storage Service Being said everything should be settled the sooner, the better and prior to set ultimate deadline not to suffer penalties (cut in budget for faulty partners) I'm now counting on each of the above and all GE owners to address those comments and make the necessary corrections (also inform me and Daniel once done). Last but not least and relating to "Features added in the backlog per GE" don't forget (GE owners/task leads) to confirm me and Daniel you have checked the features of you GE and that it is considered as complete (you added missing features - bear in mind here we should find here also features offered by the baselines assets). Without answer from your side by Wednesday 18/07 EOB, I and Daniel will assume you performed this check and that you are fine with the reported features. Thanks in advance for your cooperation and support. Best Regards, Pascal De : Miguel Carrillo [mailto:mcp at tid.es] Envoy? : mardi 17 juillet 2012 09:21 ? : BISSON Pascal; GIDOIN Daniel Cc : JUAN JOSE HIERRO SUREDA Objet : Review of deliverables Dear WPL/WPA, This is the summary of my review of the deliverables due on July, 23. I may also check the status of the binaries on SCM nearer the date. Take into account that this is a first pass (I might have time to do more) and that: * This is the snapshot of the deliverable as I saw it when I reviewed each one of them (take into account that there are 6 chapters and 4 deliverables per chapter, this takes a lot of time to inspect). Same of them may have changed so the situation could have improved depending on the changes your chapter have made since then. * The review for new Features on the wiki and Unit Testing was already sent to you if I am right * This review is more formal than technical and it is performed to filter out the most obvious mistakes. This could be subject to a later review by technical staff that may reject deliverables that have an "OK" in my review In this speadsheet you will find 4 columns with comments to: * Features added in the backlog per GE * Unit Testing Plan & Report * Installation & Administration Guides * User and Programmers Guide Please let the partners concerned know ASAP to allow them to react. Best regards, Miguel -- ---------------------------------------------------------------------- _/ _/_/ Miguel Carrillo Pacheco _/ _/ _/ _/ Telef?nica Distrito Telef?nica _/ _/_/_/ _/ _/ Investigaci?n y Edifico Oeste 1, Planta 9 _/ _/ _/ _/ Desarrollo Ronda de la Comunicaci?n S/N _/ _/_/ 28050 Madrid (Spain) Tel: (+34) 91 483 26 77 e-mail: mcp at tid.es Follow FI-WARE on the net Website: http://www.fi-ware.eu Facebook: http://www.facebook.com/pages/FI-WARE/251366491587242 Twitter: http://twitter.com/Fiware LinkedIn: http://www.linkedin.com/groups/FIWARE-4239932 ---------------------------------------------------------------------- ________________________________ Este mensaje se dirige exclusivamente a su destinatario. Puede consultar nuestra pol?tica de env?o y recepci?n de correo electr?nico en el enlace situado m?s abajo. This message is intended exclusively for its addressee. We only send and receive email on the basis of the terms set out at. http://www.tid.es/ES/PAGINAS/disclaimer.aspx -------------- next part -------------- An HTML attachment was scrubbed... URL: From pascal.bisson at thalesgroup.com Tue Jul 17 12:22:18 2012 From: pascal.bisson at thalesgroup.com (BISSON Pascal) Date: Tue, 17 Jul 2012 12:22:18 +0200 Subject: [Fiware-security] Review of deliverables In-Reply-To: <9739B018F0466A4CAB10A9DABBEBF5A6E5B5F4@DEMUEXC027.nsn-intra.net> References: <31616_1342518279_50053407_31616_5333_1_54c31c16-4995-497f-9992-0bbc3175501c@THSONEA01HUB04P.one.grp> <9739B018F0466A4CAB10A9DABBEBF5A6E5B5F4@DEMUEXC027.nsn-intra.net> Message-ID: <22912_1342520545_50053CE1_22912_9820_2_6073c450-eecc-4903-a28e-2f44b06feabd@THSONEA01HUB06P.one.grp> Hi Robert, Here are statements I got from TID and that were also stated at FI-WARE PCC meeting of yesterday that I managed to join even if for me yesterday was off ... * "TID will not accept VM as deliverables, binaries means binaries" * "TID will not accept "availability of a service" as a software delivery" "FI-WARE produces software that eventually could be installed somewhere else. The deadline for M12 is a complete software release not a "service availability" milestone." Maybe you got already this information from your NSN PCC representative (i.e; Lorant ...). In any case I wanted to pass to you and Wolfgang (maybe from his side he got the information from Hans ??). In any case it is important for you in view of the above to talk with Lorant (and for Wolfgang to talk with Hans) and to get his view on the topic (also step in). >From my side I asked TID to communicate those statements to ALL (since not obviously present on instructions/guidelines provided) and to tell us what to be considered as reasonable/acceptable to contribute as software for those GE that would be made available services like IdM GE NSN and IdM GE DT. If not and according to the above statement it would mean no contribution to D8.2a and so no pay. Hearing from you and keep you posted. Best Regards, Pascal De : Seidl, Robert (NSN - DE/Munich) [mailto:robert.seidl at nsn.com] Envoy? : mardi 17 juillet 2012 12:03 ? : BISSON Pascal; fiware-security at lists.fi-ware.eu; GASPARD Lucie; GIDOIN Daniel; DI CERBO, Francesco; TRABELSI, Slim; Wolfgang.Steigerwald at telekom.de Cc : GIDOIN Daniel; LELEU Philippe Objet : RE: Review of deliverables Hi Pascal, one quick statement from my side for the comments on the IDM enabler from DT and NSN. It seems that TID has not understood that the IDM sw will not be provided to the test bed and therefore no binaries will be handed out. Taking this into account most of the comments mentioned by TID are obsolete. @Pascal: How to handle this issue? Greetings Robert From: ext BISSON Pascal [mailto:pascal.bisson at thalesgroup.com] Sent: Tuesday, July 17, 2012 11:45 AM To: fiware-security at lists.fi-ware.eu; GASPARD Lucie; GIDOIN Daniel; DI CERBO, Francesco; TRABELSI, Slim; Seidl, Robert (NSN - DE/Munich); Wolfgang.Steigerwald at telekom.de Cc: BISSON Pascal; GIDOIN Daniel; LELEU Philippe Subject: TR: Review of deliverables Importance: High Dear Colleagues, I'm forwarding you this email with review comments of TID regarding: * Features added in the backlog per GE * Unit Testing Plan & Report * Installation & Administration Guides * User and Programmers Guide As you will see there are a number of comments that request immediate action from GE owners under supervision of task leads and WPL/WPA Especially: ? Daniel (Thales) for Security Monitoring GE ? Robert (NSN) & Wolfgang (DT) for Identity Management GE ? Slim & Francesco (SAP) for Data Handling GE ? Francesco & Slim (SAP) for DB Anonymizer ? Lucie (DSC) for Security Storage Service Being said everything should be settled the sooner, the better and prior to set ultimate deadline not to suffer penalties (cut in budget for faulty partners) I'm now counting on each of the above and all GE owners to address those comments and make the necessary corrections (also inform me and Daniel once done). Last but not least and relating to "Features added in the backlog per GE" don't forget (GE owners/task leads) to confirm me and Daniel you have checked the features of you GE and that it is considered as complete (you added missing features - bear in mind here we should find here also features offered by the baselines assets). Without answer from your side by Wednesday 18/07 EOB, I and Daniel will assume you performed this check and that you are fine with the reported features. Thanks in advance for your cooperation and support. Best Regards, Pascal De : Miguel Carrillo [mailto:mcp at tid.es] Envoy? : mardi 17 juillet 2012 09:21 ? : BISSON Pascal; GIDOIN Daniel Cc : JUAN JOSE HIERRO SUREDA Objet : Review of deliverables Dear WPL/WPA, This is the summary of my review of the deliverables due on July, 23. I may also check the status of the binaries on SCM nearer the date. Take into account that this is a first pass (I might have time to do more) and that: * This is the snapshot of the deliverable as I saw it when I reviewed each one of them (take into account that there are 6 chapters and 4 deliverables per chapter, this takes a lot of time to inspect). Same of them may have changed so the situation could have improved depending on the changes your chapter have made since then. * The review for new Features on the wiki and Unit Testing was already sent to you if I am right * This review is more formal than technical and it is performed to filter out the most obvious mistakes. This could be subject to a later review by technical staff that may reject deliverables that have an "OK" in my review In this speadsheet you will find 4 columns with comments to: * Features added in the backlog per GE * Unit Testing Plan & Report * Installation & Administration Guides * User and Programmers Guide Please let the partners concerned know ASAP to allow them to react. Best regards, Miguel -- ---------------------------------------------------------------------- _/ _/_/ Miguel Carrillo Pacheco _/ _/ _/ _/ Telef?nica Distrito Telef?nica _/ _/_/_/ _/ _/ Investigaci?n y Edifico Oeste 1, Planta 9 _/ _/ _/ _/ Desarrollo Ronda de la Comunicaci?n S/N _/ _/_/ 28050 Madrid (Spain) Tel: (+34) 91 483 26 77 e-mail: mcp at tid.es Follow FI-WARE on the net Website: http://www.fi-ware.eu Facebook: http://www.facebook.com/pages/FI-WARE/251366491587242 Twitter: http://twitter.com/Fiware LinkedIn: http://www.linkedin.com/groups/FIWARE-4239932 ---------------------------------------------------------------------- ________________________________ Este mensaje se dirige exclusivamente a su destinatario. Puede consultar nuestra pol?tica de env?o y recepci?n de correo electr?nico en el enlace situado m?s abajo. This message is intended exclusively for its addressee. We only send and receive email on the basis of the terms set out at. http://www.tid.es/ES/PAGINAS/disclaimer.aspx -------------- next part -------------- An HTML attachment was scrubbed... URL: From pascal.bisson at thalesgroup.com Tue Jul 17 13:50:00 2012 From: pascal.bisson at thalesgroup.com (BISSON Pascal) Date: Tue, 17 Jul 2012 13:50:00 +0200 Subject: [Fiware-security] TR: Naming convention for enablers with more than one implementation Message-ID: <25787_1342525803_5005516B_25787_8946_1_30aaacf2-5988-488b-b0d3-dc67ea1b8f28@THSONEA01HUB02P.one.grp> Dear Colleagues, I'm forwarding you this email about naming convention to follow especially when enablers have more than one implementation (e.g. Idm GE NSN vs Idm GE DT). Please all GE owners follow the naming convention which apply to you when addressing review comments of M14 deliverables we got Regards, Torsten De : Miguel Carrillo [mailto:mcp at tid.es] Envoy? : mardi 17 juillet 2012 12:25 ? : Leidig, Torsten; BISSON Pascal Cc : JUAN JOSE HIERRO SUREDA; fiware-wpl at lists.fi-ware.eu; fiware-wpa at lists.fi-ware.eu Objet : Naming convention for enablers with more than one implementation Dear Torsten, dear Pascal, As regards those deliverables not following the naming convention now let us follow these rules: * Enablers with a single implementation. There is no reason to use an alternative name. The User & Prog. Manual, The Install. and Admin guide etc. must follow the convention expressed in the guidelines. * Enablers with more than one implementation: I understand that this is undefined as it is now. Let us proceed this way: * Under the section "Materializing ... " in the wiki we will have entries with the usual names: * - Unit Testing Plan * - Installation and Administration Guide * - User and Programmers Guide * Example: [cid:part1.00010008.00080500 at tid.es] * Then each one of these takes to a page with a list of all the manuals, one line per manual, and you can have something like this per line/manual. * - * Example: clicking on "Composition Editor - Unit Testing Plan" will take us to a page where the first line is: * Composition Editor - Light Semantic Composition Unit Testing Plan * there will be others in the future, one per implementation of the GE * each one of these lines will link to a dedicated page with the manual for that concrete implementation Hope this is clear and helps you to organize thing. Note that this is not added work, you do not need to do it in the private wiki if you do not want to, it can be done in 5 minutes as you take the contents to the public wiki. Regards, Miguel ________________________________ Este mensaje se dirige exclusivamente a su destinatario. Puede consultar nuestra pol?tica de env?o y recepci?n de correo electr?nico en el enlace situado m?s abajo. This message is intended exclusively for its addressee. We only send and receive email on the basis of the terms set out at. http://www.tid.es/ES/PAGINAS/disclaimer.aspx -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: ecjdcije.png Type: image/png Size: 4332 bytes Desc: ecjdcije.png URL: From pascal.bisson at thalesgroup.com Wed Jul 18 09:59:24 2012 From: pascal.bisson at thalesgroup.com (BISSON Pascal) Date: Wed, 18 Jul 2012 09:59:24 +0200 Subject: [Fiware-security] TR: [Fiware-wpl] Clarification on task dealing with documentation of Features describing FI-WARE GEs Message-ID: <6075_1342598366_50066CDE_6075_1451_1_CBBCD6C304123F4AB23FAAE3055C8C0E0206D355B951@THSONEA01CMS04P.one.grp> FYI De : fiware-wpl-bounces at lists.fi-ware.eu [mailto:fiware-wpl-bounces at lists.fi-ware.eu] De la part de Juanjo Hierro Envoy? : mercredi 18 juillet 2012 07:55 ? : fiware at lists.fi-ware.eu Cc : fiware-wpl at lists.fi-ware.eu; fiware-wpa at lists.fi-ware.eu Objet : [Fiware-wpl] Clarification on task dealing with documentation of Features describing FI-WARE GEs Dear all, Let me clarify, at the risk of repeating myself a bit, some aspects about the task dealing with documentation of Features describing FI-WARE GEs. I believe that what I'm going to explain in this email has already been explained several times, at leas communicated to WPLs and WPAs, but I hope that repeating it again is not harmful and may be helpful. The target goal of the task is to end up with a set of "Features" for each FI-WARE GE that provides a complete description of the functionalities supported by that GE. When we created the first version of the backlogs linked to all FI-WARE GEs back in month 7, it was agreed that it was only necessary to include entries (Themes, Epics, Features, User Stories) linked to new functionalities that we were going to develop on top of selected baseline assets during the course of the FI-WARE project. This agreement was captured on the wiki page where we describe how we were planning to use Agile: In defining how we were going to use Agile in FI-WARE, we have had to deal with a fundamental characteristic of the project: it is not about developing from the scratch but from a set of selected products (assets) resulted from previous projects, many of which hadn't been developed using Agile. If we had started development of every FI-WARE Generic Enabler (that's the way we name components in FI-WARE) from the scratch, the FI-WARE GE backlogs would contain Themes/Epics/Features/User-stories that, all together, would summarize the whole functionality of FI-WARE. But this is not the case. When creating the backlog for a given FI-WARE GE, we have considered that it should contain the Themes/Epics/Features/User-stories that, at the start of the FI-WARE project, map to "functionality to be developed" in the reference implementation of the GE we are building based on a number of baseline products. We won't capture all the functionality that was already implemented in the baseline products. That would mean trying to carry out a kind of "reverse engineering" of baseline products, deriving User-Stories from what those baseline products already support. This, apart from meaning a huge effort would not be be that useful to development teams and would simply delay start of our development. This didn't prevent the development team behind a given FI-WARE GE to define the whole set of Features characterizing all the functionalities of a given FI-WARE GE, including functionality already supported by the selected baseline assets. We simply didn't force them to do so (it was not mandatory). However, apparently some of the teams did this at month 7. That's fine and this only means they don't need to add entries for Features now. Remember: the target goal now is to end up with a set of "Features" per FI-WARE GE that provides a complete description of the functionalities supported by the GE. Why are we doing this exercise if we had agreed that documenting Features already supported in baseline assets was not mandatory ? Essentially because we have had to deal with a comment made by reviewers on the Technical Roadmap deliverable that was the major cause why they rejected that deliverable: we were not giving enough details of what was going to be provided by each GE in each major release (including functionalities supported already by baseline assets in the case of the first major release). The decision was to handle this comment by means of completing the backlogs of FI-WARE GEs to add "Features" that describe the complete set of functionalities of the GE. Those teams that already identified the complete set of Features describing a FI-WARE GE back in month 7 would not need to do anything. On the other hand, this shouldn't be that difficult for the rest of the teams that didn't include features describing functionalities supported by baseline assets at that time. And we will solve the comment for sure (do you want to know what a given FI-WARE GE will give in the first major release ? just take a look a the following Features description). It's true that it would be something that overrides what we explained on the wiki about following Agile (the text copied above) but we will certainly fix that text on the wiki after the task is finished. Do we need to create entries in the trackers corresponding to added Features ? I would say it is not mandatory but certainly highly desirable and a goal to achieve not later than September (it would be a matter of one hour - two hours maximum once the Features are registered on the Wiki). When doing so, we agreed that teams should assign a value "FI-WARE.Release.0" to the "FI-WARE Release Id" field. Note that you don't need to derive any short of User Story from Features linked to functionality supported by baseline assets. User stories should map to Features that have been planned for development during the course of the FI-WARE project. How are we going to elaborate on what Features of a given GE are going to go for the first major release and what Features are going to go for later major releases within the revised version of the Technical Roadmap deliverable ? This is something that we have not closed yet but will be closed in the joint WPLs/WPAs follow-up confcall that will take place on July 23rd. For the time being, we prefer that you concentrate on all what is needed to meet the July 23rd deadline (maximum extension of the original deadline by end of June that we communicated to our POs regarding late delivery of deliverables linked to FI-WARE GEs). Are we going to distinguish between Features planned to be developed in the first Release and Features already supported by baseline assets within the Technical Roadmap deliverable ? I believe it is not needed. All of them together comprise the Features that describe what is going to be supported in the first major release and that is what really matters to a potential user of a given FI-WARE GE in the first major release: what is the set of features that the GE will support that they can use. Hope this helps, although I guess most of what is being explained was already understood by you. Best regards, -- Juanjo ------------- Product Development and Innovation (PDI) - Telefonica Digital website: www.tid.es email: jhierro at tid.es twitter: twitter.com/JuanjoHierro FI-WARE (European Future Internet Core Platform) Chief Architect You can follow FI-WARE at: website: http://www.fi-ware.eu facebook: http://www.facebook.com/pages/FI-WARE/251366491587242 twitter: http://twitter.com/FIware linkedIn: http://www.linkedin.com/groups/FIWARE-4239932 ________________________________ Este mensaje se dirige exclusivamente a su destinatario. Puede consultar nuestra pol?tica de env?o y recepci?n de correo electr?nico en el enlace situado m?s abajo. This message is intended exclusively for its addressee. We only send and receive email on the basis of the terms set out at. http://www.tid.es/ES/PAGINAS/disclaimer.aspx -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- An embedded and charset-unspecified text was scrubbed... Name: ATT00001.txt URL: From pascal.bisson at thalesgroup.com Fri Jul 20 09:57:19 2012 From: pascal.bisson at thalesgroup.com (BISSON Pascal) Date: Fri, 20 Jul 2012 09:57:19 +0200 Subject: [Fiware-security] FI-WARE - Weekly Audio Conference Message-ID: <22717_1342771043_50090F63_22717_15392_1_31fba011-00b1-48da-99ef-a0f5f202fe37@THSONEA01HUB04P.one.grp> Dear All, Here is the Agenda for today's audio conference: ? GE's features completion (assume now to be completed!) ? M14 status - Deadline for WPLs to deliver July 23rd ? D2.5a (review of contributions) ? D11.4a (review of contributions) ? Mvt of resources (finalization) Best Regards, Pascal PS2: details to join = same as usual [meeting room (unchanged) : 391581] Australia Australia Toll Free 1800 005 574 Australia Sydney +61 (0) 282 239 767 Austria Vienna +43 (0) 2682 205 6609 Belgium Brussels +32 (0) 2 789 8678 Denmark Copenhagen +45 3271 4340 Finland Helsinki +358 (0) 923 142 830 France Lyon +33 (0) 426 840 285 France Marseille +33 (0) 488 915 385 France Paris +33 (0) 170 994 816 Germany Berlin +49 (0) 3072 616 7342 Germany D?sseldorf +49 (0) 2115 407 3902 Germany Frankfurt +49 (0) 6971 044 5635 Germany Hamburg +49 (0) 4080 902 0684 Germany Munich +49 (0) 8924 443 2893 Germany Stuttgart +49 (0) 7111 856 2130 Hong Kong Hong Kong +852 301 145 59 Hungary Budapest +36 (06) 1-889-3286 Ireland Dublin +353 (0) 14 860 780 Israel Israel Toll Free 1809 245 981 Italy Milan +39 0 230 413 017 Italy Rome +39 0 645 217 056 Italy Turin +39 0 112 179 2159 Japan Japan Toll Free 005 311 212 65 Japan Tokyo +81 (0) 357 675 025 Korea, Republic Of Seoul +82 (0) 234 831 224 Luxembourg Luxemburg City +352 2700 41 42 Malaysia Kuala Lumpur +60 (0) 377 124 640 Netherlands Amsterdam +31 (0) 207 948 529 New Zealand Auckland +64 (0) 9 919 2428 Norway Oslo +47 2153 3919 Poland Poland Toll Free 0080 0121 1304 Portugal Portugal Toll Free 800 814 183 Russia Russia Toll Free 81080 02209 4011 Singapore Singapore +65 6622 1068 Spain Barcelona +34 93 492 3235 Spain Madrid +34 91 788 9908 Sweden Stockholm +46 (0) 850 520 145 Switzerland Geneva +41 (0) 225 927 428 United Kingdom Birmingham +44 (0) 121 260 4686 United Kingdom London +44 (0) 207 153 9902 United Kingdom Manchester +44 (0) 161 250 0679 United States USA & Canada Toll Free 1888 249 0050 United States USA Toll +1 954 334 1559 -------------- next part -------------- An HTML attachment was scrubbed... URL: From pascal.bisson at thalesgroup.com Fri Jul 20 16:45:48 2012 From: pascal.bisson at thalesgroup.com (BISSON Pascal) Date: Fri, 20 Jul 2012 16:45:48 +0200 Subject: [Fiware-security] TR: [Fiware-wpl] deliverables for GE-s running as a service Message-ID: <19974_1342795550_50096F1E_19974_654_1_CBBCD6C304123F4AB23FAAE3055C8C0E0206D3600376@THSONEA01CMS04P.one.grp> FYI De : Juanjo Hierro [mailto:jhierro at tid.es] Envoy? : vendredi 20 juillet 2012 15:44 ? : BISSON Pascal Cc : fiware-wpl at lists.fi-ware.eu; fiware-wpa at lists.fi-ware.eu; Miguel Carrillo; jhierro >> "Juan J. Hierro" Objet : Re: [Fiware-wpl] deliverables for GE-s running as a service Dear Pascal, SAME instructions/guidelines do apply to both Users' & Programmers' Guides and the Unit Test Plans and Report: * Users' & Programmers' Guides should guide developers in how to configure or program applications using the services provided by the GE. As I have explained multiple times, they should not be just a repetition of the GE's API specifications but some sort of "Hello World" example. And the way these Users' and Programmers' Guides would not vary because a GE instance is hosted in the FI-WARE Testbed dedicated datacenter facility or any other remote location. * The Unit Testing Plan should document "how-to-test" the different features of an GE instance, no matter where it is hosted. The report, of course, is relevant to a particular instance of the GE: the one against which you passed the tests of the Unit Testing Plan. In this respect, we are asking you to report on the execution of the Testing Plan against the instance of the GE you have used for Unit Testing purposes. In the case of GEs provided as a service, we would highly recommend that you run the Unit Testing Plan against the instance of the GE that will be provided as a service. In the case of GEs that will be hosted in the FI-WARE dedicated datacenter or in facilities owned by UC projects, we assume that you have run the Unit Testing Plan against an instance of the GE in your own lab. Of course, one thing you should be prepared for, is that someone from WP10 decides to run the Unit Testing Plan against the instance of a GE that has been deployed in the FI-WARE Testbed dedicated datacenter facility or remotely. That would lead to a report different from the one we are asking you now to provide. Such a second report, may be used as a sanity check and, eventually, to reject the deliverable in the case that the software doesn't pass a significant number of Tests in the Unit Testing Plan, provided that the Unit Testing Plan has been run properly. Amendment to my previous mail: the deadline extension regaring binaries of GEs that were agreed that would be provided as a service hosted remotely also applies to the Installation & Admin Guides of those GEs. Hope it helps, -- Juanjo On 20/07/12 15:20, BISSON Pascal wrote: Dear Juanjo, Ok but here you forgot one important point which is that the way GEs are released as a service versus as software package also impacts the content of the User guide, Install guide, Unit test plan & reporting. That's also why I was asking in one of my previous emails for different instructions/guidelines to be provided for each of the two cases. Hope you can share and agree. BR Pascal De : fiware-wpl-bounces at lists.fi-ware.eu [mailto:fiware-wpl-bounces at lists.fi-ware.eu] De la part de Juanjo Hierro Envoy? : vendredi 20 juillet 2012 14:59 ? : fiware-wpl at lists.fi-ware.eu Objet : Re: [Fiware-wpl] deliverables for GE-s running as a service Hi all, Regarding software that will be provided on the FI-WARE Testbed as a Service, we will extend the deadline for delivery of binaries until we get the response from our PO regarding how he believes that delivery of the software can be confirmed. That extension doesn't apply neither to software that needs to be installed on the FI-WARE Testbed nor to software that will be provided for installation at UC projects' premises/facilities/equipments (e.g., Cloud Proxy). With respect to distinction between background and foreground, I will respond in a separate mail. Best regards, -- Juanjo ------------- Product Development and Innovation (PDI) - Telefonica Digital website: www.tid.es email: jhierro at tid.es twitter: twitter.com/JuanjoHierro FI-WARE (European Future Internet Core Platform) Chief Architect You can follow FI-WARE at: website: http://www.fi-ware.eu facebook: http://www.facebook.com/pages/FI-WARE/251366491587242 twitter: http://twitter.com/FIware linkedIn: http://www.linkedin.com/groups/FIWARE-4239932 On 20/07/12 14:07, Farkas, Lorant (NSN - HU/Budapest) wrote: Dear All, Recently there have been discussions around the need for providing binaries constituting background in case of FI-WARE. Several partners raised concerns about that. The issue is burning, because in the current situation unless the partner contributes the binary of the background by the 23rd of July, 40% of the PM-s are lost. Let me share NSN's view on this. 1. According to the FI-WARE contract special clause 41 (article 7.3) "other beneficiaries" (meaning FI-PPP partners excluding FI-WARE ones) rights and obligations are limited to foreground and do not extend to background. Translated: they should not have access to background. To comply to this clause with the tool called "fi-ware restricted" 1.1 either there would be no reason for exposing it to all FI-PPP consortium, but just FI-WARE and the commission 1.2 or there would be no reason for asking partners to upload binaries related to background 2. According to Annex 2 of the FI-WARE contract beneficiaries may define the background needed for the purposes of the project in a written agreement and, where appropriate, may agree to exclude specific background. All requests for access rights shall be made in writing. The granting of access rights may be made conditional on the acceptance of specific conditions aimed at ensuring that these rights will be used only for the intended purpose and that appropriate confidentiality obligations are in place. So when you expose background through "forge fi-ware restricted", even restricted to the FI-WARE partners, you take the possibility away from partners to impose such conditions. This would breach the contract. 3. According to Annex 2 of the FI-WARE contract access rights to background shall be granted to the other beneficiaries, if it is needed to enable those beneficiaries to carry out their own work under the project provided that the beneficiary concerned is entitled to grant them. Example: from our side for the NSN IDM solution there is no such need, because it is available as a service. 4. On the other hand beneficiaries shall provide all detailed data requested by the Commission for the purposes of the proper administration of this project. Our interpretation is that there might be a request from the Commission to take a look at binaries of background. The technical means for that would be to establish sharing space only for the Commission's representatives, not the entire FI-WARE/FI-PPP consortium. As a result, NSN rightfully believes there is no reason for any partner offering a GE as a service to provide binaries in "fi-ware restricted". Therefore also the content of the contributions to D8.x would be different for partners providing their assets as a service or as SW (e.g. unit testing plan, installation guide, etc.). Thanks & Br, L?r?nt Farkas Senior Research Engineer H-1092 Budapest, Hungary K?ztelek u.6. Tel: +36 20 977 7797 Mob: +36 20 936 9002 lorant.farkas at nsn.com http://www.nokiasiemensnetworks.com/global/ _______________________________________________ Fiware-wpl mailing list Fiware-wpl at lists.fi-ware.eu http://lists.fi-ware.eu/listinfo/fiware-wpl ________________________________ Este mensaje se dirige exclusivamente a su destinatario. Puede consultar nuestra pol?tica de env?o y recepci?n de correo electr?nico en el enlace situado m?s abajo. This message is intended exclusively for its addressee. We only send and receive email on the basis of the terms set out at. http://www.tid.es/ES/PAGINAS/disclaimer.aspx ________________________________ Este mensaje se dirige exclusivamente a su destinatario. Puede consultar nuestra pol?tica de env?o y recepci?n de correo electr?nico en el enlace situado m?s abajo. This message is intended exclusively for its addressee. We only send and receive email on the basis of the terms set out at. http://www.tid.es/ES/PAGINAS/disclaimer.aspx -------------- next part -------------- An HTML attachment was scrubbed... URL: From pascal.bisson at thalesgroup.com Fri Jul 20 17:51:47 2012 From: pascal.bisson at thalesgroup.com (BISSON Pascal) Date: Fri, 20 Jul 2012 17:51:47 +0200 Subject: [Fiware-security] TR: [Fiware-wpl] deliverables for GE-s running as a service Message-ID: <32164_1342799509_50097E95_32164_2514_1_CBBCD6C304123F4AB23FAAE3055C8C0E0206D365EFE7@THSONEA01CMS04P.one.grp> FYI De : Juanjo Hierro [mailto:jhierro at tid.es] Envoy? : vendredi 20 juillet 2012 15:44 ? : BISSON Pascal Cc : fiware-wpl at lists.fi-ware.eu; fiware-wpa at lists.fi-ware.eu; Miguel Carrillo; jhierro >> "Juan J. Hierro" Objet : Re: [Fiware-wpl] deliverables for GE-s running as a service Dear Pascal, SAME instructions/guidelines do apply to both Users' & Programmers' Guides and the Unit Test Plans and Report: * Users' & Programmers' Guides should guide developers in how to configure or program applications using the services provided by the GE. As I have explained multiple times, they should not be just a repetition of the GE's API specifications but some sort of "Hello World" example. And the way these Users' and Programmers' Guides would not vary because a GE instance is hosted in the FI-WARE Testbed dedicated datacenter facility or any other remote location. * The Unit Testing Plan should document "how-to-test" the different features of an GE instance, no matter where it is hosted. The report, of course, is relevant to a particular instance of the GE: the one against which you passed the tests of the Unit Testing Plan. In this respect, we are asking you to report on the execution of the Testing Plan against the instance of the GE you have used for Unit Testing purposes. In the case of GEs provided as a service, we would highly recommend that you run the Unit Testing Plan against the instance of the GE that will be provided as a service. In the case of GEs that will be hosted in the FI-WARE dedicated datacenter or in facilities owned by UC projects, we assume that you have run the Unit Testing Plan against an instance of the GE in your own lab. Of course, one thing you should be prepared for, is that someone from WP10 decides to run the Unit Testing Plan against the instance of a GE that has been deployed in the FI-WARE Testbed dedicated datacenter facility or remotely. That would lead to a report different from the one we are asking you now to provide. Such a second report, may be used as a sanity check and, eventually, to reject the deliverable in the case that the software doesn't pass a significant number of Tests in the Unit Testing Plan, provided that the Unit Testing Plan has been run properly. Amendment to my previous mail: the deadline extension regaring binaries of GEs that were agreed that would be provided as a service hosted remotely also applies to the Installation & Admin Guides of those GEs. Hope it helps, -- Juanjo On 20/07/12 15:20, BISSON Pascal wrote: Dear Juanjo, Ok but here you forgot one important point which is that the way GEs are released as a service versus as software package also impacts the content of the User guide, Install guide, Unit test plan & reporting. That's also why I was asking in one of my previous emails for different instructions/guidelines to be provided for each of the two cases. Hope you can share and agree. BR Pascal De : fiware-wpl-bounces at lists.fi-ware.eu [mailto:fiware-wpl-bounces at lists.fi-ware.eu] De la part de Juanjo Hierro Envoy? : vendredi 20 juillet 2012 14:59 ? : fiware-wpl at lists.fi-ware.eu Objet : Re: [Fiware-wpl] deliverables for GE-s running as a service Hi all, Regarding software that will be provided on the FI-WARE Testbed as a Service, we will extend the deadline for delivery of binaries until we get the response from our PO regarding how he believes that delivery of the software can be confirmed. That extension doesn't apply neither to software that needs to be installed on the FI-WARE Testbed nor to software that will be provided for installation at UC projects' premises/facilities/equipments (e.g., Cloud Proxy). With respect to distinction between background and foreground, I will respond in a separate mail. Best regards, -- Juanjo ------------- Product Development and Innovation (PDI) - Telefonica Digital website: www.tid.es email: jhierro at tid.es twitter: twitter.com/JuanjoHierro FI-WARE (European Future Internet Core Platform) Chief Architect You can follow FI-WARE at: website: http://www.fi-ware.eu facebook: http://www.facebook.com/pages/FI-WARE/251366491587242 twitter: http://twitter.com/FIware linkedIn: http://www.linkedin.com/groups/FIWARE-4239932 On 20/07/12 14:07, Farkas, Lorant (NSN - HU/Budapest) wrote: Dear All, Recently there have been discussions around the need for providing binaries constituting background in case of FI-WARE. Several partners raised concerns about that. The issue is burning, because in the current situation unless the partner contributes the binary of the background by the 23rd of July, 40% of the PM-s are lost. Let me share NSN's view on this. 1. According to the FI-WARE contract special clause 41 (article 7.3) "other beneficiaries" (meaning FI-PPP partners excluding FI-WARE ones) rights and obligations are limited to foreground and do not extend to background. Translated: they should not have access to background. To comply to this clause with the tool called "fi-ware restricted" 1.1 either there would be no reason for exposing it to all FI-PPP consortium, but just FI-WARE and the commission 1.2 or there would be no reason for asking partners to upload binaries related to background 2. According to Annex 2 of the FI-WARE contract beneficiaries may define the background needed for the purposes of the project in a written agreement and, where appropriate, may agree to exclude specific background. All requests for access rights shall be made in writing. The granting of access rights may be made conditional on the acceptance of specific conditions aimed at ensuring that these rights will be used only for the intended purpose and that appropriate confidentiality obligations are in place. So when you expose background through "forge fi-ware restricted", even restricted to the FI-WARE partners, you take the possibility away from partners to impose such conditions. This would breach the contract. 3. According to Annex 2 of the FI-WARE contract access rights to background shall be granted to the other beneficiaries, if it is needed to enable those beneficiaries to carry out their own work under the project provided that the beneficiary concerned is entitled to grant them. Example: from our side for the NSN IDM solution there is no such need, because it is available as a service. 4. On the other hand beneficiaries shall provide all detailed data requested by the Commission for the purposes of the proper administration of this project. Our interpretation is that there might be a request from the Commission to take a look at binaries of background. The technical means for that would be to establish sharing space only for the Commission's representatives, not the entire FI-WARE/FI-PPP consortium. As a result, NSN rightfully believes there is no reason for any partner offering a GE as a service to provide binaries in "fi-ware restricted". Therefore also the content of the contributions to D8.x would be different for partners providing their assets as a service or as SW (e.g. unit testing plan, installation guide, etc.). Thanks & Br, L?r?nt Farkas Senior Research Engineer H-1092 Budapest, Hungary K?ztelek u.6. Tel: +36 20 977 7797 Mob: +36 20 936 9002 lorant.farkas at nsn.com http://www.nokiasiemensnetworks.com/global/ _______________________________________________ Fiware-wpl mailing list Fiware-wpl at lists.fi-ware.eu http://lists.fi-ware.eu/listinfo/fiware-wpl ________________________________ Este mensaje se dirige exclusivamente a su destinatario. Puede consultar nuestra pol?tica de env?o y recepci?n de correo electr?nico en el enlace situado m?s abajo. This message is intended exclusively for its addressee. We only send and receive email on the basis of the terms set out at. http://www.tid.es/ES/PAGINAS/disclaimer.aspx ________________________________ Este mensaje se dirige exclusivamente a su destinatario. Puede consultar nuestra pol?tica de env?o y recepci?n de correo electr?nico en el enlace situado m?s abajo. This message is intended exclusively for its addressee. We only send and receive email on the basis of the terms set out at. http://www.tid.es/ES/PAGINAS/disclaimer.aspx -------------- next part -------------- An HTML attachment was scrubbed... URL: From pascal.bisson at thalesgroup.com Mon Jul 23 10:52:55 2012 From: pascal.bisson at thalesgroup.com (BISSON Pascal) Date: Mon, 23 Jul 2012 10:52:55 +0200 Subject: [Fiware-security] TR: [Fiware-wpl] Status regarding issues about how to make software binaries and Installation/Administration Guides marked as PP available Message-ID: <29066_1343033576_500D10E8_29066_7648_1_CBBCD6C304123F4AB23FAAE3055C8C0E0206D365F826@THSONEA01CMS04P.one.grp> FYI De : fiware-wpl-bounces at lists.fi-ware.eu [mailto:fiware-wpl-bounces at lists.fi-ware.eu] De la part de Juanjo Hierro Envoy? : lundi 23 juillet 2012 10:37 ? : fiware-wpl at lists.fi-ware.eu; fiware-wpa at lists.fi-ware.eu Objet : [Fiware-wpl] Status regarding issues about how to make software binaries and Installation/Administration Guides marked as PP available Here, Just a brief update regarding status of the analysis of some of the issues raised regarding access to software (binaries) and Installation/Administration Guides marked as PP. My current view on the matter is as follows: * Relying on certain clauses of the Collaboration Agreement, access to binaries and Installation/Administration Guides should be granted royalty-free to FI-PPP members when ALL the following requirements are met: * they request it in writing * they require it for execution of their respective projects within the FI-PPP * they can explain that using it "as a Service" through a well defined API (from the FI-WARE Testbed or any other hosting facility) is not enough * Notwithstanding the previous point, we shall provide access to binaries and Installation/Administration Guides to the EC (and reviewers) for auditing/reviewing purposes. Here, it is not clear whether it is enough to provide access to the facilities where GEs offered "as a Service" are hosted. It will depend very much on EC's willingness. This is just my view. As already mentioned, the issues have been shared with our PO and we are waiting for his response. Note that if my view is correct, the binaries and Installation Guides of most of the software linked to FI-WARE GEs would not need to become accessible to UC projects in the first phase (except maybe the one linked to the Cloud Proxy or any FI-WARE GE that runs on local infrastructures linked to the Proof of Concepts). However, a different story may apply to UC trials or SME experiments in phase 2 and 3, where I can foreseen that the above mentioned requirements could be met. Based on this, and until the EC provides an answer: * We will keep access to the "FI-WARE PPP Restricted" project only limited to FI-WARE partners * Owners of GEs that we had agreed could be offered "as a Service" hosted in facilities different than the FI-WARE Testbed will not be requested to upload their binaries and Installation/Administration Guides until the EC provides an official answer about where binaries and Installation/Administration Guides can be delivered in their particular case. Cheers, -- Juanjo ------------- Product Development and Innovation (PDI) - Telefonica Digital website: www.tid.es email: jhierro at tid.es twitter: twitter.com/JuanjoHierro FI-WARE (European Future Internet Core Platform) Chief Architect You can follow FI-WARE at: website: http://www.fi-ware.eu facebook: http://www.facebook.com/pages/FI-WARE/251366491587242 twitter: http://twitter.com/FIware linkedIn: http://www.linkedin.com/groups/FIWARE-4239932 ________________________________ Este mensaje se dirige exclusivamente a su destinatario. Puede consultar nuestra pol?tica de env?o y recepci?n de correo electr?nico en el enlace situado m?s abajo. This message is intended exclusively for its addressee. We only send and receive email on the basis of the terms set out at. http://www.tid.es/ES/PAGINAS/disclaimer.aspx -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- An embedded and charset-unspecified text was scrubbed... Name: ATT00001.txt URL: From pascal.bisson at thalesgroup.com Mon Jul 23 11:08:14 2012 From: pascal.bisson at thalesgroup.com (BISSON Pascal) Date: Mon, 23 Jul 2012 11:08:14 +0200 Subject: [Fiware-security] FI-WARE - Security - Minutes of last audio conference (20/07/2012) Message-ID: <30187_1343034499_500D1483_30187_14285_1_d7079ab2-68c5-4506-8118-ed02bf9dfd19@THSONEA01HUB06P.one.grp> Are now available at : https://forge.fi-ware.eu/docman/view.php/19/1189/FI-WARE_WP8_Minutes_20-07-12.doc Please read carefully and perform your actions. BR Pascal -------------- next part -------------- An HTML attachment was scrubbed... URL: From pascal.bisson at thalesgroup.com Mon Jul 23 12:59:25 2012 From: pascal.bisson at thalesgroup.com (BISSON Pascal) Date: Mon, 23 Jul 2012 12:59:25 +0200 Subject: [Fiware-security] FI-WARE - Standardization Plan (V2) - For your check & update/completion Message-ID: <26605_1343041168_500D2E90_26605_1604_1_9455d8d1-9561-4c8a-85f6-e762ae289f85@THSONEA01HUB02P.one.grp> Dear Michael, Dear Philippe, Dear Alexandre, Dear Rodrigo, Could you please and update (complete) the information we entered on your behalf for what concerns the update of our Standardization Plan. This especially for what concerns SDOs you have identified as responsible for: https://forge.fi-ware.eu/plugins/mediawiki/wiki/exploitation/index.php/Mapping_Security Don't forget to check and fill-in table 7a, 7b and 7c asap. @Rodrigo: As for T8.3 I would expect an input from you Rodrigo as well. So please contribute your best input. Of course anyone else is also welcome to contribute additional input duly validated by our Task lead. I remember you here this has to be completed asap. BR Pascal & Daniel -------------- next part -------------- An HTML attachment was scrubbed... URL: From pascal.bisson at thalesgroup.com Mon Jul 23 16:50:53 2012 From: pascal.bisson at thalesgroup.com (BISSON Pascal) Date: Mon, 23 Jul 2012 16:50:53 +0200 Subject: [Fiware-security] FI-WARE - Security - D2.5a (Your input is now requested in complement of mine) Message-ID: <2447_1343055055_500D64CF_2447_1056_1_fb281647-7e93-4391-b9a5-4a4e95e1dde9@THSONEA01HUB05P.one.grp> Dear Task leads and Caretakers, This just to inform you that to give a start from our Security Chapter side to D2.5a I did enter some text. This text is for you to check and complete with your input (reflecting your thoughts and the ones of GE owners attached to your task - that btw you should have consulted already ...) https://docs.google.com/document/d/1HnmGAJ7LuHJs9oBIhVwbR9LuKMK-Xhb_c7SF-EVQi_Q/edit?pli=1#heading=h.w9bqlgh5tq19 Bear in mind that by EOB tomorrow you should have contributed your Task input. This as per minutes of last audio conference. Counting on you all to have it done. Thanks in advance for your cooperation and support. BR Pascal PS: Don't hesitate as add-ons you may think of in complement of the text I already provided to illustrate the added value (for the sake of 3rd party innovation) resulting from your GEs design to each of the stakeholder to which it applies. -------------- next part -------------- An HTML attachment was scrubbed... URL: From francesco.di.cerbo at sap.com Tue Jul 24 01:31:57 2012 From: francesco.di.cerbo at sap.com (DI CERBO, Francesco) Date: Tue, 24 Jul 2012 01:31:57 +0200 Subject: [Fiware-security] FI-WARE - Security - D2.5a (Your input is now requested in complement of mine) In-Reply-To: <2447_1343055055_500D64CF_2447_1056_1_fb281647-7e93-4391-b9a5-4a4e95e1dde9@THSONEA01HUB05P.one.grp> References: <2447_1343055055_500D64CF_2447_1056_1_fb281647-7e93-4391-b9a5-4a4e95e1dde9@THSONEA01HUB05P.one.grp> Message-ID: <71C0C7C7A712EE4CA636EDFD663B4E27048C90C0BA@DEWDFECCR09.wdf.sap.corp> Hello Pascal, I contributed with a few lines on USDL-SEC, they are already in the document. 3rd Party involvement in USDL-SEC can be significant, due to its open design principles. USDL-SEC permits to complement USDL service descriptions with security-specific non-functional information, through the Linked Open Data paradigm. With the same paradigm, also USDL-SEC can be complemented, for example adding additional details regarding a particular technology; 3rd Party here can integrate their contributions to the specification, besides being able to describe the security features of their services. Best, Francesco From: BISSON Pascal [mailto:pascal.bisson at thalesgroup.com] Sent: lundi 23 juillet 2012 16:51 To: Seidl, Robert (NSN - DE/Munich); GIDOIN Daniel; Rodrigo Diaz Rodriguez; DI CERBO, Francesco; TRABELSI, Slim; Michael Osborne; Antonio Garcia Vazquez Cc: BISSON Pascal; LELEU Philippe; fiware-security at lists.fi-ware.eu Subject: FI-WARE - Security - D2.5a (Your input is now requested in complement of mine) Importance: High Dear Task leads and Caretakers, This just to inform you that to give a start from our Security Chapter side to D2.5a I did enter some text. This text is for you to check and complete with your input (reflecting your thoughts and the ones of GE owners attached to your task - that btw you should have consulted already ...) https://docs.google.com/document/d/1HnmGAJ7LuHJs9oBIhVwbR9LuKMK-Xhb_c7SF-EVQi_Q/edit?pli=1#heading=h.w9bqlgh5tq19 Bear in mind that by EOB tomorrow you should have contributed your Task input. This as per minutes of last audio conference. Counting on you all to have it done. Thanks in advance for your cooperation and support. BR Pascal PS: Don't hesitate as add-ons you may think of in complement of the text I already provided to illustrate the added value (for the sake of 3rd party innovation) resulting from your GEs design to each of the stakeholder to which it applies. -------------- next part -------------- An HTML attachment was scrubbed... URL: From pascal.bisson at thalesgroup.com Tue Jul 24 09:58:12 2012 From: pascal.bisson at thalesgroup.com (BISSON Pascal) Date: Tue, 24 Jul 2012 09:58:12 +0200 Subject: [Fiware-security] FI-WARE - Security - D2.5a (Your input is now requested in complement of mine) In-Reply-To: <71C0C7C7A712EE4CA636EDFD663B4E27048C90C0BA@DEWDFECCR09.wdf.sap.corp> References: <2447_1343055055_500D64CF_2447_1056_1_fb281647-7e93-4391-b9a5-4a4e95e1dde9@THSONEA01HUB05P.one.grp> <71C0C7C7A712EE4CA636EDFD663B4E27048C90C0BA@DEWDFECCR09.wdf.sap.corp> Message-ID: <30979_1343116694_500E5596_30979_9471_1_4461a1e9-4185-4428-a4e0-6c0d39578029@THSONEA01HUB05P.one.grp> Ok Thanks for this add-on Francesco. BR Pascal De : DI CERBO, Francesco [mailto:francesco.di.cerbo at sap.com] Envoy? : mardi 24 juillet 2012 01:32 ? : BISSON Pascal; Seidl, Robert (NSN - DE/Munich); GIDOIN Daniel; Rodrigo Diaz Rodriguez; TRABELSI, Slim; Michael Osborne; Antonio Garcia Vazquez Cc : LELEU Philippe; fiware-security at lists.fi-ware.eu Objet : RE: FI-WARE - Security - D2.5a (Your input is now requested in complement of mine) Hello Pascal, I contributed with a few lines on USDL-SEC, they are already in the document. 3rd Party involvement in USDL-SEC can be significant, due to its open design principles. USDL-SEC permits to complement USDL service descriptions with security-specific non-functional information, through the Linked Open Data paradigm. With the same paradigm, also USDL-SEC can be complemented, for example adding additional details regarding a particular technology; 3rd Party here can integrate their contributions to the specification, besides being able to describe the security features of their services. Best, Francesco From: BISSON Pascal [mailto:pascal.bisson at thalesgroup.com] Sent: lundi 23 juillet 2012 16:51 To: Seidl, Robert (NSN - DE/Munich); GIDOIN Daniel; Rodrigo Diaz Rodriguez; DI CERBO, Francesco; TRABELSI, Slim; Michael Osborne; Antonio Garcia Vazquez Cc: BISSON Pascal; LELEU Philippe; fiware-security at lists.fi-ware.eu Subject: FI-WARE - Security - D2.5a (Your input is now requested in complement of mine) Importance: High Dear Task leads and Caretakers, This just to inform you that to give a start from our Security Chapter side to D2.5a I did enter some text. This text is for you to check and complete with your input (reflecting your thoughts and the ones of GE owners attached to your task - that btw you should have consulted already ...) https://docs.google.com/document/d/1HnmGAJ7LuHJs9oBIhVwbR9LuKMK-Xhb_c7SF-EVQi_Q/edit?pli=1#heading=h.w9bqlgh5tq19 Bear in mind that by EOB tomorrow you should have contributed your Task input. This as per minutes of last audio conference. Counting on you all to have it done. Thanks in advance for your cooperation and support. BR Pascal PS: Don't hesitate as add-ons you may think of in complement of the text I already provided to illustrate the added value (for the sake of 3rd party innovation) resulting from your GEs design to each of the stakeholder to which it applies. -------------- next part -------------- An HTML attachment was scrubbed... URL: From Richard.Egan at uk.thalesgroup.com Tue Jul 24 10:51:53 2012 From: Richard.Egan at uk.thalesgroup.com (Egan, Richard) Date: Tue, 24 Jul 2012 09:51:53 +0100 Subject: [Fiware-security] FI-WARE - Security - D2.5a (Your input is n ow requested in complement of mine) Message-ID: Pascal, I cannot easily access the googledoc, so perhaps you could paste the following text into the appropriate part of the document Content Based Security Security capabilities are essential for third party innovation but they are an area where third parties often lack the skills to develop their own solutions. The Content Based Security enabler is offered as a software service to help third party innovators incorporate application level security into their offering. By specifying open interfaces for both content producing and content consuming applications, it is feasible for application developers to incorporate content-based security into their products and services without having to develop the underlying security mechanisms that underpin content-based security. Security Monitoring The visualisation framework in the Security Monitoring GE has been architected to facilitate the incorporation of new visualisations by third parties. A flexibility point is introduced between the Data Broker component of the visualisation framework, which is responsible for converting the various monitoring data sources into a common format, and the visualisation component, which renders the common format data. This make it possible for third parties to exploit the common format when creating new visualistions, without having to provide interfaces to the pre-existing Security Monitoring data sources. Thanks Richard _____ From: fiware-security-bounces at lists.fi-ware.eu [mailto:fiware-security-bounces at lists.fi-ware.eu] On Behalf Of BISSON Pascal Sent: 24 July 2012 08:58 To: DI CERBO, Francesco; Seidl, Robert (NSN - DE/Munich); GIDOIN Daniel; Rodrigo Diaz Rodriguez; TRABELSI, Slim; Michael Osborne; Antonio Garcia Vazquez Cc: LELEU Philippe; fiware-security at lists.fi-ware.eu Subject: Re: [Fiware-security] FI-WARE - Security - D2.5a (Your input is now requested in complement of mine) Ok Thanks for this add-on Francesco. BR Pascal De : DI CERBO, Francesco [mailto:francesco.di.cerbo at sap.com] Envoy? : mardi 24 juillet 2012 01:32 ? : BISSON Pascal; Seidl, Robert (NSN - DE/Munich); GIDOIN Daniel; Rodrigo Diaz Rodriguez; TRABELSI, Slim; Michael Osborne; Antonio Garcia Vazquez Cc : LELEU Philippe; fiware-security at lists.fi-ware.eu Objet : RE: FI-WARE - Security - D2.5a (Your input is now requested in complement of mine) Hello Pascal, I contributed with a few lines on USDL-SEC, they are already in the document. 3rd Party involvement in USDL-SEC can be significant, due to its open design principles. USDL-SEC permits to complement USDL service descriptions with security-specific non-functional information, through the Linked Open Data paradigm. With the same paradigm, also USDL-SEC can be complemented, for example adding additional details regarding a particular technology; 3rd Party here can integrate their contributions to the specification, besides being able to describe the security features of their services. BM__MailEndCompose Best, Francesco From: BISSON Pascal [mailto:pascal.bisson at thalesgroup.com ] Sent: lundi 23 juillet 2012 16:51 To: Seidl, Robert (NSN - DE/Munich); GIDOIN Daniel; Rodrigo Diaz Rodriguez; DI CERBO, Francesco; TRABELSI, Slim; Michael Osborne; Antonio Garcia Vazquez Cc: BISSON Pascal; LELEU Philippe; fiware-security at lists.fi-ware.eu Subject: FI-WARE - Security - D2.5a (Your input is now requested in complement of mine) Importance: High Dear Task leads and Caretakers, This just to inform you that to give a start from our Security Chapter side to D2.5a I did enter some text. This text is for you to check and complete with your input (reflecting your thoughts and the ones of GE owners attached to your task - that btw you should have consulted already ...) https://docs.google.com/document/d/1HnmGAJ7LuHJs9oBIhVwbR9LuKMK-Xhb_c7SF-EVQ i_Q/edit?pli=1#heading=h.w9bqlgh5tq19 Bear in mind that by EOB tomorrow you should have contributed your Task input. This as per minutes of last audio conference. Counting on you all to have it done. Thanks in advance for your cooperation and support. BR Pascal PS: Don't hesitate as add-ons you may think of in complement of the text I already provided to illustrate the added value (for the sake of 3rd party innovation) resulting from your GEs design to each of the stakeholder to which it applies. Please consider the environment before printing a hard copy of this e-mail. The information contained in this e-mail is confidential. It is intended only for the stated addressee(s) and access to it by any other person is unauthorised. If you are not an addressee, you must not disclose, copy, circulate or in any other way use or rely on the information contained in this e-mail. Such unauthorised use may be unlawful. If you have received this e-mail in error, please inform us immediately on +44 (0)118 986 8601 and delete it and all copies from your system. Thales Research and Technology (UK) Limited. A company registered in England and Wales. Registered Office: 2 Dashwood Lang Road, The Bourne Business Park, Addlestone, Weybridge, Surrey KT15 2NX. Registered Number: 774298 Thales UK Limited. A company registered in England and Wales. Registered Office: 2 Dashwood Lang Road, The Bourne Business Park, Addlestone, Weybridge, Surrey KT15 2NX. Registered Number: 868273 -------------- next part -------------- An HTML attachment was scrubbed... URL: From robert.seidl at nsn.com Tue Jul 24 11:48:49 2012 From: robert.seidl at nsn.com (Seidl, Robert (NSN - DE/Munich)) Date: Tue, 24 Jul 2012 11:48:49 +0200 Subject: [Fiware-security] FI-WARE - Security - D2.5a (Your input is n ow requested in complement of mine) In-Reply-To: References: Message-ID: <9739B018F0466A4CAB10A9DABBEBF5A6E9DD1A@DEMUEXC027.nsn-intra.net> Here some text for IDM and Privacy. @ Francesco: If you think some sentences for Data Handling would be worth mentioning please add them. ____________________________ The Identity Management Generic Enabler acts as the identity provider; it provides federated identity for Web-SSO and attributes for an authenticated user; identity federation and single-sign-on support ease of use. Given the heterogeneity of the FI Core Platform, identities should be usable across trust domains. The identity management approach used in FI-WARE will combine established technologies and bridge them where possible, thus offering a flexible system being used by 3rd parties. Europe has taken a specific direction with respect to privacy protection. The right to respect for private and family life, home and correspondence are deeply rooted in the European Convention on Human Rights and have since been the foundation for extensive regulation on privacy and data protection. Privacy protection in Europe is geared towards protection of a right to respect and personal dignity as well as to data minimisation and minimum disclosure as basic implementation principles on the infrastructural level. FI-WARE is providing Attribute Based Credential (ABC) mechanisms in order to enable trustworthy identity management and trust relations between users and service providers while respecting privacy. 3rd party instances can make use of ABC functionality and will be enabled providing privacy respecting services. Greetings Robert From: ext Egan, Richard [mailto:Richard.Egan at uk.thalesgroup.com] Sent: Tuesday, July 24, 2012 10:52 AM To: 'BISSON Pascal'; 'DI CERBO, Francesco'; Seidl, Robert (NSN - DE/Munich); 'GIDOIN Daniel'; 'Rodrigo Diaz Rodriguez'; 'TRABELSI, Slim'; 'Michael Osborne'; 'Antonio Garcia Vazquez' Cc: 'LELEU Philippe'; 'fiware-security at lists.fi-ware.eu' Subject: RE: [Fiware-security] FI-WARE - Security - D2.5a (Your input is n ow requested in complement of mine) Pascal, I cannot easily access the googledoc, so perhaps you could paste the following text into the appropriate part of the document Content Based Security Security capabilities are essential for third party innovation but they are an area where third parties often lack the skills to develop their own solutions. The Content Based Security enabler is offered as a software service to help third party innovators incorporate application level security into their offering. By specifying open interfaces for both content producing and content consuming applications, it is feasible for application developers to incorporate content-based security into their products and services without having to develop the underlying security mechanisms that underpin content-based security. Security Monitoring The visualisation framework in the Security Monitoring GE has been architected to facilitate the incorporation of new visualisations by third parties. A flexibility point is introduced between the Data Broker component of the visualisation framework, which is responsible for converting the various monitoring data sources into a common format, and the visualisation component, which renders the common format data. This make it possible for third parties to exploit the common format when creating new visualistions, without having to provide interfaces to the pre-existing Security Monitoring data sources. Thanks Richard ________________________________ From: fiware-security-bounces at lists.fi-ware.eu [mailto:fiware-security-bounces at lists.fi-ware.eu] On Behalf Of BISSON Pascal Sent: 24 July 2012 08:58 To: DI CERBO, Francesco; Seidl, Robert (NSN - DE/Munich); GIDOIN Daniel; Rodrigo Diaz Rodriguez; TRABELSI, Slim; Michael Osborne; Antonio Garcia Vazquez Cc: LELEU Philippe; fiware-security at lists.fi-ware.eu Subject: Re: [Fiware-security] FI-WARE - Security - D2.5a (Your input is now requested in complement of mine) Ok Thanks for this add-on Francesco. BR Pascal De : DI CERBO, Francesco [mailto:francesco.di.cerbo at sap.com] Envoy? : mardi 24 juillet 2012 01:32 ? : BISSON Pascal; Seidl, Robert (NSN - DE/Munich); GIDOIN Daniel; Rodrigo Diaz Rodriguez; TRABELSI, Slim; Michael Osborne; Antonio Garcia Vazquez Cc : LELEU Philippe; fiware-security at lists.fi-ware.eu Objet : RE: FI-WARE - Security - D2.5a (Your input is now requested in complement of mine) Hello Pascal, I contributed with a few lines on USDL-SEC, they are already in the document. 3rd Party involvement in USDL-SEC can be significant, due to its open design principles. USDL-SEC permits to complement USDL service descriptions with security-specific non-functional information, through the Linked Open Data paradigm. With the same paradigm, also USDL-SEC can be complemented, for example adding additional details regarding a particular technology; 3rd Party here can integrate their contributions to the specification, besides being able to describe the security features of their services. Best, Francesco From: BISSON Pascal [mailto:pascal.bisson at thalesgroup.com] Sent: lundi 23 juillet 2012 16:51 To: Seidl, Robert (NSN - DE/Munich); GIDOIN Daniel; Rodrigo Diaz Rodriguez; DI CERBO, Francesco; TRABELSI, Slim; Michael Osborne; Antonio Garcia Vazquez Cc: BISSON Pascal; LELEU Philippe; fiware-security at lists.fi-ware.eu Subject: FI-WARE - Security - D2.5a (Your input is now requested in complement of mine) Importance: High Dear Task leads and Caretakers, This just to inform you that to give a start from our Security Chapter side to D2.5a I did enter some text. This text is for you to check and complete with your input (reflecting your thoughts and the ones of GE owners attached to your task - that btw you should have consulted already ...) https://docs.google.com/document/d/1HnmGAJ7LuHJs9oBIhVwbR9LuKMK-Xhb_c7SF-EVQi_Q/edit?pli=1#heading=h.w9bqlgh5tq19 Bear in mind that by EOB tomorrow you should have contributed your Task input. This as per minutes of last audio conference. Counting on you all to have it done. Thanks in advance for your cooperation and support. BR Pascal PS: Don't hesitate as add-ons you may think of in complement of the text I already provided to illustrate the added value (for the sake of 3rd party innovation) resulting from your GEs design to each of the stakeholder to which it applies. Please consider the environment before printing a hard copy of this e-mail. The information contained in this e-mail is confidential. It is intended only for the stated addressee(s) and access to it by any other person is unauthorised. If you are not an addressee, you must not disclose, copy, circulate or in any other way use or rely on the information contained in this e-mail. Such unauthorised use may be unlawful. If you have received this e-mail in error, please inform us immediately on +44 (0)118 986 8601 and delete it and all copies from your system. Thales Research and Technology (UK) Limited. A company registered in England and Wales. Registered Office: 2 Dashwood Lang Road, The Bourne Business Park, Addlestone, Weybridge, Surrey KT15 2NX. Registered Number: 774298 Thales UK Limited. A company registered in England and Wales. Registered Office: 2 Dashwood Lang Road, The Bourne Business Park, Addlestone, Weybridge, Surrey KT15 2NX. Registered Number: 868273 -------------- next part -------------- An HTML attachment was scrubbed... URL: From pascal.bisson at thalesgroup.com Tue Jul 24 12:38:33 2012 From: pascal.bisson at thalesgroup.com (BISSON Pascal) Date: Tue, 24 Jul 2012 12:38:33 +0200 Subject: [Fiware-security] TR: [Fiware-pcc] Report on conversation with our PO on status of the FI-WARE project Message-ID: <7034_1343126315_500E7B2B_7034_3259_1_CBBCD6C304123F4AB23FAAE3055C8C0E0206D36DE908@THSONEA01CMS04P.one.grp> FYI -----Message d'origine----- De?: fiware-pcc-bounces at lists.fi-ware.eu [mailto:fiware-pcc-bounces at lists.fi-ware.eu] De la part de Juanjo Hierro Envoy??: mardi 24 juillet 2012 01:14 ??: fiware-pcc at lists.fi-ware.eu; fiware-wpa at lists.fi-ware.eu; fiware-wpl at lists.fi-ware.eu Objet?: [Fiware-pcc] Report on conversation with our PO on status of the FI-WARE project Hi all, I have had a confcall with our PO where we have addressed a number of important issues and have discussed about general status of the project and the program. This email is trying to share with you information about what has been discussed. Don't hesitate to share this information with members of your respective chapter/WP teams. As I have already reported in a previous mail, the first thing we discussed had to do with how to manage deliverables linked to software and Installation/Administration Guides marked as PP. I hope this solves major concerns raised by some of the partners. Second point that was addressed had to do with measurements defined to avoid further delays in meeting defined deadlines. PO is backing us on the decision taken and welcome them. Even in the case that TID were not legally able to reject submission of financial/cost statements (something he doubts because he believes it can), he believes that TID not only can but must identify financial/costs reports TID believes are not in line with what is the actual work carried out and the EC would take decisions accordingly. Nevertheless, I shared with the PO that we believe that all partners will do their best to comply with the defined milestones not just to avoid implementation of the defined measurements but for the sake of the project. I believe that the PO feels confident about the status but let's try not to let him down. I reported about the status of the Testbed and the contingency plan that we put in place. He seemed to be fine with that. I asked him about the 1st year FI-WARE Review Report and he told me that we shouldn't expect this earlier than mid August. I explained Arian our plans regarding resubmission of the Technical Roadmap (in line with what we proposed during the 1st year FI-WARE Review meeting) and he seemed to be fine with them. He confirmed the relevance of the white paper describing the encompassing usage of GEs. I already announced him that it would be rather difficult to get it finished by the end of July because we are all so busy. It seemed that his major concern was to to make sure it be ready before an Information Day regarding the phase 2 of the FI-PPP that the EC has planned by August 30 in Brussels. I reported also that we were working hard on the deliverable regarding 3rd party innovation enablement and trying to get it ready by end of July or, if not, just a few days later. He seemed to be happy with that. Regarding results of the 1st Open Call, Arian expects that the next step will be that we elaborate an amendment of the DoW which incorporates the new partners and their description of work. However, we agreed that such DoW amendment should try to go after the one where we will try to incorporate all pending changes which were summarized and agreed during the last PCC meetings. He was ok with the planning of the second Open Call but would like to see the third Open Call later than what we proposed (January next year instead of end of October) in order to allow incorporation of topics that may be demanded by UC trials selected in phase 2 (hearings are planned to end beginning of December this year). I proposed him the possibility to formulate the 2nd Open Call so that it may consider topics with different closing dates for final publication of Epics and different submission deadlines. This would allow to incorporate topics like Security in this 2nd Open Call. Arian believes this may be feasible. Definitively, I will propose discussing this during the confcall of the FI-PPP AB that will take place this week. I think this was all. I'm happy to respond any question that you may have. Best regards, -- Juanjo ------------- Product Development and Innovation (PDI) - Telefonica Digital website: www.tid.es email: jhierro at tid.es twitter: twitter.com/JuanjoHierro FI-WARE (European Future Internet Core Platform) Chief Architect You can follow FI-WARE at: website: http://www.fi-ware.eu facebook: http://www.facebook.com/pages/FI-WARE/251366491587242 twitter: http://twitter.com/FIware linkedIn: http://www.linkedin.com/groups/FIWARE-4239932 ________________________________ Este mensaje se dirige exclusivamente a su destinatario. Puede consultar nuestra pol?tica de env?o y recepci?n de correo electr?nico en el enlace situado m?s abajo. This message is intended exclusively for its addressee. We only send and receive email on the basis of the terms set out at. http://www.tid.es/ES/PAGINAS/disclaimer.aspx _______________________________________________ Fiware-pcc mailing list Fiware-pcc at lists.fi-ware.eu http://lists.fi-ware.eu/listinfo/fiware-pcc From pascal.bisson at thalesgroup.com Tue Jul 24 12:44:49 2012 From: pascal.bisson at thalesgroup.com (BISSON Pascal) Date: Tue, 24 Jul 2012 12:44:49 +0200 Subject: [Fiware-security] TR: [Fiware-pcc] On formula for delivering software and Installation/Administration Guidelines marked as PP and linked to GEs Message-ID: <7034_1343126690_500E7CA2_7034_3553_1_CBBCD6C304123F4AB23FAAE3055C8C0E0206D36DE921@THSONEA01CMS04P.one.grp> FYI De : fiware-pcc-bounces at lists.fi-ware.eu [mailto:fiware-pcc-bounces at lists.fi-ware.eu] De la part de Juanjo Hierro Envoy? : mardi 24 juillet 2012 00:27 ? : fiware-wpl at lists.fi-ware.eu; fiware-wpa at lists.fi-ware.eu Cc : fiware-pcc at lists.fi-ware.eu Objet : [Fiware-pcc] On formula for delivering software and Installation/Administration Guidelines marked as PP and linked to GEs Dear colleagues, I have had a long conversation with our PO this afternoon and we managed to agree on the formula for delivering the software and Installation/Administration Guidelines linked to the GEs that are marked as PP. The agreement is that both deliverables can be made available to the EC for auditing/reviewing purposes on the servers (indeed, VMs) where the software will actually be hosted, this meaning either servers located in the datacenter linked to the FI-WARE Testbed or remote servers (this only applying to those cases where it was agreed that the GE would not be deployed on the FI-WARE Testbed datacenter). We just need to generate a document that identifies the server where the software (binaries) and Installation/Administration Guides will be available and also explains how the EC can get access to the binaries and Installation/Administration Guides. Note that software must be binaries and not VM images. I have push for adoption of this solution as a mean to cover all the concerns expressed by some of the partners. Based on the Collaboration Agreement signed by all parties, FI-WARE GE software binaries and Installation/Administration Guides will not be made available to FI-PPP partners unless they: * request them in writing * require them because they need them for execution of their respective projects within the FI-PPP * can explain that using them "as a Service" through a well defined API (from the FI-WARE Testbed or any other alternative hosting facility) is not enough * an agreement is signed between the GE owner and the FI-PPP partner requesting the software Note that while it's unlikely that a UC project may require access to binaries and Installation/Administration Guides in this first phase of the program ... I expect that these three conditions may fulfilled by several trials in phase 2 and 3 of the FI-PPP. Nevertheless, there will be some few cases where the above conditions would apply even in the current, first phase of the program. It is clear regarding the Cloud Proxy GE in my opinion, but maybe also true with respect to some IoT gateway -related GEs or other GEs that UC projects may need to deploy in local infrastructures. We will keep the "FI-WARE PPP Restricted" project only accessible to FI-WARE partners and the EC (plus reviewers). We will also probably rename it as "FI-WARE Review". GE owners are free to officially deliver their software (binaries) and Installation/Administration Guides on the SVN and docman tools of that project. They may also deliver only foreground software there. This would be an alternative to creation of a dedicated space, at the servers where the software is hosted, where the software should easily be identifiable against any other software. Actually, we will deliver a document to the EC where we will declare that the software is available in the SVN and docman system of this project in FusionForge. Please let us know what of the two options you will choose before end of this week. That way, we will be able to organize the final package of deliverables. In the case that any UC project requires access to binaries and Installation/Administration Guides of a given FI-WARE GE, the above conditions should be met and then we will discuss how the software should be delivered. Hope it helps. Don't hesitate to ask any doubt or question you may have. Cheers, -- Juanjo ------------- Product Development and Innovation (PDI) - Telefonica Digital website: www.tid.es email: jhierro at tid.es twitter: twitter.com/JuanjoHierro FI-WARE (European Future Internet Core Platform) Chief Architect You can follow FI-WARE at: website: http://www.fi-ware.eu facebook: http://www.facebook.com/pages/FI-WARE/251366491587242 twitter: http://twitter.com/FIware linkedIn: http://www.linkedin.com/groups/FIWARE-4239932 ________________________________ Este mensaje se dirige exclusivamente a su destinatario. Puede consultar nuestra pol?tica de env?o y recepci?n de correo electr?nico en el enlace situado m?s abajo. This message is intended exclusively for its addressee. We only send and receive email on the basis of the terms set out at. http://www.tid.es/ES/PAGINAS/disclaimer.aspx -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- An embedded and charset-unspecified text was scrubbed... Name: ATT00001.txt URL: From pascal.bisson at thalesgroup.com Tue Jul 24 12:50:24 2012 From: pascal.bisson at thalesgroup.com (BISSON Pascal) Date: Tue, 24 Jul 2012 12:50:24 +0200 Subject: [Fiware-security] FI-WARE - Security - D2.5a (Your input is n ow requested in complement of mine) In-Reply-To: References: Message-ID: <21273_1343127030_500E7DF6_21273_6247_1_6b1d3537-ebd7-49a9-9392-0cecba4e09cb@THSONEA01HUB02P.one.grp> Ok will do thanks for your input. BR Pascal De : Egan, Richard [mailto:Richard.Egan at uk.thalesgroup.com] Envoy? : mardi 24 juillet 2012 10:52 ? : BISSON Pascal; 'DI CERBO, Francesco'; 'Seidl, Robert (NSN - DE/Munich)'; GIDOIN Daniel; 'Rodrigo Diaz Rodriguez'; 'TRABELSI, Slim'; 'Michael Osborne'; 'Antonio Garcia Vazquez' Cc : LELEU Philippe; 'fiware-security at lists.fi-ware.eu' Objet : RE: [Fiware-security] FI-WARE - Security - D2.5a (Your input is n ow requested in complement of mine) Pascal, I cannot easily access the googledoc, so perhaps you could paste the following text into the appropriate part of the document Content Based Security Security capabilities are essential for third party innovation but they are an area where third parties often lack the skills to develop their own solutions. The Content Based Security enabler is offered as a software service to help third party innovators incorporate application level security into their offering. By specifying open interfaces for both content producing and content consuming applications, it is feasible for application developers to incorporate content-based security into their products and services without having to develop the underlying security mechanisms that underpin content-based security. Security Monitoring The visualisation framework in the Security Monitoring GE has been architected to facilitate the incorporation of new visualisations by third parties. A flexibility point is introduced between the Data Broker component of the visualisation framework, which is responsible for converting the various monitoring data sources into a common format, and the visualisation component, which renders the common format data. This make it possible for third parties to exploit the common format when creating new visualistions, without having to provide interfaces to the pre-existing Security Monitoring data sources. Thanks Richard ________________________________ From: fiware-security-bounces at lists.fi-ware.eu [mailto:fiware-security-bounces at lists.fi-ware.eu] On Behalf Of BISSON Pascal Sent: 24 July 2012 08:58 To: DI CERBO, Francesco; Seidl, Robert (NSN - DE/Munich); GIDOIN Daniel; Rodrigo Diaz Rodriguez; TRABELSI, Slim; Michael Osborne; Antonio Garcia Vazquez Cc: LELEU Philippe; fiware-security at lists.fi-ware.eu Subject: Re: [Fiware-security] FI-WARE - Security - D2.5a (Your input is now requested in complement of mine) Ok Thanks for this add-on Francesco. BR Pascal De : DI CERBO, Francesco [mailto:francesco.di.cerbo at sap.com] Envoy? : mardi 24 juillet 2012 01:32 ? : BISSON Pascal; Seidl, Robert (NSN - DE/Munich); GIDOIN Daniel; Rodrigo Diaz Rodriguez; TRABELSI, Slim; Michael Osborne; Antonio Garcia Vazquez Cc : LELEU Philippe; fiware-security at lists.fi-ware.eu Objet : RE: FI-WARE - Security - D2.5a (Your input is now requested in complement of mine) Hello Pascal, I contributed with a few lines on USDL-SEC, they are already in the document. 3rd Party involvement in USDL-SEC can be significant, due to its open design principles. USDL-SEC permits to complement USDL service descriptions with security-specific non-functional information, through the Linked Open Data paradigm. With the same paradigm, also USDL-SEC can be complemented, for example adding additional details regarding a particular technology; 3rd Party here can integrate their contributions to the specification, besides being able to describe the security features of their services. Best, Francesco From: BISSON Pascal [mailto:pascal.bisson at thalesgroup.com] Sent: lundi 23 juillet 2012 16:51 To: Seidl, Robert (NSN - DE/Munich); GIDOIN Daniel; Rodrigo Diaz Rodriguez; DI CERBO, Francesco; TRABELSI, Slim; Michael Osborne; Antonio Garcia Vazquez Cc: BISSON Pascal; LELEU Philippe; fiware-security at lists.fi-ware.eu Subject: FI-WARE - Security - D2.5a (Your input is now requested in complement of mine) Importance: High Dear Task leads and Caretakers, This just to inform you that to give a start from our Security Chapter side to D2.5a I did enter some text. This text is for you to check and complete with your input (reflecting your thoughts and the ones of GE owners attached to your task - that btw you should have consulted already ...) https://docs.google.com/document/d/1HnmGAJ7LuHJs9oBIhVwbR9LuKMK-Xhb_c7SF-EVQi_Q/edit?pli=1#heading=h.w9bqlgh5tq19 Bear in mind that by EOB tomorrow you should have contributed your Task input. This as per minutes of last audio conference. Counting on you all to have it done. Thanks in advance for your cooperation and support. BR Pascal PS: Don't hesitate as add-ons you may think of in complement of the text I already provided to illustrate the added value (for the sake of 3rd party innovation) resulting from your GEs design to each of the stakeholder to which it applies. Please consider the environment before printing a hard copy of this e-mail. The information contained in this e-mail is confidential. It is intended only for the stated addressee(s) and access to it by any other person is unauthorised. If you are not an addressee, you must not disclose, copy, circulate or in any other way use or rely on the information contained in this e-mail. Such unauthorised use may be unlawful. If you have received this e-mail in error, please inform us immediately on +44 (0)118 986 8601 and delete it and all copies from your system. Thales Research and Technology (UK) Limited. A company registered in England and Wales. Registered Office: 2 Dashwood Lang Road, The Bourne Business Park, Addlestone, Weybridge, Surrey KT15 2NX. Registered Number: 774298 Thales UK Limited. A company registered in England and Wales. Registered Office: 2 Dashwood Lang Road, The Bourne Business Park, Addlestone, Weybridge, Surrey KT15 2NX. Registered Number: 868273 -------------- next part -------------- An HTML attachment was scrubbed... URL: From pascal.bisson at thalesgroup.com Tue Jul 24 13:06:43 2012 From: pascal.bisson at thalesgroup.com (BISSON Pascal) Date: Tue, 24 Jul 2012 13:06:43 +0200 Subject: [Fiware-security] FI-WARE - Security - D2.5a (Your input is n ow requested in complement of mine) In-Reply-To: <9739B018F0466A4CAB10A9DABBEBF5A6E9DD1A@DEMUEXC027.nsn-intra.net> References: <9739B018F0466A4CAB10A9DABBEBF5A6E9DD1A@DEMUEXC027.nsn-intra.net> Message-ID: <7034_1343128007_500E81C7_7034_4549_1_627eabfd-5cec-466d-8557-8f1b7dda9f71@THSONEA01HUB05P.one.grp> Thanks Robert, will add. De : Seidl, Robert (NSN - DE/Munich) [mailto:robert.seidl at nsn.com] Envoy? : mardi 24 juillet 2012 11:49 ? : EGAN Richard; BISSON Pascal; DI CERBO, Francesco; GIDOIN Daniel; Rodrigo Diaz Rodriguez; TRABELSI, Slim; Michael Osborne; Antonio Garcia Vazquez Cc : LELEU Philippe; fiware-security at lists.fi-ware.eu Objet : RE: [Fiware-security] FI-WARE - Security - D2.5a (Your input is n ow requested in complement of mine) Here some text for IDM and Privacy. @ Francesco: If you think some sentences for Data Handling would be worth mentioning please add them. ____________________________ The Identity Management Generic Enabler acts as the identity provider; it provides federated identity for Web-SSO and attributes for an authenticated user; identity federation and single-sign-on support ease of use. Given the heterogeneity of the FI Core Platform, identities should be usable across trust domains. The identity management approach used in FI-WARE will combine established technologies and bridge them where possible, thus offering a flexible system being used by 3rd parties. Europe has taken a specific direction with respect to privacy protection. The right to respect for private and family life, home and correspondence are deeply rooted in the European Convention on Human Rights and have since been the foundation for extensive regulation on privacy and data protection. Privacy protection in Europe is geared towards protection of a right to respect and personal dignity as well as to data minimisation and minimum disclosure as basic implementation principles on the infrastructural level. FI-WARE is providing Attribute Based Credential (ABC) mechanisms in order to enable trustworthy identity management and trust relations between users and service providers while respecting privacy. 3rd party instances can make use of ABC functionality and will be enabled providing privacy respecting services. Greetings Robert From: ext Egan, Richard [mailto:Richard.Egan at uk.thalesgroup.com] Sent: Tuesday, July 24, 2012 10:52 AM To: 'BISSON Pascal'; 'DI CERBO, Francesco'; Seidl, Robert (NSN - DE/Munich); 'GIDOIN Daniel'; 'Rodrigo Diaz Rodriguez'; 'TRABELSI, Slim'; 'Michael Osborne'; 'Antonio Garcia Vazquez' Cc: 'LELEU Philippe'; 'fiware-security at lists.fi-ware.eu' Subject: RE: [Fiware-security] FI-WARE - Security - D2.5a (Your input is n ow requested in complement of mine) Pascal, I cannot easily access the googledoc, so perhaps you could paste the following text into the appropriate part of the document Content Based Security Security capabilities are essential for third party innovation but they are an area where third parties often lack the skills to develop their own solutions. The Content Based Security enabler is offered as a software service to help third party innovators incorporate application level security into their offering. By specifying open interfaces for both content producing and content consuming applications, it is feasible for application developers to incorporate content-based security into their products and services without having to develop the underlying security mechanisms that underpin content-based security. Security Monitoring The visualisation framework in the Security Monitoring GE has been architected to facilitate the incorporation of new visualisations by third parties. A flexibility point is introduced between the Data Broker component of the visualisation framework, which is responsible for converting the various monitoring data sources into a common format, and the visualisation component, which renders the common format data. This make it possible for third parties to exploit the common format when creating new visualistions, without having to provide interfaces to the pre-existing Security Monitoring data sources. Thanks Richard ________________________________ From: fiware-security-bounces at lists.fi-ware.eu [mailto:fiware-security-bounces at lists.fi-ware.eu] On Behalf Of BISSON Pascal Sent: 24 July 2012 08:58 To: DI CERBO, Francesco; Seidl, Robert (NSN - DE/Munich); GIDOIN Daniel; Rodrigo Diaz Rodriguez; TRABELSI, Slim; Michael Osborne; Antonio Garcia Vazquez Cc: LELEU Philippe; fiware-security at lists.fi-ware.eu Subject: Re: [Fiware-security] FI-WARE - Security - D2.5a (Your input is now requested in complement of mine) Ok Thanks for this add-on Francesco. BR Pascal De : DI CERBO, Francesco [mailto:francesco.di.cerbo at sap.com] Envoy? : mardi 24 juillet 2012 01:32 ? : BISSON Pascal; Seidl, Robert (NSN - DE/Munich); GIDOIN Daniel; Rodrigo Diaz Rodriguez; TRABELSI, Slim; Michael Osborne; Antonio Garcia Vazquez Cc : LELEU Philippe; fiware-security at lists.fi-ware.eu Objet : RE: FI-WARE - Security - D2.5a (Your input is now requested in complement of mine) Hello Pascal, I contributed with a few lines on USDL-SEC, they are already in the document. 3rd Party involvement in USDL-SEC can be significant, due to its open design principles. USDL-SEC permits to complement USDL service descriptions with security-specific non-functional information, through the Linked Open Data paradigm. With the same paradigm, also USDL-SEC can be complemented, for example adding additional details regarding a particular technology; 3rd Party here can integrate their contributions to the specification, besides being able to describe the security features of their services. Best, Francesco From: BISSON Pascal [mailto:pascal.bisson at thalesgroup.com] Sent: lundi 23 juillet 2012 16:51 To: Seidl, Robert (NSN - DE/Munich); GIDOIN Daniel; Rodrigo Diaz Rodriguez; DI CERBO, Francesco; TRABELSI, Slim; Michael Osborne; Antonio Garcia Vazquez Cc: BISSON Pascal; LELEU Philippe; fiware-security at lists.fi-ware.eu Subject: FI-WARE - Security - D2.5a (Your input is now requested in complement of mine) Importance: High Dear Task leads and Caretakers, This just to inform you that to give a start from our Security Chapter side to D2.5a I did enter some text. This text is for you to check and complete with your input (reflecting your thoughts and the ones of GE owners attached to your task - that btw you should have consulted already ...) https://docs.google.com/document/d/1HnmGAJ7LuHJs9oBIhVwbR9LuKMK-Xhb_c7SF-EVQi_Q/edit?pli=1#heading=h.w9bqlgh5tq19 Bear in mind that by EOB tomorrow you should have contributed your Task input. This as per minutes of last audio conference. Counting on you all to have it done. Thanks in advance for your cooperation and support. BR Pascal PS: Don't hesitate as add-ons you may think of in complement of the text I already provided to illustrate the added value (for the sake of 3rd party innovation) resulting from your GEs design to each of the stakeholder to which it applies. Please consider the environment before printing a hard copy of this e-mail. The information contained in this e-mail is confidential. It is intended only for the stated addressee(s) and access to it by any other person is unauthorised. If you are not an addressee, you must not disclose, copy, circulate or in any other way use or rely on the information contained in this e-mail. Such unauthorised use may be unlawful. If you have received this e-mail in error, please inform us immediately on +44 (0)118 986 8601 and delete it and all copies from your system. Thales Research and Technology (UK) Limited. A company registered in England and Wales. Registered Office: 2 Dashwood Lang Road, The Bourne Business Park, Addlestone, Weybridge, Surrey KT15 2NX. Registered Number: 774298 Thales UK Limited. A company registered in England and Wales. Registered Office: 2 Dashwood Lang Road, The Bourne Business Park, Addlestone, Weybridge, Surrey KT15 2NX. Registered Number: 868273 -------------- next part -------------- An HTML attachment was scrubbed... URL: From antonio.garcia at atosresearch.eu Tue Jul 24 15:52:53 2012 From: antonio.garcia at atosresearch.eu (Antonio Garcia Vazquez) Date: Tue, 24 Jul 2012 15:52:53 +0200 Subject: [Fiware-security] FI-WARE - Security - D2.5a (Your input is now requested in complement of mine) In-Reply-To: <2447_1343055055_500D64CF_2447_1056_1_fb281647-7e93-4391-b9a5-4a4e95e1dde9@THSONEA01HUB05P.one.grp> References: <2447_1343055055_500D64CF_2447_1056_1_fb281647-7e93-4391-b9a5-4a4e95e1dde9@THSONEA01HUB05P.one.grp> Message-ID: <8E18929A6C79354FB4BD9BD4636DCB06CEFD22@INTMAIL03.es.int.atosorigin.com> Pascal, Our contribution from Task 8.3 Context-based security and compliance: The Context-based security and compliance Generic Enabler selects, as a response of a security request from end-user applications, the most suitable security enabler found in the FI-WARE marketplace that fulfills the application security requirements. Allowing in this way applications to be constantly up-to-date and adapted, in terms of security mechanisms, to the dynamic and unpredictable changes done in context and regulations. This partition between security and applications allows third parties to abstract from security and to concentrate on the business logic of their applications, making in this way more innovative and specialized applications, but still secure. In the same way, this enabler also allows security services developers a way to advertise their solutions. Furthermore any security enabler provided by any developer will be immediately accessible by user applications at the very moment it has been registered into the FI-WARE market place. These functionalities are possible because the decision taken in the choice of the USDL-SEC language to both describe security requirements and compare security features offered by optional security enablers. Best Regards ************************************ * Antonio Garc?a-V?zquez * * (+34) 91 214 9384 * * antonio.garcia at atosresearch.eu * ************************************ From: BISSON Pascal [mailto:pascal.bisson at thalesgroup.com] Sent: lunes, 23 de julio de 2012 16:51 To: Seidl, Robert (NSN - DE/Munich); GIDOIN Daniel; Rodrigo Diaz Rodriguez; DI CERBO, Francesco; TRABELSI, Slim; Michael Osborne; Antonio Garcia Vazquez Cc: BISSON Pascal; LELEU Philippe; fiware-security at lists.fi-ware.eu Subject: FI-WARE - Security - D2.5a (Your input is now requested in complement of mine) Importance: High Dear Task leads and Caretakers, This just to inform you that to give a start from our Security Chapter side to D2.5a I did enter some text. This text is for you to check and complete with your input (reflecting your thoughts and the ones of GE owners attached to your task - that btw you should have consulted already ...) https://docs.google.com/document/d/1HnmGAJ7LuHJs9oBIhVwbR9LuKMK-Xhb_c7SF-EVQi_Q/edit?pli=1#heading=h.w9bqlgh5tq19 Bear in mind that by EOB tomorrow you should have contributed your Task input. This as per minutes of last audio conference. Counting on you all to have it done. Thanks in advance for your cooperation and support. BR Pascal PS: Don't hesitate as add-ons you may think of in complement of the text I already provided to illustrate the added value (for the sake of 3rd party innovation) resulting from your GEs design to each of the stakeholder to which it applies. ------------------------------------------------------------------ This e-mail and the documents attached are confidential and intended solely for the addressee; it may also be privileged. If you receive this e-mail in error, please notify the sender immediately and destroy it. As its integrity cannot be secured on the Internet, the Atos group liability cannot be triggered for the message content. Although the sender endeavours to maintain a computer virus-free network, the sender does not warrant that this transmission is virus-free and will not be liable for any damages resulting from any virus transmitted. Este mensaje y los ficheros adjuntos pueden contener informacion confidencial destinada solamente a la(s) persona(s) mencionadas anteriormente pueden estar protegidos por secreto profesional. Si usted recibe este correo electronico por error, gracias por informar inmediatamente al remitente y destruir el mensaje. Al no estar asegurada la integridad de este mensaje sobre la red, Atos no se hace responsable por su contenido. Su contenido no constituye ningun compromiso para el grupo Atos, salvo ratificacion escrita por ambas partes. Aunque se esfuerza al maximo por mantener su red libre de virus, el emisor no puede garantizar nada al respecto y no sera responsable de cualesquiera danos que puedan resultar de una transmision de virus. ------------------------------------------------------------------ -------------- next part -------------- An HTML attachment was scrubbed... URL: From antonio.garcia at atosresearch.eu Tue Jul 24 15:59:39 2012 From: antonio.garcia at atosresearch.eu (Antonio Garcia Vazquez) Date: Tue, 24 Jul 2012 15:59:39 +0200 Subject: [Fiware-security] FI-WARE - Security - D2.5a (Your input is now requested in complement of mine) In-Reply-To: <2447_1343055055_500D64CF_2447_1056_1_fb281647-7e93-4391-b9a5-4a4e95e1dde9@THSONEA01HUB05P.one.grp> References: <2447_1343055055_500D64CF_2447_1056_1_fb281647-7e93-4391-b9a5-4a4e95e1dde9@THSONEA01HUB05P.one.grp> Message-ID: <8E18929A6C79354FB4BD9BD4636DCB06CEFD24@INTMAIL03.es.int.atosorigin.com> Pascal I've changed OSSIM paragraph on 3.6.1 section with the following one, trying to describe in the best way the development to be done: Choice of Open Source Security Information Management (OSSIM) as the basis of the Service Level SIEM. The choice of OSSIM as part of this GE was influenced by the fact that it is it is one of the most extended open-source SIEM solutions, with a huge community supporting it and using it, and it is the base of more than 30 security tools developed on top of this framework. OSSIM is in addition a result of the work of the open source community that has acted as a strong promoter of its use. This new Service Level SIEM will allow users to handle large volumes of information in a distributed manner avoiding performance problems others SIEM's currently have and providing elasticity for the event processing in order to minimize the used resources to the minimal. This will allow third parties to develop new innovative solutions on top of it, mixing and adding new sources of security events (such as physical security) and to put in practice more complex security rules. Best Regards ************************************ * Antonio Garc?a-V?zquez * * (+34) 91 214 9384 * * antonio.garcia at atosresearch.eu * ************************************ From: BISSON Pascal [mailto:pascal.bisson at thalesgroup.com] Sent: lunes, 23 de julio de 2012 16:51 To: Seidl, Robert (NSN - DE/Munich); GIDOIN Daniel; Rodrigo Diaz Rodriguez; DI CERBO, Francesco; TRABELSI, Slim; Michael Osborne; Antonio Garcia Vazquez Cc: BISSON Pascal; LELEU Philippe; fiware-security at lists.fi-ware.eu Subject: FI-WARE - Security - D2.5a (Your input is now requested in complement of mine) Importance: High Dear Task leads and Caretakers, This just to inform you that to give a start from our Security Chapter side to D2.5a I did enter some text. This text is for you to check and complete with your input (reflecting your thoughts and the ones of GE owners attached to your task - that btw you should have consulted already ...) https://docs.google.com/document/d/1HnmGAJ7LuHJs9oBIhVwbR9LuKMK-Xhb_c7SF-EVQi_Q/edit?pli=1#heading=h.w9bqlgh5tq19 Bear in mind that by EOB tomorrow you should have contributed your Task input. This as per minutes of last audio conference. Counting on you all to have it done. Thanks in advance for your cooperation and support. BR Pascal PS: Don't hesitate as add-ons you may think of in complement of the text I already provided to illustrate the added value (for the sake of 3rd party innovation) resulting from your GEs design to each of the stakeholder to which it applies. ------------------------------------------------------------------ This e-mail and the documents attached are confidential and intended solely for the addressee; it may also be privileged. If you receive this e-mail in error, please notify the sender immediately and destroy it. As its integrity cannot be secured on the Internet, the Atos group liability cannot be triggered for the message content. Although the sender endeavours to maintain a computer virus-free network, the sender does not warrant that this transmission is virus-free and will not be liable for any damages resulting from any virus transmitted. Este mensaje y los ficheros adjuntos pueden contener informacion confidencial destinada solamente a la(s) persona(s) mencionadas anteriormente pueden estar protegidos por secreto profesional. Si usted recibe este correo electronico por error, gracias por informar inmediatamente al remitente y destruir el mensaje. Al no estar asegurada la integridad de este mensaje sobre la red, Atos no se hace responsable por su contenido. Su contenido no constituye ningun compromiso para el grupo Atos, salvo ratificacion escrita por ambas partes. Aunque se esfuerza al maximo por mantener su red libre de virus, el emisor no puede garantizar nada al respecto y no sera responsable de cualesquiera danos que puedan resultar de una transmision de virus. ------------------------------------------------------------------ -------------- next part -------------- An HTML attachment was scrubbed... URL: From alexandre.boeglin at inria.fr Tue Jul 24 21:19:00 2012 From: alexandre.boeglin at inria.fr (Alexandre Boeglin) Date: Tue, 24 Jul 2012 21:19:00 +0200 Subject: [Fiware-security] FI-WARE - Security - D2.5a (Your input is now requested in complement of mine) In-Reply-To: <2447_1343055055_500D64CF_2447_1056_1_fb281647-7e93-4391-b9a5-4a4e95e1dde9@THSONEA01HUB05P.one.grp> References: <2447_1343055055_500D64CF_2447_1056_1_fb281647-7e93-4391-b9a5-4a4e95e1dde9@THSONEA01HUB05P.one.grp> Message-ID: <20120724191859.GA10607@inria.fr> Dear all, Here's our contribution to D2.5a. For now, I only included the paragraph about the malware detection GE: since it's the only one that was discussed during the first release cycle, maybe it would be more consistent to include the other paragraphs starting D2.5b. But if you feel otherwise, feel free to add them. """ The Malware Detection Optional Security Enabler is built around a rather simple Web Service described using the WSDL language, and implemented using the SOAP protocol. Both are freely available and widely used W3C standards, thus allowing on any third party application developer to easily interface with and benefit from it, as well as allowing them to replace the malware detection engine at its core by another asset of their choice, provided that it offers a similar set of features. The IoT Internet Protocols Fuzzer Generic Enabler will be provided under a GPL open source license, allowing any developer to study and adapt it to fit their particular needs. It is developed as an extension of the Scapy packet manipulation tool, which also allows third party developers to easily extend this GE to support new protocols. The Vulnerability Assessment Generic Enabler will be provided under a GPL open source license, allowing any developer to study and adapt it to fit their particular needs. It uses OVAL as its input, which allows it to benefit from the community-contributed OVAL definition repositories. Although it is developed targetting the CFEngine configuration management system, the fact that it is published under an open source license allows third parties to adapt it to work with other configuration management systems. The Andoird IPFIX Probe Optional Security Enabler will be provided under a GPL open source license, allowing any developer to study and adapt it to fit their particular needs. Furthermore, it exports data following the IPFIX standard published by the IETF, which allows it to be integrated with most of the existing monitoring tools. """ Best regards, Alexandre Le lundi 23 juillet 2012 ? 16:50, BISSON Pascal a ?crit: > Dear Task leads and Caretakers, > > This just to inform you that to give a start from our Security Chapter side to D2.5a I did enter some text. > > This text is for you to check and complete with your input (reflecting your thoughts and the ones of GE owners attached to your task - that btw you should have consulted already ...) > > https://docs.google.com/document/d/1HnmGAJ7LuHJs9oBIhVwbR9LuKMK-Xhb_c7SF-EVQi_Q/edit?pli=1#heading=h.w9bqlgh5tq19 > > Bear in mind that by EOB tomorrow you should have contributed your Task input. This as per minutes of last audio conference. Counting on you all to have it done. > > Thanks in advance for your cooperation and support. > > BR > Pascal > > > PS: Don't hesitate as add-ons you may think of in complement of the text I already provided to illustrate the added value (for the sake of 3rd party innovation) resulting from your GEs design to each of the stakeholder to which it applies. > > _______________________________________________ > Fiware-security mailing list > Fiware-security at lists.fi-ware.eu > http://lists.fi-ware.eu/listinfo/fiware-security -- Alexandre Boeglin ?quipe-Projet Madynes Inria -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/x-pkcs7-signature Size: 3058 bytes Desc: not available URL: From pascal.bisson at thalesgroup.com Wed Jul 25 10:04:32 2012 From: pascal.bisson at thalesgroup.com (BISSON Pascal) Date: Wed, 25 Jul 2012 10:04:32 +0200 Subject: [Fiware-security] TR: Review of Unit Test Plan (WP8 - Security) Message-ID: <17161_1343203477_500FA895_17161_3160_1_9f82e0bc-79d6-4cf7-bced-a0db1c58aba4@THSONEA01HUB04P.one.grp> Dear Colleagues, Here is the TID review report of Unit Test Plan & Report. As you will see it is not good in the sense there are a number of issues that if not corrected by each of you would lead to rejection of our deliverable by TID and so the costs with the penalties announced by TID. According to the attached review report the content you put to Unit Test Plan & Reporting for the GE you own is rejected Security Monitoring GE (Thales -> Daniel & al) rejected ! Identity Management GE (NSN - DT -> Robert & Wolfgang) rejected ! Data Handling GE (SAP -> Slim) rejected ! DB Anonimyzer GE (SAP -> Francesco) -> rejected ! Secure Storage Service (Thales -> Lucie) -> Rejected ! So please Daniel, Robert, Wolfgang, Slim, Francesco and Lucie look at the issues and add the necessary corrections for your content to D8.5a and so our deliverable to be accepted. Bear in mind the ultimate deadline to have them fixed is July 26th EOB as per decision taken by CA at last WPL/WPA. But to a on the safe side and did some review of the fixes it could be appropriate to have them fixed by today EOB. In any case here is what is stated in the minutes of Monday 23 WPL/WPA audio and that you should have in mind as the contract: "Results of this (TID) check will be provided by July 24. As a result of this checking, Unit Testing Plan can be: ? accepted ? rejected with a deadline on July 26th EOB to fix a number of identified issues Cost rejection measurements will be applied to GE owners failing to deliver fixed set of features by July 26th EOB." Counting on you all to have the issues for your GE fixed the sooner the better and according to the set and final deadline. Please acknowledge receipt of this email and let me know and Daniel once the issues have been fixed. Hearing from you BR Pascal -----Message d'origine----- De?: Miguel Carrillo [mailto:mcp at tid.es] Envoy??: mardi 24 juillet 2012 17:21 ??: BISSON Pascal; GIDOIN Daniel Cc?: JUAN JOSE HIERRO SUREDA Objet?: Review of Unit Test Plan (WP8 - Security) Dear Pascal & Daniel, This is the review of the Unit Testing plan. I am afraid this is the WP in the worst shape in all the project. As told by Juanjo, there is a very short time to put it right so I would suggest to react quickly as several participants are very near losing part of their reporting. A reminder in case it helps: I assume that you already have the Report ready to append at the end of the deliverable and that such manual complies with the guidelines (one single report, not one per GE). Best regards, Miguel -- ---------------------------------------------------------------------- _/ _/_/ Miguel Carrillo Pacheco _/ _/ _/ _/ Telef?nica Distrito Telef?nica _/ _/_/_/ _/ _/ Investigaci?n y Edifico Oeste 1, Planta 9 _/ _/ _/ _/ Desarrollo Ronda de la Comunicaci?n S/N _/ _/_/ 28050 Madrid (Spain) Tel: (+34) 91 483 26 77 e-mail: mcp at tid.es Follow FI-WARE on the net Website: http://www.fi-ware.eu Facebook: http://www.facebook.com/pages/FI-WARE/251366491587242 Twitter: http://twitter.com/Fiware LinkedIn: http://www.linkedin.com/groups/FIWARE-4239932 ---------------------------------------------------------------------- ________________________________ Este mensaje se dirige exclusivamente a su destinatario. Puede consultar nuestra pol?tica de env?o y recepci?n de correo electr?nico en el enlace situado m?s abajo. This message is intended exclusively for its addressee. We only send and receive email on the basis of the terms set out at. http://www.tid.es/ES/PAGINAS/disclaimer.aspx -------------- next part -------------- A non-text attachment was scrubbed... Name: Audit_Release_1.0_b_WP8.xlsx Type: application/vnd.openxmlformats-officedocument.spreadsheetml.sheet Size: 11966 bytes Desc: Audit_Release_1.0_b_WP8.xlsx URL: From pascal.bisson at thalesgroup.com Wed Jul 25 10:09:20 2012 From: pascal.bisson at thalesgroup.com (BISSON Pascal) Date: Wed, 25 Jul 2012 10:09:20 +0200 Subject: [Fiware-security] FI-WARE - Security - D2.5a (Your input is now requested in complement of mine) In-Reply-To: <20120724191859.GA10607@inria.fr> References: <2447_1343055055_500D64CF_2447_1056_1_fb281647-7e93-4391-b9a5-4a4e95e1dde9@THSONEA01HUB05P.one.grp> <20120724191859.GA10607@inria.fr> Message-ID: <3671_1343203766_500FA9B6_3671_15617_1_026b39ea-2102-4d2c-8404-323af0670471@THSONEA01HUB01P.one.grp> Thanks Alexandre, I support you in only adding the text related to Malware Detection Optional Security Enabler (as you did) for 2.5a and keep the rest for D2.5b. BR Pascal -----Message d'origine----- De?: Alexandre Boeglin [mailto:alexandre.boeglin at inria.fr] Envoy??: mardi 24 juillet 2012 21:19 ??: BISSON Pascal Cc?: Seidl, Robert (NSN - DE/Munich); GIDOIN Daniel; Rodrigo Diaz Rodriguez; DI CERBO, Francesco; TRABELSI, Slim; Michael Osborne; Antonio Garcia Vazquez; LELEU Philippe; fiware-security at lists.fi-ware.eu Objet?: Re: [Fiware-security] FI-WARE - Security - D2.5a (Your input is now requested in complement of mine) Dear all, Here's our contribution to D2.5a. For now, I only included the paragraph about the malware detection GE: since it's the only one that was discussed during the first release cycle, maybe it would be more consistent to include the other paragraphs starting D2.5b. But if you feel otherwise, feel free to add them. """ The Malware Detection Optional Security Enabler is built around a rather simple Web Service described using the WSDL language, and implemented using the SOAP protocol. Both are freely available and widely used W3C standards, thus allowing on any third party application developer to easily interface with and benefit from it, as well as allowing them to replace the malware detection engine at its core by another asset of their choice, provided that it offers a similar set of features. The IoT Internet Protocols Fuzzer Generic Enabler will be provided under a GPL open source license, allowing any developer to study and adapt it to fit their particular needs. It is developed as an extension of the Scapy packet manipulation tool, which also allows third party developers to easily extend this GE to support new protocols. The Vulnerability Assessment Generic Enabler will be provided under a GPL open source license, allowing any developer to study and adapt it to fit their particular needs. It uses OVAL as its input, which allows it to benefit from the community-contributed OVAL definition repositories. Although it is developed targetting the CFEngine configuration management system, the fact that it is published under an open source license allows third parties to adapt it to work with other configuration management systems. The Andoird IPFIX Probe Optional Security Enabler will be provided under a GPL open source license, allowing any developer to study and adapt it to fit their particular needs. Furthermore, it exports data following the IPFIX standard published by the IETF, which allows it to be integrated with most of the existing monitoring tools. """ Best regards, Alexandre Le lundi 23 juillet 2012 ? 16:50, BISSON Pascal a ?crit: > Dear Task leads and Caretakers, > > This just to inform you that to give a start from our Security Chapter side to D2.5a I did enter some text. > > This text is for you to check and complete with your input (reflecting your thoughts and the ones of GE owners attached to your task - that btw you should have consulted already ...) > > https://docs.google.com/document/d/1HnmGAJ7LuHJs9oBIhVwbR9LuKMK-Xhb_c7SF-EVQi_Q/edit?pli=1#heading=h.w9bqlgh5tq19 > > Bear in mind that by EOB tomorrow you should have contributed your Task input. This as per minutes of last audio conference. Counting on you all to have it done. > > Thanks in advance for your cooperation and support. > > BR > Pascal > > > PS: Don't hesitate as add-ons you may think of in complement of the text I already provided to illustrate the added value (for the sake of 3rd party innovation) resulting from your GEs design to each of the stakeholder to which it applies. > > _______________________________________________ > Fiware-security mailing list > Fiware-security at lists.fi-ware.eu > http://lists.fi-ware.eu/listinfo/fiware-security -- Alexandre Boeglin ?quipe-Projet Madynes Inria From francesco.di.cerbo at sap.com Wed Jul 25 15:09:19 2012 From: francesco.di.cerbo at sap.com (DI CERBO, Francesco) Date: Wed, 25 Jul 2012 15:09:19 +0200 Subject: [Fiware-security] Review of Unit Test Plan (WP8 - Security) In-Reply-To: <17161_1343203477_500FA895_17161_3160_1_9f82e0bc-79d6-4cf7-bced-a0db1c58aba4@THSONEA01HUB04P.one.grp> References: <17161_1343203477_500FA895_17161_3160_1_9f82e0bc-79d6-4cf7-bced-a0db1c58aba4@THSONEA01HUB04P.one.grp> Message-ID: <71C0C7C7A712EE4CA636EDFD663B4E27048CA19019@DEWDFECCR09.wdf.sap.corp> Hello Pascal, all, DB Anonymizer and Data Handling unit test plans have been updated as requested. Best, Francesco > -----Original Message----- > From: BISSON Pascal [mailto:pascal.bisson at thalesgroup.com] > Sent: mercredi 25 juillet 2012 10:05 > To: GIDOIN Daniel; Seidl, Robert (NSN - DE/Munich); > Wolfgang.Steigerwald at telekom.de; Meyer, Gerald (NSN - DE/Munich); > TRABELSI, Slim; DI CERBO, Francesco; GASPARD Lucie > Cc: BISSON Pascal; LELEU Philippe; fiware-security at lists.fi-ware.eu > Subject: TR: Review of Unit Test Plan (WP8 - Security) > Importance: High > > Dear Colleagues, > > Here is the TID review report of Unit Test Plan & Report. As you will see it is not > good in the sense there are a number of issues that if not corrected by each of > you would lead to rejection of our deliverable by TID and so the costs with the > penalties announced by TID. > > According to the attached review report the content you put to Unit Test Plan & > Reporting for the GE you own is rejected > Security Monitoring GE (Thales -> Daniel & al) rejected ! > Identity Management GE (NSN - DT -> Robert & Wolfgang) rejected ! > Data Handling GE (SAP -> Slim) rejected ! > DB Anonimyzer GE (SAP -> Francesco) -> rejected ! > Secure Storage Service (Thales -> Lucie) -> Rejected ! > > So please Daniel, Robert, Wolfgang, Slim, Francesco and Lucie look at the issues > and add the necessary corrections for your content to D8.5a and so our > deliverable to be accepted. > > Bear in mind the ultimate deadline to have them fixed is July 26th EOB as per > decision taken by CA at last WPL/WPA. But to a on the safe side and did some > review of the fixes it could be appropriate to have them fixed by today EOB. > > In any case here is what is stated in the minutes of Monday 23 WPL/WPA audio > and that you should have in mind as the contract: > > "Results of this (TID) check will be provided by July 24. As a result of this > checking, Unit > Testing Plan can be: > ? accepted > ? rejected with a deadline on July 26th EOB to fix a number of identified issues > > Cost rejection measurements will be applied to GE owners failing to deliver fixed > set of > features by July 26th EOB." > > > Counting on you all to have the issues for your GE fixed the sooner the better > and according to the set and final deadline. > > Please acknowledge receipt of this email and let me know and Daniel once the > issues have been fixed. > > Hearing from you > > BR > Pascal > > > > -----Message d'origine----- > De?: Miguel Carrillo [mailto:mcp at tid.es] > Envoy??: mardi 24 juillet 2012 17:21 > ??: BISSON Pascal; GIDOIN Daniel > Cc?: JUAN JOSE HIERRO SUREDA > Objet?: Review of Unit Test Plan (WP8 - Security) > > Dear Pascal & Daniel, > > This is the review of the Unit Testing plan. I am afraid this is the WP in the worst > shape in all the project. As told by Juanjo, there is a very short time to put it right > so I would suggest to react quickly as several participants are very near losing > part of their reporting. > > A reminder in case it helps: I assume that you already have the Report ready to > append at the end of the deliverable and that such manual complies with the > guidelines (one single report, not one per GE). > > Best regards, > > Miguel > > -- > ---------------------------------------------------------------------- > _/ _/_/ Miguel Carrillo Pacheco > _/ _/ _/ _/ Telef?nica Distrito Telef?nica > _/ _/_/_/ _/ _/ Investigaci?n y Edifico Oeste 1, Planta 9 > _/ _/ _/ _/ Desarrollo Ronda de la Comunicaci?n S/N > _/ _/_/ 28050 Madrid (Spain) > Tel: (+34) 91 483 26 77 > > e-mail: mcp at tid.es > > Follow FI-WARE on the net > > Website: http://www.fi-ware.eu > Facebook: http://www.facebook.com/pages/FI-WARE/251366491587242 > Twitter: http://twitter.com/Fiware > LinkedIn: http://www.linkedin.com/groups/FIWARE-4239932 > ---------------------------------------------------------------------- > > > ________________________________ > > Este mensaje se dirige exclusivamente a su destinatario. Puede consultar nuestra > pol?tica de env?o y recepci?n de correo electr?nico en el enlace situado m?s > abajo. > This message is intended exclusively for its addressee. We only send and receive > email on the basis of the terms set out at. > http://www.tid.es/ES/PAGINAS/disclaimer.aspx From pascal.bisson at thalesgroup.com Wed Jul 25 15:12:16 2012 From: pascal.bisson at thalesgroup.com (BISSON Pascal) Date: Wed, 25 Jul 2012 15:12:16 +0200 Subject: [Fiware-security] FI-WARE - D8.5.1 - Message-ID: <14522_1343221943_500FF0B7_14522_269_1_bcf5381b-475a-4693-b040-07d0e052dd6d@THSONEA01HUB03P.one.grp> Dear Colleagues, This to remind you as per instructions/guidelines provided by TID for D8.5.1 (available at: https://forge.fi-ware.eu/plugins/mediawiki/wiki/fi-ware-private/index.php/FiwareDeliverableD3-8.5.1) that in complement of the issues raised by TID and that need to be fixed for each of the GE you know. I'd like to draw your attention not raised by Miguel but clearly stated in the guidelines and as such needed to be addressed if we want to have our deliverable a chance to be first complete and second accepted: 1. "a link to the section corresponding to the Unit Testing Plan document at the wiki will be included in a how-to-test field of the corresponding backlog entry. This will be a new field on the tracker that corresponds to the Feature. Please synchronize with your Chapter Lead, who is responsible for creating this new field in the tracker corresponding to your chapter." * Action Point 1: Being said I created this new field on the Security Tracker I would ask each of you for each of the features of you GE and part of the Unit test plan and report to go the feature on tracker and fill in the how-to-test field filling it with the proper link 2. "For the WPLs/WPAs: when you generate the final pdf files with the deliverable, you must fill in the Unit Testing Report and append it at the end of the pdf file. Download the template here and fill in adding as many blocks as GEs in the Release." * Action Point 2: I would ask here each of you to urgently send or re-send me your Unit Testing Report for the GE you own (for your convenience I reattached the document) o Unit Testing Report IdM GE NSN => Robert o Unit Testing Report IdM GE DT => Wolfgang o Unit Testing Report Security Monitoring GE => Daniel o Unit Testing Report Data Handling GE => Slim o Unit Testing Report DB Anonimyzer => Francesco o Unit Testing Report Secure Storage Service => Lucie Counting on each of you to urgently perform Action Points 1 & 2 asap and preferably by end of business today or early tomorrow in order for us do final check and produce the corresponding PDF version of D8.5.1 that in any case should be delivered tomorrow prior to 5pm. Please acknowledge receipt of this email and answer it promptly. Best Regards, Pascal -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: Unit Testing Report.docx Type: application/vnd.openxmlformats-officedocument.wordprocessingml.document Size: 13136 bytes Desc: Unit Testing Report.docx URL: From pascal.bisson at thalesgroup.com Wed Jul 25 15:13:39 2012 From: pascal.bisson at thalesgroup.com (BISSON Pascal) Date: Wed, 25 Jul 2012 15:13:39 +0200 Subject: [Fiware-security] Review of Unit Test Plan (WP8 - Security) In-Reply-To: <71C0C7C7A712EE4CA636EDFD663B4E27048CA19019@DEWDFECCR09.wdf.sap.corp> References: <17161_1343203477_500FA895_17161_3160_1_9f82e0bc-79d6-4cf7-bced-a0db1c58aba4@THSONEA01HUB04P.one.grp> <71C0C7C7A712EE4CA636EDFD663B4E27048CA19019@DEWDFECCR09.wdf.sap.corp> Message-ID: <16791_1343222021_500FF105_16791_1614_1_b252eb88-38a1-4c89-bf9b-c08c5b7d9c83@THSONEA01HUB02P.one.grp> Ok, Thanks so please now address email I just sent out as per review I performed from my side there are still important things to do -----Message d'origine----- De?: DI CERBO, Francesco [mailto:francesco.di.cerbo at sap.com] Envoy??: mercredi 25 juillet 2012 15:09 ??: BISSON Pascal; GIDOIN Daniel; Seidl, Robert (NSN - DE/Munich); Wolfgang.Steigerwald at telekom.de; Meyer, Gerald (NSN - DE/Munich); TRABELSI, Slim; GASPARD Lucie Cc?: LELEU Philippe; fiware-security at lists.fi-ware.eu Objet?: RE: Review of Unit Test Plan (WP8 - Security) Hello Pascal, all, DB Anonymizer and Data Handling unit test plans have been updated as requested. Best, Francesco > -----Original Message----- > From: BISSON Pascal [mailto:pascal.bisson at thalesgroup.com] > Sent: mercredi 25 juillet 2012 10:05 > To: GIDOIN Daniel; Seidl, Robert (NSN - DE/Munich); > Wolfgang.Steigerwald at telekom.de; Meyer, Gerald (NSN - DE/Munich); > TRABELSI, Slim; DI CERBO, Francesco; GASPARD Lucie > Cc: BISSON Pascal; LELEU Philippe; fiware-security at lists.fi-ware.eu > Subject: TR: Review of Unit Test Plan (WP8 - Security) > Importance: High > > Dear Colleagues, > > Here is the TID review report of Unit Test Plan & Report. As you will > see it is not good in the sense there are a number of issues that if > not corrected by each of you would lead to rejection of our > deliverable by TID and so the costs with the penalties announced by TID. > > According to the attached review report the content you put to Unit > Test Plan & Reporting for the GE you own is rejected Security > Monitoring GE (Thales -> Daniel & al) rejected ! > Identity Management GE (NSN - DT -> Robert & Wolfgang) rejected ! > Data Handling GE (SAP -> Slim) rejected ! > DB Anonimyzer GE (SAP -> Francesco) -> rejected ! > Secure Storage Service (Thales -> Lucie) -> Rejected ! > > So please Daniel, Robert, Wolfgang, Slim, Francesco and Lucie look at > the issues and add the necessary corrections for your content to D8.5a > and so our deliverable to be accepted. > > Bear in mind the ultimate deadline to have them fixed is July 26th EOB > as per decision taken by CA at last WPL/WPA. But to a on the safe side > and did some review of the fixes it could be appropriate to have them fixed by today EOB. > > In any case here is what is stated in the minutes of Monday 23 WPL/WPA > audio and that you should have in mind as the contract: > > "Results of this (TID) check will be provided by July 24. As a result > of this checking, Unit Testing Plan can be: > ? accepted > ? rejected with a deadline on July 26th EOB to fix a number of > identified issues > > Cost rejection measurements will be applied to GE owners failing to > deliver fixed set of features by July 26th EOB." > > > Counting on you all to have the issues for your GE fixed the sooner > the better and according to the set and final deadline. > > Please acknowledge receipt of this email and let me know and Daniel > once the issues have been fixed. > > Hearing from you > > BR > Pascal > > > > -----Message d'origine----- > De?: Miguel Carrillo [mailto:mcp at tid.es] Envoy??: mardi 24 juillet > 2012 17:21 ??: BISSON Pascal; GIDOIN Daniel Cc?: JUAN JOSE HIERRO > SUREDA Objet?: Review of Unit Test Plan (WP8 - Security) > > Dear Pascal & Daniel, > > This is the review of the Unit Testing plan. I am afraid this is the > WP in the worst shape in all the project. As told by Juanjo, there is > a very short time to put it right so I would suggest to react quickly > as several participants are very near losing part of their reporting. > > A reminder in case it helps: I assume that you already have the Report > ready to append at the end of the deliverable and that such manual > complies with the guidelines (one single report, not one per GE). > > Best regards, > > Miguel > > -- > ---------------------------------------------------------------------- > _/ _/_/ Miguel Carrillo Pacheco > _/ _/ _/ _/ Telef?nica Distrito Telef?nica > _/ _/_/_/ _/ _/ Investigaci?n y Edifico Oeste 1, Planta 9 > _/ _/ _/ _/ Desarrollo Ronda de la Comunicaci?n S/N > _/ _/_/ 28050 Madrid (Spain) > Tel: (+34) 91 483 26 77 > > e-mail: mcp at tid.es > > Follow FI-WARE on the net > > Website: http://www.fi-ware.eu > Facebook: http://www.facebook.com/pages/FI-WARE/251366491587242 > Twitter: http://twitter.com/Fiware > LinkedIn: http://www.linkedin.com/groups/FIWARE-4239932 > ---------------------------------------------------------------------- > > > ________________________________ > > Este mensaje se dirige exclusivamente a su destinatario. Puede > consultar nuestra pol?tica de env?o y recepci?n de correo electr?nico > en el enlace situado m?s abajo. > This message is intended exclusively for its addressee. We only send > and receive email on the basis of the terms set out at. > http://www.tid.es/ES/PAGINAS/disclaimer.aspx From antonio.garcia at atosresearch.eu Wed Jul 25 16:14:27 2012 From: antonio.garcia at atosresearch.eu (Antonio Garcia Vazquez) Date: Wed, 25 Jul 2012 16:14:27 +0200 Subject: [Fiware-security] FI-WARE - D8.5.1 - In-Reply-To: <14522_1343221943_500FF0B7_14522_269_1_bcf5381b-475a-4693-b040-07d0e052dd6d@THSONEA01HUB03P.one.grp> References: <14522_1343221943_500FF0B7_14522_269_1_bcf5381b-475a-4693-b040-07d0e052dd6d@THSONEA01HUB03P.one.grp> Message-ID: <8E18929A6C79354FB4BD9BD4636DCB06CEFF84@INTMAIL03.es.int.atosorigin.com> Pascal, - AP1: I've updated the tracker as requested - AP2: I can't report our test as passed since the component won't be ready until September (release 1.2), but as I guess that 'N' could means that the component has failed the test I've filled the document with the status as 'Pending' Best Regards ************************************ * Antonio Garc?a-V?zquez * * (+34) 91 214 9384 * * antonio.garcia at atosresearch.eu * ************************************ From: BISSON Pascal [mailto:pascal.bisson at thalesgroup.com] Sent: mi?rcoles, 25 de julio de 2012 15:12 To: GIDOIN Daniel; TRABELSI, Slim; Antonio Garcia Vazquez; DI CERBO, Francesco; Seidl, Robert (NSN - DE/Munich); Meyer, Gerald (NSN - DE/Munich); Goetze, Norbert (NSN - DE/Munich); GASPARD Lucie; Wolfgang.Steigerwald at telekom.de Cc: BISSON Pascal; LELEU Philippe; fiware-security at lists.fi-ware.eu Subject: FI-WARE - D8.5.1 - Importance: High Dear Colleagues, This to remind you as per instructions/guidelines provided by TID for D8.5.1 (available at: https://forge.fi-ware.eu/plugins/mediawiki/wiki/fi-ware-private/index.php/FiwareDeliverableD3-8.5.1 ) that in complement of the issues raised by TID and that need to be fixed for each of the GE you know. I'd like to draw your attention not raised by Miguel but clearly stated in the guidelines and as such needed to be addressed if we want to have our deliverable a chance to be first complete and second accepted: 1. "a link to the section corresponding to the Unit Testing Plan document at the wiki will be included in a how-to-test field of the corresponding backlog entry. This will be a new field on the tracker that corresponds to the Feature. Please synchronize with your Chapter Lead, who is responsible for creating this new field in the tracker corresponding to your chapter." ? Action Point 1: Being said I created this new field on the Security Tracker I would ask each of you for each of the features of you GE and part of the Unit test plan and report to go the feature on tracker and fill in the how-to-test field filling it with the proper link 2. "For the WPLs/WPAs: when you generate the final pdf files with the deliverable, you must fill in the Unit Testing Report and append it at the end of the pdf file. Download the template here and fill in adding as many blocks as GEs in the Release." ? Action Point 2: I would ask here each of you to urgently send or re-send me your Unit Testing Report for the GE you own (for your convenience I reattached the document) o Unit Testing Report IdM GE NSN => Robert o Unit Testing Report IdM GE DT => Wolfgang o Unit Testing Report Security Monitoring GE => Daniel o Unit Testing Report Data Handling GE => Slim o Unit Testing Report DB Anonimyzer => Francesco o Unit Testing Report Secure Storage Service => Lucie Counting on each of you to urgently perform Action Points 1 & 2 asap and preferably by end of business today or early tomorrow in order for us do final check and produce the corresponding PDF version of D8.5.1 that in any case should be delivered tomorrow prior to 5pm. Please acknowledge receipt of this email and answer it promptly. Best Regards, Pascal ------------------------------------------------------------------ This e-mail and the documents attached are confidential and intended solely for the addressee; it may also be privileged. If you receive this e-mail in error, please notify the sender immediately and destroy it. As its integrity cannot be secured on the Internet, the Atos group liability cannot be triggered for the message content. Although the sender endeavours to maintain a computer virus-free network, the sender does not warrant that this transmission is virus-free and will not be liable for any damages resulting from any virus transmitted. Este mensaje y los ficheros adjuntos pueden contener informacion confidencial destinada solamente a la(s) persona(s) mencionadas anteriormente pueden estar protegidos por secreto profesional. Si usted recibe este correo electronico por error, gracias por informar inmediatamente al remitente y destruir el mensaje. Al no estar asegurada la integridad de este mensaje sobre la red, Atos no se hace responsable por su contenido. Su contenido no constituye ningun compromiso para el grupo Atos, salvo ratificacion escrita por ambas partes. Aunque se esfuerza al maximo por mantener su red libre de virus, el emisor no puede garantizar nada al respecto y no sera responsable de cualesquiera danos que puedan resultar de una transmision de virus. ------------------------------------------------------------------ -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: Unit Testing Report_ATOS.docx Type: application/octet-stream Size: 15939 bytes Desc: Unit Testing Report_ATOS.docx URL: From francesco.di.cerbo at sap.com Wed Jul 25 16:33:36 2012 From: francesco.di.cerbo at sap.com (DI CERBO, Francesco) Date: Wed, 25 Jul 2012 16:33:36 +0200 Subject: [Fiware-security] FI-WARE - D8.5.1 - In-Reply-To: <14522_1343221943_500FF0B7_14522_269_1_bcf5381b-475a-4693-b040-07d0e052dd6d@THSONEA01HUB03P.one.grp> References: <14522_1343221943_500FF0B7_14522_269_1_bcf5381b-475a-4693-b040-07d0e052dd6d@THSONEA01HUB03P.one.grp> Message-ID: <71C0C7C7A712EE4CA636EDFD663B4E27048CA191EE@DEWDFECCR09.wdf.sap.corp> Hello Pascal, * AP 1 : OK for Data Handling and DB Anonymizer * AP 2: please find the attached reports Best, Francesco From: BISSON Pascal [mailto:pascal.bisson at thalesgroup.com] Sent: mercredi 25 juillet 2012 15:12 To: GIDOIN Daniel; TRABELSI, Slim; Antonio Garcia Vazquez; DI CERBO, Francesco; Seidl, Robert (NSN - DE/Munich); Meyer, Gerald (NSN - DE/Munich); Goetze, Norbert (NSN - DE/Munich); GASPARD Lucie; Wolfgang.Steigerwald at telekom.de Cc: BISSON Pascal; LELEU Philippe; fiware-security at lists.fi-ware.eu Subject: FI-WARE - D8.5.1 - Importance: High Dear Colleagues, This to remind you as per instructions/guidelines provided by TID for D8.5.1 (available at: https://forge.fi-ware.eu/plugins/mediawiki/wiki/fi-ware-private/index.php/FiwareDeliverableD3-8.5.1) that in complement of the issues raised by TID and that need to be fixed for each of the GE you know. I'd like to draw your attention not raised by Miguel but clearly stated in the guidelines and as such needed to be addressed if we want to have our deliverable a chance to be first complete and second accepted: 1. "a link to the section corresponding to the Unit Testing Plan document at the wiki will be included in a how-to-test field of the corresponding backlog entry. This will be a new field on the tracker that corresponds to the Feature. Please synchronize with your Chapter Lead, who is responsible for creating this new field in the tracker corresponding to your chapter." * Action Point 1: Being said I created this new field on the Security Tracker I would ask each of you for each of the features of you GE and part of the Unit test plan and report to go the feature on tracker and fill in the how-to-test field filling it with the proper link 2. "For the WPLs/WPAs: when you generate the final pdf files with the deliverable, you must fill in the Unit Testing Report and append it at the end of the pdf file. Download the template here and fill in adding as many blocks as GEs in the Release." * Action Point 2: I would ask here each of you to urgently send or re-send me your Unit Testing Report for the GE you own (for your convenience I reattached the document) o Unit Testing Report IdM GE NSN => Robert o Unit Testing Report IdM GE DT => Wolfgang o Unit Testing Report Security Monitoring GE => Daniel o Unit Testing Report Data Handling GE => Slim o Unit Testing Report DB Anonimyzer => Francesco o Unit Testing Report Secure Storage Service => Lucie Counting on each of you to urgently perform Action Points 1 & 2 asap and preferably by end of business today or early tomorrow in order for us do final check and produce the corresponding PDF version of D8.5.1 that in any case should be delivered tomorrow prior to 5pm. Please acknowledge receipt of this email and answer it promptly. Best Regards, Pascal -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: Unit Testing Report_DataHandlingGE.docx Type: application/vnd.openxmlformats-officedocument.wordprocessingml.document Size: 18088 bytes Desc: Unit Testing Report_DataHandlingGE.docx URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: Unit Testing Report_DBAnonymizer.docx Type: application/vnd.openxmlformats-officedocument.wordprocessingml.document Size: 18101 bytes Desc: Unit Testing Report_DBAnonymizer.docx URL: From daniel.gidoin at thalesgroup.com Wed Jul 25 16:37:13 2012 From: daniel.gidoin at thalesgroup.com (GIDOIN Daniel) Date: Wed, 25 Jul 2012 16:37:13 +0200 Subject: [Fiware-security] FI-WARE - D8.5.1 - In-Reply-To: <8E18929A6C79354FB4BD9BD4636DCB06CEFF84@INTMAIL03.es.int.atosorigin.com> References: <14522_1343221943_500FF0B7_14522_269_1_bcf5381b-475a-4693-b040-07d0e052dd6d@THSONEA01HUB03P.one.grp> <8E18929A6C79354FB4BD9BD4636DCB06CEFF84@INTMAIL03.es.int.atosorigin.com> Message-ID: <32759_1343227039_5010049F_32759_215_1_b31bf03d-b189-4277-9165-ea1ac3440771@THSONEA01HUB03P.one.grp> Please, find attached the Unit testing report concerning the Attack-Paths Engine . Daniel De : Antonio Garcia Vazquez [mailto:antonio.garcia at atosresearch.eu] Envoy? : mercredi 25 juillet 2012 16:14 ? : BISSON Pascal; GIDOIN Daniel; TRABELSI, Slim; DI CERBO, Francesco; Seidl, Robert (NSN - DE/Munich); Meyer, Gerald (NSN - DE/Munich); Goetze, Norbert (NSN - DE/Munich); GASPARD Lucie; Wolfgang.Steigerwald at telekom.de Cc : LELEU Philippe; fiware-security at lists.fi-ware.eu Objet : RE: FI-WARE - D8.5.1 - Pascal, - AP1: I've updated the tracker as requested - AP2: I can't report our test as passed since the component won't be ready until September (release 1.2), but as I guess that 'N' could means that the component has failed the test I've filled the document with the status as 'Pending' Best Regards ************************************ * Antonio Garc?a-V?zquez * * (+34) 91 214 9384 * * antonio.garcia at atosresearch.eu * ************************************ From: BISSON Pascal [mailto:pascal.bisson at thalesgroup.com] Sent: mi?rcoles, 25 de julio de 2012 15:12 To: GIDOIN Daniel; TRABELSI, Slim; Antonio Garcia Vazquez; DI CERBO, Francesco; Seidl, Robert (NSN - DE/Munich); Meyer, Gerald (NSN - DE/Munich); Goetze, Norbert (NSN - DE/Munich); GASPARD Lucie; Wolfgang.Steigerwald at telekom.de Cc: BISSON Pascal; LELEU Philippe; fiware-security at lists.fi-ware.eu Subject: FI-WARE - D8.5.1 - Importance: High Dear Colleagues, This to remind you as per instructions/guidelines provided by TID for D8.5.1 (available at: https://forge.fi-ware.eu/plugins/mediawiki/wiki/fi-ware-private/index.php/FiwareDeliverableD3-8.5.1) that in complement of the issues raised by TID and that need to be fixed for each of the GE you know. I'd like to draw your attention not raised by Miguel but clearly stated in the guidelines and as such needed to be addressed if we want to have our deliverable a chance to be first complete and second accepted: 1. "a link to the section corresponding to the Unit Testing Plan document at the wiki will be included in a how-to-test field of the corresponding backlog entry. This will be a new field on the tracker that corresponds to the Feature. Please synchronize with your Chapter Lead, who is responsible for creating this new field in the tracker corresponding to your chapter." ? Action Point 1: Being said I created this new field on the Security Tracker I would ask each of you for each of the features of you GE and part of the Unit test plan and report to go the feature on tracker and fill in the how-to-test field filling it with the proper link 2. "For the WPLs/WPAs: when you generate the final pdf files with the deliverable, you must fill in the Unit Testing Report and append it at the end of the pdf file. Download the template here and fill in adding as many blocks as GEs in the Release." ? Action Point 2: I would ask here each of you to urgently send or re-send me your Unit Testing Report for the GE you own (for your convenience I reattached the document) o Unit Testing Report IdM GE NSN => Robert o Unit Testing Report IdM GE DT => Wolfgang o Unit Testing Report Security Monitoring GE => Daniel o Unit Testing Report Data Handling GE => Slim o Unit Testing Report DB Anonimyzer => Francesco o Unit Testing Report Secure Storage Service => Lucie Counting on each of you to urgently perform Action Points 1 & 2 asap and preferably by end of business today or early tomorrow in order for us do final check and produce the corresponding PDF version of D8.5.1 that in any case should be delivered tomorrow prior to 5pm. Please acknowledge receipt of this email and answer it promptly. Best Regards, Pascal ------------------------------------------------------------------ This e-mail and the documents attached are confidential and intended solely for the addressee; it may also be privileged. If you receive this e-mail in error, please notify the sender immediately and destroy it. As its integrity cannot be secured on the Internet, the Atos group liability cannot be triggered for the message content. Although the sender endeavours to maintain a computer virus-free network, the sender does not warrant that this transmission is virus-free and will not be liable for any damages resulting from any virus transmitted. Este mensaje y los ficheros adjuntos pueden contener informacion confidencial destinada solamente a la(s) persona(s) mencionadas anteriormente pueden estar protegidos por secreto profesional. Si usted recibe este correo electronico por error, gracias por informar inmediatamente al remitente y destruir el mensaje. Al no estar asegurada la integridad de este mensaje sobre la red, Atos no se hace responsable por su contenido. Su contenido no constituye ningun compromiso para el grupo Atos, salvo ratificacion escrita por ambas partes. Aunque se esfuerza al maximo por mantener su red libre de virus, el emisor no puede garantizar nada al respecto y no sera responsable de cualesquiera danos que puedan resultar de una transmision de virus. ------------------------------------------------------------------ -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: Unit Testing Report_Thales-Mulval.docx Type: application/vnd.openxmlformats-officedocument.wordprocessingml.document Size: 15425 bytes Desc: Unit Testing Report_Thales-Mulval.docx URL: From pascal.bisson at thalesgroup.com Wed Jul 25 16:39:34 2012 From: pascal.bisson at thalesgroup.com (BISSON Pascal) Date: Wed, 25 Jul 2012 16:39:34 +0200 Subject: [Fiware-security] FI-WARE - D8.5.1 - In-Reply-To: <71C0C7C7A712EE4CA636EDFD663B4E27048CA191EE@DEWDFECCR09.wdf.sap.corp> References: <14522_1343221943_500FF0B7_14522_269_1_bcf5381b-475a-4693-b040-07d0e052dd6d@THSONEA01HUB03P.one.grp> <71C0C7C7A712EE4CA636EDFD663B4E27048CA191EE@DEWDFECCR09.wdf.sap.corp> Message-ID: <23187_1343227177_50100529_23187_12916_1_15bd84e8-8161-4fa9-abfd-fe6fbb159636@THSONEA01HUB06P.one.grp> Many thanks Francesco. BR Pascal De : DI CERBO, Francesco [mailto:francesco.di.cerbo at sap.com] Envoy? : mercredi 25 juillet 2012 16:34 ? : BISSON Pascal; GIDOIN Daniel; TRABELSI, Slim; Antonio Garcia Vazquez; Seidl, Robert (NSN - DE/Munich); Meyer, Gerald (NSN - DE/Munich); Goetze, Norbert (NSN - DE/Munich); GASPARD Lucie; Wolfgang.Steigerwald at telekom.de Cc : LELEU Philippe; fiware-security at lists.fi-ware.eu Objet : RE: FI-WARE - D8.5.1 - Hello Pascal, ? AP 1 : OK for Data Handling and DB Anonymizer ? AP 2: please find the attached reports Best, Francesco From: BISSON Pascal [mailto:pascal.bisson at thalesgroup.com] Sent: mercredi 25 juillet 2012 15:12 To: GIDOIN Daniel; TRABELSI, Slim; Antonio Garcia Vazquez; DI CERBO, Francesco; Seidl, Robert (NSN - DE/Munich); Meyer, Gerald (NSN - DE/Munich); Goetze, Norbert (NSN - DE/Munich); GASPARD Lucie; Wolfgang.Steigerwald at telekom.de Cc: BISSON Pascal; LELEU Philippe; fiware-security at lists.fi-ware.eu Subject: FI-WARE - D8.5.1 - Importance: High Dear Colleagues, This to remind you as per instructions/guidelines provided by TID for D8.5.1 (available at: https://forge.fi-ware.eu/plugins/mediawiki/wiki/fi-ware-private/index.php/FiwareDeliverableD3-8.5.1) that in complement of the issues raised by TID and that need to be fixed for each of the GE you know. I'd like to draw your attention not raised by Miguel but clearly stated in the guidelines and as such needed to be addressed if we want to have our deliverable a chance to be first complete and second accepted: 1. "a link to the section corresponding to the Unit Testing Plan document at the wiki will be included in a how-to-test field of the corresponding backlog entry. This will be a new field on the tracker that corresponds to the Feature. Please synchronize with your Chapter Lead, who is responsible for creating this new field in the tracker corresponding to your chapter." ? Action Point 1: Being said I created this new field on the Security Tracker I would ask each of you for each of the features of you GE and part of the Unit test plan and report to go the feature on tracker and fill in the how-to-test field filling it with the proper link 2. "For the WPLs/WPAs: when you generate the final pdf files with the deliverable, you must fill in the Unit Testing Report and append it at the end of the pdf file. Download the template here and fill in adding as many blocks as GEs in the Release." ? Action Point 2: I would ask here each of you to urgently send or re-send me your Unit Testing Report for the GE you own (for your convenience I reattached the document) o Unit Testing Report IdM GE NSN => Robert o Unit Testing Report IdM GE DT => Wolfgang o Unit Testing Report Security Monitoring GE => Daniel o Unit Testing Report Data Handling GE => Slim o Unit Testing Report DB Anonimyzer => Francesco o Unit Testing Report Secure Storage Service => Lucie Counting on each of you to urgently perform Action Points 1 & 2 asap and preferably by end of business today or early tomorrow in order for us do final check and produce the corresponding PDF version of D8.5.1 that in any case should be delivered tomorrow prior to 5pm. Please acknowledge receipt of this email and answer it promptly. Best Regards, Pascal -------------- next part -------------- An HTML attachment was scrubbed... URL: From lucie.gaspard at thalesgroup.com Wed Jul 25 16:47:19 2012 From: lucie.gaspard at thalesgroup.com (GASPARD Lucie) Date: Wed, 25 Jul 2012 16:47:19 +0200 Subject: [Fiware-security] Review of Unit Test Plan (WP8 - Security) In-Reply-To: References: Message-ID: <32759_1343227642_501006FA_32759_794_1_83aed6b1-8e38-4967-b1e2-bd6d9d506882@THSONEA01HUB04P.one.grp> Dear Pascal, SSS Unit Test Plan has been updated as required in the TID review report. BR, Lucie [@@THALES GROUP RESTRICTED@@] -----Message d'origine----- De?: BISSON Pascal Envoy??: mercredi 25 juillet 2012 10:05 ??: GIDOIN Daniel; Seidl, Robert (NSN - DE/Munich); Wolfgang.Steigerwald at telekom.de; Meyer, Gerald (NSN - DE/Munich); TRABELSI, Slim; DI CERBO, Francesco; GASPARD Lucie Cc?: BISSON Pascal; LELEU Philippe; fiware-security at lists.fi-ware.eu Objet?: TR: Review of Unit Test Plan (WP8 - Security) Importance?: Haute Dear Colleagues, Here is the TID review report of Unit Test Plan & Report. As you will see it is not good in the sense there are a number of issues that if not corrected by each of you would lead to rejection of our deliverable by TID and so the costs with the penalties announced by TID. According to the attached review report the content you put to Unit Test Plan & Reporting for the GE you own is rejected Security Monitoring GE (Thales -> Daniel & al) rejected ! Identity Management GE (NSN - DT -> Robert & Wolfgang) rejected ! Data Handling GE (SAP -> Slim) rejected ! DB Anonimyzer GE (SAP -> Francesco) -> rejected ! Secure Storage Service (Thales -> Lucie) -> Rejected ! So please Daniel, Robert, Wolfgang, Slim, Francesco and Lucie look at the issues and add the necessary corrections for your content to D8.5a and so our deliverable to be accepted. Bear in mind the ultimate deadline to have them fixed is July 26th EOB as per decision taken by CA at last WPL/WPA. But to a on the safe side and did some review of the fixes it could be appropriate to have them fixed by today EOB. In any case here is what is stated in the minutes of Monday 23 WPL/WPA audio and that you should have in mind as the contract: "Results of this (TID) check will be provided by July 24. As a result of this checking, Unit Testing Plan can be: ? accepted ? rejected with a deadline on July 26th EOB to fix a number of identified issues Cost rejection measurements will be applied to GE owners failing to deliver fixed set of features by July 26th EOB." Counting on you all to have the issues for your GE fixed the sooner the better and according to the set and final deadline. Please acknowledge receipt of this email and let me know and Daniel once the issues have been fixed. Hearing from you BR Pascal -----Message d'origine----- De?: Miguel Carrillo [mailto:mcp at tid.es] Envoy??: mardi 24 juillet 2012 17:21 ??: BISSON Pascal; GIDOIN Daniel Cc?: JUAN JOSE HIERRO SUREDA Objet?: Review of Unit Test Plan (WP8 - Security) Dear Pascal & Daniel, This is the review of the Unit Testing plan. I am afraid this is the WP in the worst shape in all the project. As told by Juanjo, there is a very short time to put it right so I would suggest to react quickly as several participants are very near losing part of their reporting. A reminder in case it helps: I assume that you already have the Report ready to append at the end of the deliverable and that such manual complies with the guidelines (one single report, not one per GE). Best regards, Miguel -- ---------------------------------------------------------------------- _/ _/_/ Miguel Carrillo Pacheco _/ _/ _/ _/ Telef?nica Distrito Telef?nica _/ _/_/_/ _/ _/ Investigaci?n y Edifico Oeste 1, Planta 9 _/ _/ _/ _/ Desarrollo Ronda de la Comunicaci?n S/N _/ _/_/ 28050 Madrid (Spain) Tel: (+34) 91 483 26 77 e-mail: mcp at tid.es Follow FI-WARE on the net Website: http://www.fi-ware.eu Facebook: http://www.facebook.com/pages/FI-WARE/251366491587242 Twitter: http://twitter.com/Fiware LinkedIn: http://www.linkedin.com/groups/FIWARE-4239932 ---------------------------------------------------------------------- ________________________________ Este mensaje se dirige exclusivamente a su destinatario. Puede consultar nuestra pol?tica de env?o y recepci?n de correo electr?nico en el enlace situado m?s abajo. This message is intended exclusively for its addressee. We only send and receive email on the basis of the terms set out at. http://www.tid.es/ES/PAGINAS/disclaimer.aspx From pascal.bisson at thalesgroup.com Wed Jul 25 16:48:55 2012 From: pascal.bisson at thalesgroup.com (BISSON Pascal) Date: Wed, 25 Jul 2012 16:48:55 +0200 Subject: [Fiware-security] Review of Unit Test Plan (WP8 - Security) In-Reply-To: <285F22950F7F164A8C9420622CAD9C382DE0A1F4@THSONEA01CMS07P.one.grp> References: <285F22950F7F164A8C9420622CAD9C382DE0A1F4@THSONEA01CMS07P.one.grp> Message-ID: <32759_1343227738_5010075A_32759_867_1_3442c054-1230-4e15-af7e-c3b2d236011c@THSONEA01HUB04P.one.grp> Excellent, many thanks Lucie. Don't forget to send me also the final update of the Unit Testing Report for SSS. Thanks in advance. BR Pascal -----Message d'origine----- De?: GASPARD Lucie Envoy??: mercredi 25 juillet 2012 16:47 ??: BISSON Pascal; GIDOIN Daniel; Seidl, Robert (NSN - DE/Munich); Wolfgang.Steigerwald at telekom.de; Meyer, Gerald (NSN - DE/Munich); TRABELSI, Slim; DI CERBO, Francesco Cc?: LELEU Philippe; fiware-security at lists.fi-ware.eu Objet?: RE: Review of Unit Test Plan (WP8 - Security) Dear Pascal, SSS Unit Test Plan has been updated as required in the TID review report. BR, Lucie [@@THALES GROUP RESTRICTED@@] -----Message d'origine----- De?: BISSON Pascal Envoy??: mercredi 25 juillet 2012 10:05 ??: GIDOIN Daniel; Seidl, Robert (NSN - DE/Munich); Wolfgang.Steigerwald at telekom.de; Meyer, Gerald (NSN - DE/Munich); TRABELSI, Slim; DI CERBO, Francesco; GASPARD Lucie Cc?: BISSON Pascal; LELEU Philippe; fiware-security at lists.fi-ware.eu Objet?: TR: Review of Unit Test Plan (WP8 - Security) Importance?: Haute Dear Colleagues, Here is the TID review report of Unit Test Plan & Report. As you will see it is not good in the sense there are a number of issues that if not corrected by each of you would lead to rejection of our deliverable by TID and so the costs with the penalties announced by TID. According to the attached review report the content you put to Unit Test Plan & Reporting for the GE you own is rejected Security Monitoring GE (Thales -> Daniel & al) rejected ! Identity Management GE (NSN - DT -> Robert & Wolfgang) rejected ! Data Handling GE (SAP -> Slim) rejected ! DB Anonimyzer GE (SAP -> Francesco) -> rejected ! Secure Storage Service (Thales -> Lucie) -> Rejected ! So please Daniel, Robert, Wolfgang, Slim, Francesco and Lucie look at the issues and add the necessary corrections for your content to D8.5a and so our deliverable to be accepted. Bear in mind the ultimate deadline to have them fixed is July 26th EOB as per decision taken by CA at last WPL/WPA. But to a on the safe side and did some review of the fixes it could be appropriate to have them fixed by today EOB. In any case here is what is stated in the minutes of Monday 23 WPL/WPA audio and that you should have in mind as the contract: "Results of this (TID) check will be provided by July 24. As a result of this checking, Unit Testing Plan can be: ? accepted ? rejected with a deadline on July 26th EOB to fix a number of identified issues Cost rejection measurements will be applied to GE owners failing to deliver fixed set of features by July 26th EOB." Counting on you all to have the issues for your GE fixed the sooner the better and according to the set and final deadline. Please acknowledge receipt of this email and let me know and Daniel once the issues have been fixed. Hearing from you BR Pascal -----Message d'origine----- De?: Miguel Carrillo [mailto:mcp at tid.es] Envoy??: mardi 24 juillet 2012 17:21 ??: BISSON Pascal; GIDOIN Daniel Cc?: JUAN JOSE HIERRO SUREDA Objet?: Review of Unit Test Plan (WP8 - Security) Dear Pascal & Daniel, This is the review of the Unit Testing plan. I am afraid this is the WP in the worst shape in all the project. As told by Juanjo, there is a very short time to put it right so I would suggest to react quickly as several participants are very near losing part of their reporting. A reminder in case it helps: I assume that you already have the Report ready to append at the end of the deliverable and that such manual complies with the guidelines (one single report, not one per GE). Best regards, Miguel -- ---------------------------------------------------------------------- _/ _/_/ Miguel Carrillo Pacheco _/ _/ _/ _/ Telef?nica Distrito Telef?nica _/ _/_/_/ _/ _/ Investigaci?n y Edifico Oeste 1, Planta 9 _/ _/ _/ _/ Desarrollo Ronda de la Comunicaci?n S/N _/ _/_/ 28050 Madrid (Spain) Tel: (+34) 91 483 26 77 e-mail: mcp at tid.es Follow FI-WARE on the net Website: http://www.fi-ware.eu Facebook: http://www.facebook.com/pages/FI-WARE/251366491587242 Twitter: http://twitter.com/Fiware LinkedIn: http://www.linkedin.com/groups/FIWARE-4239932 ---------------------------------------------------------------------- ________________________________ Este mensaje se dirige exclusivamente a su destinatario. Puede consultar nuestra pol?tica de env?o y recepci?n de correo electr?nico en el enlace situado m?s abajo. This message is intended exclusively for its addressee. We only send and receive email on the basis of the terms set out at. http://www.tid.es/ES/PAGINAS/disclaimer.aspx From lucie.gaspard at thalesgroup.com Wed Jul 25 16:49:43 2012 From: lucie.gaspard at thalesgroup.com (GASPARD Lucie) Date: Wed, 25 Jul 2012 16:49:43 +0200 Subject: [Fiware-security] FI-WARE - D8.5.1 - In-Reply-To: References: Message-ID: <14522_1343227788_5010078B_14522_3984_1_574b9bdd-8258-4f6f-a290-98305d5e728e@THSONEA01HUB06P.one.grp> Dear Pascal, AP1 : the tracker has been updated for SSS features AP2: report in attachment BR, Lucie [@@THALES GROUP RESTRICTED@@] De : BISSON Pascal Envoy? : mercredi 25 juillet 2012 15:12 ? : GIDOIN Daniel; TRABELSI, Slim; Antonio Garcia Vazquez; DI CERBO, Francesco; Seidl, Robert (NSN - DE/Munich); Meyer, Gerald (NSN - DE/Munich); Goetze, Norbert (NSN - DE/Munich); GASPARD Lucie; Wolfgang.Steigerwald at telekom.de Cc : BISSON Pascal; LELEU Philippe; fiware-security at lists.fi-ware.eu Objet : FI-WARE - D8.5.1 - Importance : Haute Dear Colleagues, This to remind you as per instructions/guidelines provided by TID for D8.5.1 (available at: https://forge.fi-ware.eu/plugins/mediawiki/wiki/fi-ware-private/index.php/FiwareDeliverableD3-8.5.1) that in complement of the issues raised by TID and that need to be fixed for each of the GE you know. I'd like to draw your attention not raised by Miguel but clearly stated in the guidelines and as such needed to be addressed if we want to have our deliverable a chance to be first complete and second accepted: 1. "a link to the section corresponding to the Unit Testing Plan document at the wiki will be included in a how-to-test field of the corresponding backlog entry. This will be a new field on the tracker that corresponds to the Feature. Please synchronize with your Chapter Lead, who is responsible for creating this new field in the tracker corresponding to your chapter." ? Action Point 1: Being said I created this new field on the Security Tracker I would ask each of you for each of the features of you GE and part of the Unit test plan and report to go the feature on tracker and fill in the how-to-test field filling it with the proper link 2. "For the WPLs/WPAs: when you generate the final pdf files with the deliverable, you must fill in the Unit Testing Report and append it at the end of the pdf file. Download the template here and fill in adding as many blocks as GEs in the Release." ? Action Point 2: I would ask here each of you to urgently send or re-send me your Unit Testing Report for the GE you own (for your convenience I reattached the document) o Unit Testing Report IdM GE NSN => Robert o Unit Testing Report IdM GE DT => Wolfgang o Unit Testing Report Security Monitoring GE => Daniel o Unit Testing Report Data Handling GE => Slim o Unit Testing Report DB Anonimyzer => Francesco o Unit Testing Report Secure Storage Service => Lucie Counting on each of you to urgently perform Action Points 1 & 2 asap and preferably by end of business today or early tomorrow in order for us do final check and produce the corresponding PDF version of D8.5.1 that in any case should be delivered tomorrow prior to 5pm. Please acknowledge receipt of this email and answer it promptly. Best Regards, Pascal -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: Unit Testing Report_SSS_GE_v2.docx Type: application/vnd.openxmlformats-officedocument.wordprocessingml.document Size: 18209 bytes Desc: Unit Testing Report_SSS_GE_v2.docx URL: From pascal.bisson at thalesgroup.com Wed Jul 25 16:56:14 2012 From: pascal.bisson at thalesgroup.com (BISSON Pascal) Date: Wed, 25 Jul 2012 16:56:14 +0200 Subject: [Fiware-security] FI-WARE - D8.5.1 - In-Reply-To: <285F22950F7F164A8C9420622CAD9C382DE0A207@THSONEA01CMS07P.one.grp> References: <285F22950F7F164A8C9420622CAD9C382DE0A207@THSONEA01CMS07P.one.grp> Message-ID: <23187_1343228180_50100914_23187_13213_1_05ee3571-c7e4-4ab8-b8cd-31ae39c391d8@THSONEA01HUB05P.one.grp> Excellent ! Many thanks for this. BR Pascal De : GASPARD Lucie Envoy? : mercredi 25 juillet 2012 16:50 ? : BISSON Pascal; GIDOIN Daniel; TRABELSI, Slim; Antonio Garcia Vazquez; DI CERBO, Francesco; Seidl, Robert (NSN - DE/Munich); Meyer, Gerald (NSN - DE/Munich); Goetze, Norbert (NSN - DE/Munich); Wolfgang.Steigerwald at telekom.de Cc : LELEU Philippe; fiware-security at lists.fi-ware.eu Objet : RE: FI-WARE - D8.5.1 - Dear Pascal, AP1 : the tracker has been updated for SSS features AP2: report in attachment BR, Lucie [@@THALES GROUP RESTRICTED@@] De : BISSON Pascal Envoy? : mercredi 25 juillet 2012 15:12 ? : GIDOIN Daniel; TRABELSI, Slim; Antonio Garcia Vazquez; DI CERBO, Francesco; Seidl, Robert (NSN - DE/Munich); Meyer, Gerald (NSN - DE/Munich); Goetze, Norbert (NSN - DE/Munich); GASPARD Lucie; Wolfgang.Steigerwald at telekom.de Cc : BISSON Pascal; LELEU Philippe; fiware-security at lists.fi-ware.eu Objet : FI-WARE - D8.5.1 - Importance : Haute Dear Colleagues, This to remind you as per instructions/guidelines provided by TID for D8.5.1 (available at: https://forge.fi-ware.eu/plugins/mediawiki/wiki/fi-ware-private/index.php/FiwareDeliverableD3-8.5.1) that in complement of the issues raised by TID and that need to be fixed for each of the GE you know. I'd like to draw your attention not raised by Miguel but clearly stated in the guidelines and as such needed to be addressed if we want to have our deliverable a chance to be first complete and second accepted: 1. "a link to the section corresponding to the Unit Testing Plan document at the wiki will be included in a how-to-test field of the corresponding backlog entry. This will be a new field on the tracker that corresponds to the Feature. Please synchronize with your Chapter Lead, who is responsible for creating this new field in the tracker corresponding to your chapter." ? Action Point 1: Being said I created this new field on the Security Tracker I would ask each of you for each of the features of you GE and part of the Unit test plan and report to go the feature on tracker and fill in the how-to-test field filling it with the proper link 2. "For the WPLs/WPAs: when you generate the final pdf files with the deliverable, you must fill in the Unit Testing Report and append it at the end of the pdf file. Download the template here and fill in adding as many blocks as GEs in the Release." ? Action Point 2: I would ask here each of you to urgently send or re-send me your Unit Testing Report for the GE you own (for your convenience I reattached the document) o Unit Testing Report IdM GE NSN => Robert o Unit Testing Report IdM GE DT => Wolfgang o Unit Testing Report Security Monitoring GE => Daniel o Unit Testing Report Data Handling GE => Slim o Unit Testing Report DB Anonimyzer => Francesco o Unit Testing Report Secure Storage Service => Lucie Counting on each of you to urgently perform Action Points 1 & 2 asap and preferably by end of business today or early tomorrow in order for us do final check and produce the corresponding PDF version of D8.5.1 that in any case should be delivered tomorrow prior to 5pm. Please acknowledge receipt of this email and answer it promptly. Best Regards, Pascal -------------- next part -------------- An HTML attachment was scrubbed... URL: From pascal.bisson at thalesgroup.com Thu Jul 26 10:12:53 2012 From: pascal.bisson at thalesgroup.com (BISSON Pascal) Date: Thu, 26 Jul 2012 10:12:53 +0200 Subject: [Fiware-security] TR: Review of more deliverables Message-ID: <12505_1343290375_5010FC07_12505_6609_1_2cab16aa-10cb-480e-b653-5c868de4030e@THSONEA01HUB01P.one.grp> Dear Colleagues, (IMPORTANT EMAIL ? SO PLEASE READ CAREFULLY & PERFORM THE REQUESTED ACTIONS) Here is the TID review report of Instal & Admin manual and User and Programmer's manual of our Security Chapter (aka D8.3.1 & D8.4.1). As you will see once more it is not good in the sense there are a number of issues that if not corrected by each of you would lead to rejection of our deliverables by TID and also rejection of some our costs as per penalties TID as announced. According to the attached review report the content you put to Unit Test Plan & Reporting for the GE you own is rejected for both Instal & Admin manual and User and Programmer's manual (with one exception for DB Anonimyzer where content for Install & Admin is rejected but content for User & Programmers guide is accepted) Security Monitoring GE (Thales -> Daniel & al) rejected for both deliverables ! Identity Management GE (NSN - DT -> Robert & Wolfgang) rejected for both deliverables ! Data Handling GE (SAP -> Slim) rejected for both deliverables ! DB Anonimyzer GE (SAP -> Francesco) -> rejected Install & Admin ! (but ok for User & Programmers guide) Secure Storage Service (Thales -> Lucie) -> Rejected for both deliverables ! So please Daniel, Robert, Wolfgang, Slim, Francesco and Lucie look at the issues and add the necessary corrections for your content to both D8.3a and D8.4a to give a chance to these deliverables to be accepted. Bear in mind the ultimate deadline to have them fixed is July 27th EOB as per decision taken by CA at last WPL/WPA. But to a on the safe side and did some review of the fixes it could be appropriate to have them fixed by today EOB. In any case here is what is stated in the minutes of Monday 23 WPL/WPA audio and that you should have in mind as the contract: Installation and Admin guides Results of this check will be provided by July 25. As a result of this checking, the guides can be: ? Accepted ? rejected with a deadline on July 27th EOB to fix a number of identified issues Cost rejection measurements will be applied to GE owners failing to deliver the guides by July 27th EOB. Installation and Administration Guides which do not contain the mandatory sections established in the defined guidelines will be rejected. Several partners express objections to the request for the delivery of the Installation and Admin Guide in the case of GEs offered ?As a Service?. These need to be provided at least for auditing purposes. Users? and Programmers? Guide TID will check provided guides and will check whether they fulfill the defined guidelines at: https://forge.fi-ware.eu/plugins/mediawiki/wiki/fi-ware-private/index.php/ FiwareDeliverables Results of this check will be provided by July 25. As a result of this checking, the guides can be: ? accepted ? rejected with a deadline on July 27th EOB to fix a number of identified issues Cost rejection measurements will be applied to GE owners failing to deliver the guides by July 27th EOB. Last but not I?d like also to draw your attention to points stated in Miguel?s emails and some of you would also have to address: * General comment for all WPs: there are many GEs in some WP with an "Installation and Administration Guide" that is an installation manual only. Giving the need to deliver at once, we will not try to fix it immediately. After the delivery we will provide a deadline to address it and provide the administration part. Of course, the impact on the cost reporting could be affected by this. * This applies to part of the WPs only. The case of the Install and Admin Guides of GEs offered as a Service of nature PP the partner has to provide proper guides (what is needed by the administrator of the machine where it is running at your company ). This will given to the EC upon request and it will protected somehow (account/password, IP filtering, ...). In the deliverables at the end of the month we will provide simply a text stating that. We would give the manuals+binaries afterwards and only if they ask for it. * Please ALL to whom it applies please address. Counting on you all to have the issues for your GE fixed the sooner the better and according to the set and final deadline. Please acknowledge receipt of this email and let me know and Daniel once the issues have been fixed. As usual the sooner the better. Hearing from you BR Pascal De : Miguel Carrillo [mailto:mcp at tid.es] Envoy? : mercredi 25 juillet 2012 20:09 ? : BISSON Pascal; GIDOIN Daniel Cc : JUAN JOSE HIERRO SUREDA Objet : Review of more deliverables Dear Pascal, This is my review for the Instal & Admin l manual and also for the User and Programmer's manual. The problematic things are marked in light blue. Please be aware that you have a very short time to react so let your partners know ASAP. A few comments: * Things to be addressed are highlighted in blue. * Note that my review is "formal" (formats, structure, consistency, reasonable aspect) but the coordination (Juanjo) may add comments of a more technical nature afterwards. So an "ok" from me does not necessarily means a final approval by the project coordination. * General comment for all WPs: there are many GEs in some WP with an "Installation and Administration Guide" that is an installation manual only. Giving the need to deliver at once, we will not try to fix it immediately. After the delivery we will provide a deadline to address it and provide the administration part. Of course, the impact on the cost reporting could be affected by this. * This applies to part of the WPs only. The case of the Install and Admin Guides of GEs offered as a Service of nature PP the partner has to provide proper guides (what is needed by the administrator of the machine where it is running at your company ). This will given to the EC upon request and it will protected somehow (account/password, IP filtering, ...). In the deliverables at the end of the month we will provide simply a text stating that. We would give the manuals+binaries afterwards and only if they ask for it. I'd appreciate it if you could confirm what GEs are going to be provided as a Service (not to install on the testbed) in July. Theoretically this is in the testbed wiki but things change too fast and I prefer to ask you. Best regards, Miguel -- ---------------------------------------------------------------------- _/ _/_/ Miguel Carrillo Pacheco _/ _/ _/ _/ Telef?nica Distrito Telef?nica _/ _/_/_/ _/ _/ Investigaci?n y Edifico Oeste 1, Planta 9 _/ _/ _/ _/ Desarrollo Ronda de la Comunicaci?n S/N _/ _/_/ 28050 Madrid (Spain) Tel: (+34) 91 483 26 77 e-mail: mcp at tid.es Follow FI-WARE on the net Website: http://www.fi-ware.eu Facebook: http://www.facebook.com/pages/FI-WARE/251366491587242 Twitter: http://twitter.com/Fiware LinkedIn: http://www.linkedin.com/groups/FIWARE-4239932 ---------------------------------------------------------------------- ________________________________ Este mensaje se dirige exclusivamente a su destinatario. Puede consultar nuestra pol?tica de env?o y recepci?n de correo electr?nico en el enlace situado m?s abajo. This message is intended exclusively for its addressee. We only send and receive email on the basis of the terms set out at. http://www.tid.es/ES/PAGINAS/disclaimer.aspx -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: Audit_Release_1.0_b_WP8.xlsx Type: application/vnd.openxmlformats-officedocument.spreadsheetml.sheet Size: 13244 bytes Desc: Audit_Release_1.0_b_WP8.xlsx URL: From slim.trabelsi at sap.com Thu Jul 26 10:20:55 2012 From: slim.trabelsi at sap.com (TRABELSI, Slim) Date: Thu, 26 Jul 2012 10:20:55 +0200 Subject: [Fiware-security] Review of more deliverables In-Reply-To: <12505_1343290375_5010FC07_12505_6609_1_2cab16aa-10cb-480e-b653-5c868de4030e@THSONEA01HUB01P.one.grp> References: <12505_1343290375_5010FC07_12505_6609_1_2cab16aa-10cb-480e-b653-5c868de4030e@THSONEA01HUB01P.one.grp> Message-ID: Dear Pascal, I strongly disagree with this review. The Modifications are done according to the previous comments, when it was possible ! I strongly recommend TID to submit the deliverable as it is. We are all tired and exhausted with the hundreds of requests coming daily and most of them are due to a lack of clear guidance from the beginning. Thank you Best Slim From: BISSON Pascal [mailto:pascal.bisson at thalesgroup.com] Sent: jeudi 26 juillet 2012 10:13 To: GIDOIN Daniel; Antonio Garcia Vazquez; Seidl, Robert (NSN - DE/Munich); Wolfgang.Steigerwald at telekom.de; Meyer, Gerald (NSN - DE/Munich); DI CERBO, Francesco; TRABELSI, Slim; Rodrigo Diaz Rodriguez; GASPARD Lucie Cc: BISSON Pascal; LELEU Philippe; fiware-security at lists.fi-ware.eu; MUSARAJ Kreshnik Subject: TR: Review of more deliverables Importance: High Dear Colleagues, (IMPORTANT EMAIL ? SO PLEASE READ CAREFULLY & PERFORM THE REQUESTED ACTIONS) Here is the TID review report of Instal & Admin manual and User and Programmer's manual of our Security Chapter (aka D8.3.1 & D8.4.1). As you will see once more it is not good in the sense there are a number of issues that if not corrected by each of you would lead to rejection of our deliverables by TID and also rejection of some our costs as per penalties TID as announced. According to the attached review report the content you put to Unit Test Plan & Reporting for the GE you own is rejected for both Instal & Admin manual and User and Programmer's manual (with one exception for DB Anonimyzer where content for Install & Admin is rejected but content for User & Programmers guide is accepted) Security Monitoring GE (Thales -> Daniel & al) rejected for both deliverables ! Identity Management GE (NSN - DT -> Robert & Wolfgang) rejected for both deliverables ! Data Handling GE (SAP -> Slim) rejected for both deliverables ! DB Anonimyzer GE (SAP -> Francesco) -> rejected Install & Admin ! (but ok for User & Programmers guide) Secure Storage Service (Thales -> Lucie) -> Rejected for both deliverables ! So please Daniel, Robert, Wolfgang, Slim, Francesco and Lucie look at the issues and add the necessary corrections for your content to both D8.3a and D8.4a to give a chance to these deliverables to be accepted. Bear in mind the ultimate deadline to have them fixed is July 27th EOB as per decision taken by CA at last WPL/WPA. But to a on the safe side and did some review of the fixes it could be appropriate to have them fixed by today EOB. In any case here is what is stated in the minutes of Monday 23 WPL/WPA audio and that you should have in mind as the contract: Installation and Admin guides Results of this check will be provided by July 25. As a result of this checking, the guides can be: ? Accepted ? rejected with a deadline on July 27th EOB to fix a number of identified issues Cost rejection measurements will be applied to GE owners failing to deliver the guides by July 27th EOB. Installation and Administration Guides which do not contain the mandatory sections established in the defined guidelines will be rejected. Several partners express objections to the request for the delivery of the Installation and Admin Guide in the case of GEs offered ?As a Service?. These need to be provided at least for auditing purposes. Users? and Programmers? Guide TID will check provided guides and will check whether they fulfill the defined guidelines at: https://forge.fi-ware.eu/plugins/mediawiki/wiki/fi-ware-private/index.php/ FiwareDeliverables Results of this check will be provided by July 25. As a result of this checking, the guides can be: ? accepted ? rejected with a deadline on July 27th EOB to fix a number of identified issues Cost rejection measurements will be applied to GE owners failing to deliver the guides by July 27th EOB. Last but not I?d like also to draw your attention to points stated in Miguel?s emails and some of you would also have to address: * General comment for all WPs: there are many GEs in some WP with an "Installation and Administration Guide" that is an installation manual only. Giving the need to deliver at once, we will not try to fix it immediately. After the delivery we will provide a deadline to address it and provide the administration part. Of course, the impact on the cost reporting could be affected by this. * This applies to part of the WPs only. The case of the Install and Admin Guides of GEs offered as a Service of nature PP the partner has to provide proper guides (what is needed by the administrator of the machine where it is running at your company ). This will given to the EC upon request and it will protected somehow (account/password, IP filtering, ...). In the deliverables at the end of the month we will provide simply a text stating that. We would give the manuals+binaries afterwards and only if they ask for it. * Please ALL to whom it applies please address. Counting on you all to have the issues for your GE fixed the sooner the better and according to the set and final deadline. Please acknowledge receipt of this email and let me know and Daniel once the issues have been fixed. As usual the sooner the better. Hearing from you BR Pascal De : Miguel Carrillo [mailto:mcp at tid.es] Envoy? : mercredi 25 juillet 2012 20:09 ? : BISSON Pascal; GIDOIN Daniel Cc : JUAN JOSE HIERRO SUREDA Objet : Review of more deliverables Dear Pascal, This is my review for the Instal & Admin l manual and also for the User and Programmer's manual. The problematic things are marked in light blue. Please be aware that you have a very short time to react so let your partners know ASAP. A few comments: * Things to be addressed are highlighted in blue. * Note that my review is "formal" (formats, structure, consistency, reasonable aspect) but the coordination (Juanjo) may add comments of a more technical nature afterwards. So an "ok" from me does not necessarily means a final approval by the project coordination. * General comment for all WPs: there are many GEs in some WP with an "Installation and Administration Guide" that is an installation manual only. Giving the need to deliver at once, we will not try to fix it immediately. After the delivery we will provide a deadline to address it and provide the administration part. Of course, the impact on the cost reporting could be affected by this. * This applies to part of the WPs only. The case of the Install and Admin Guides of GEs offered as a Service of nature PP the partner has to provide proper guides (what is needed by the administrator of the machine where it is running at your company ). This will given to the EC upon request and it will protected somehow (account/password, IP filtering, ...). In the deliverables at the end of the month we will provide simply a text stating that. We would give the manuals+binaries afterwards and only if they ask for it. I'd appreciate it if you could confirm what GEs are going to be provided as a Service (not to install on the testbed) in July. Theoretically this is in the testbed wiki but things change too fast and I prefer to ask you. Best regards, Miguel -- ---------------------------------------------------------------------- _/ _/_/ Miguel Carrillo Pacheco _/ _/ _/ _/ Telef?nica Distrito Telef?nica _/ _/_/_/ _/ _/ Investigaci?n y Edifico Oeste 1, Planta 9 _/ _/ _/ _/ Desarrollo Ronda de la Comunicaci?n S/N _/ _/_/ 28050 Madrid (Spain) Tel: (+34) 91 483 26 77 e-mail: mcp at tid.es Follow FI-WARE on the net Website: http://www.fi-ware.eu Facebook: http://www.facebook.com/pages/FI-WARE/251366491587242 Twitter: http://twitter.com/Fiware LinkedIn: http://www.linkedin.com/groups/FIWARE-4239932 ---------------------------------------------------------------------- ________________________________ Este mensaje se dirige exclusivamente a su destinatario. Puede consultar nuestra pol?tica de env?o y recepci?n de correo electr?nico en el enlace situado m?s abajo. This message is intended exclusively for its addressee. We only send and receive email on the basis of the terms set out at. http://www.tid.es/ES/PAGINAS/disclaimer.aspx -------------- next part -------------- An HTML attachment was scrubbed... URL: From pascal.bisson at thalesgroup.com Thu Jul 26 10:47:41 2012 From: pascal.bisson at thalesgroup.com (BISSON Pascal) Date: Thu, 26 Jul 2012 10:47:41 +0200 Subject: [Fiware-security] Review of more deliverables In-Reply-To: References: <12505_1343290375_5010FC07_12505_6609_1_2cab16aa-10cb-480e-b653-5c868de4030e@THSONEA01HUB01P.one.grp> Message-ID: <12505_1343292466_50110432_12505_7204_1_91462b0e-ded7-43ad-801c-2f99b8722df3@THSONEA01HUB05P.one.grp> Dear Slim, So far I know that each of the WPLs have received such review report and are working with their team on addressing/fixing the issues. If think there would be a time where we could dispute the fact that some of our costs would be rejected by TID (this others will probably do as well). But for the time being we have to make an effort in addressing as much comments as we can to argue after. That?s why I?m requesting an individual effort from each of the GE owners and so you. By the way this what the others are doing (e.g. when looking at WP3 leaded by SAP I don?t see Torsten complaining ?, but what is true for WP3 is also true for the other chapters WP4, WP5, W6, WP7 ? ). So let?s try to address most of the review comments for each of our deliverables, produce and deliver PDF versions according the set deadlines and wait for decision of TID (and then we could start to complain and argue). Frankly being said a review was performed we have to have it addressed (there is no escape) if not it would be a fault from our side and would be far more difficult afterwards to argue. Since even more that and I hope you can agree we don?t want to be the team to blame. Of course things could have been different if others team had reacted but so far as I said I don?t see reaction at all. And for it is too late. So let?s give a chance as partners and as the Security Chapter Team to pass this milestones (delivery of our WP8 deliverables). Counting on you no to discourage yourself even more we are close to the end. Best Regards, Pascal De : TRABELSI, Slim [mailto:slim.trabelsi at sap.com] Envoy? : jeudi 26 juillet 2012 10:21 ? : BISSON Pascal; GIDOIN Daniel; Antonio Garcia Vazquez; Seidl, Robert (NSN - DE/Munich); Wolfgang.Steigerwald at telekom.de; Meyer, Gerald (NSN - DE/Munich); DI CERBO, Francesco; Rodrigo Diaz Rodriguez; GASPARD Lucie; Fasse, Axel Cc : LELEU Philippe; fiware-security at lists.fi-ware.eu; MUSARAJ Kreshnik Objet : RE: Review of more deliverables Dear Pascal, I strongly disagree with this review. The Modifications are done according to the previous comments, when it was possible ! I strongly recommend TID to submit the deliverable as it is. We are all tired and exhausted with the hundreds of requests coming daily and most of them are due to a lack of clear guidance from the beginning. Thank you Best Slim From: BISSON Pascal [mailto:pascal.bisson at thalesgroup.com] Sent: jeudi 26 juillet 2012 10:13 To: GIDOIN Daniel; Antonio Garcia Vazquez; Seidl, Robert (NSN - DE/Munich); Wolfgang.Steigerwald at telekom.de; Meyer, Gerald (NSN - DE/Munich); DI CERBO, Francesco; TRABELSI, Slim; Rodrigo Diaz Rodriguez; GASPARD Lucie Cc: BISSON Pascal; LELEU Philippe; fiware-security at lists.fi-ware.eu; MUSARAJ Kreshnik Subject: TR: Review of more deliverables Importance: High Dear Colleagues, (IMPORTANT EMAIL ? SO PLEASE READ CAREFULLY & PERFORM THE REQUESTED ACTIONS) Here is the TID review report of Instal & Admin manual and User and Programmer's manual of our Security Chapter (aka D8.3.1 & D8.4.1). As you will see once more it is not good in the sense there are a number of issues that if not corrected by each of you would lead to rejection of our deliverables by TID and also rejection of some our costs as per penalties TID as announced. According to the attached review report the content you put to Unit Test Plan & Reporting for the GE you own is rejected for both Instal & Admin manual and User and Programmer's manual (with one exception for DB Anonimyzer where content for Install & Admin is rejected but content for User & Programmers guide is accepted) Security Monitoring GE (Thales -> Daniel & al) rejected for both deliverables ! Identity Management GE (NSN - DT -> Robert & Wolfgang) rejected for both deliverables ! Data Handling GE (SAP -> Slim) rejected for both deliverables ! DB Anonimyzer GE (SAP -> Francesco) -> rejected Install & Admin ! (but ok for User & Programmers guide) Secure Storage Service (Thales -> Lucie) -> Rejected for both deliverables ! So please Daniel, Robert, Wolfgang, Slim, Francesco and Lucie look at the issues and add the necessary corrections for your content to both D8.3a and D8.4a to give a chance to these deliverables to be accepted. Bear in mind the ultimate deadline to have them fixed is July 27th EOB as per decision taken by CA at last WPL/WPA. But to a on the safe side and did some review of the fixes it could be appropriate to have them fixed by today EOB. In any case here is what is stated in the minutes of Monday 23 WPL/WPA audio and that you should have in mind as the contract: Installation and Admin guides Results of this check will be provided by July 25. As a result of this checking, the guides can be: ? Accepted ? rejected with a deadline on July 27th EOB to fix a number of identified issues Cost rejection measurements will be applied to GE owners failing to deliver the guides by July 27th EOB. Installation and Administration Guides which do not contain the mandatory sections established in the defined guidelines will be rejected. Several partners express objections to the request for the delivery of the Installation and Admin Guide in the case of GEs offered ?As a Service?. These need to be provided at least for auditing purposes. Users? and Programmers? Guide TID will check provided guides and will check whether they fulfill the defined guidelines at: https://forge.fi-ware.eu/plugins/mediawiki/wiki/fi-ware-private/index.php/ FiwareDeliverables Results of this check will be provided by July 25. As a result of this checking, the guides can be: ? accepted ? rejected with a deadline on July 27th EOB to fix a number of identified issues Cost rejection measurements will be applied to GE owners failing to deliver the guides by July 27th EOB. Last but not I?d like also to draw your attention to points stated in Miguel?s emails and some of you would also have to address: * General comment for all WPs: there are many GEs in some WP with an "Installation and Administration Guide" that is an installation manual only. Giving the need to deliver at once, we will not try to fix it immediately. After the delivery we will provide a deadline to address it and provide the administration part. Of course, the impact on the cost reporting could be affected by this. * This applies to part of the WPs only. The case of the Install and Admin Guides of GEs offered as a Service of nature PP the partner has to provide proper guides (what is needed by the administrator of the machine where it is running at your company ). This will given to the EC upon request and it will protected somehow (account/password, IP filtering, ...). In the deliverables at the end of the month we will provide simply a text stating that. We would give the manuals+binaries afterwards and only if they ask for it. * Please ALL to whom it applies please address. Counting on you all to have the issues for your GE fixed the sooner the better and according to the set and final deadline. Please acknowledge receipt of this email and let me know and Daniel once the issues have been fixed. As usual the sooner the better. Hearing from you BR Pascal De : Miguel Carrillo [mailto:mcp at tid.es] Envoy? : mercredi 25 juillet 2012 20:09 ? : BISSON Pascal; GIDOIN Daniel Cc : JUAN JOSE HIERRO SUREDA Objet : Review of more deliverables Dear Pascal, This is my review for the Instal & Admin l manual and also for the User and Programmer's manual. The problematic things are marked in light blue. Please be aware that you have a very short time to react so let your partners know ASAP. A few comments: * Things to be addressed are highlighted in blue. * Note that my review is "formal" (formats, structure, consistency, reasonable aspect) but the coordination (Juanjo) may add comments of a more technical nature afterwards. So an "ok" from me does not necessarily means a final approval by the project coordination. * General comment for all WPs: there are many GEs in some WP with an "Installation and Administration Guide" that is an installation manual only. Giving the need to deliver at once, we will not try to fix it immediately. After the delivery we will provide a deadline to address it and provide the administration part. Of course, the impact on the cost reporting could be affected by this. * This applies to part of the WPs only. The case of the Install and Admin Guides of GEs offered as a Service of nature PP the partner has to provide proper guides (what is needed by the administrator of the machine where it is running at your company ). This will given to the EC upon request and it will protected somehow (account/password, IP filtering, ...). In the deliverables at the end of the month we will provide simply a text stating that. We would give the manuals+binaries afterwards and only if they ask for it. I'd appreciate it if you could confirm what GEs are going to be provided as a Service (not to install on the testbed) in July. Theoretically this is in the testbed wiki but things change too fast and I prefer to ask you. Best regards, Miguel -- ---------------------------------------------------------------------- _/ _/_/ Miguel Carrillo Pacheco _/ _/ _/ _/ Telef?nica Distrito Telef?nica _/ _/_/_/ _/ _/ Investigaci?n y Edifico Oeste 1, Planta 9 _/ _/ _/ _/ Desarrollo Ronda de la Comunicaci?n S/N _/ _/_/ 28050 Madrid (Spain) Tel: (+34) 91 483 26 77 e-mail: mcp at tid.es Follow FI-WARE on the net Website: http://www.fi-ware.eu Facebook: http://www.facebook.com/pages/FI-WARE/251366491587242 Twitter: http://twitter.com/Fiware LinkedIn: http://www.linkedin.com/groups/FIWARE-4239932 ---------------------------------------------------------------------- ________________________________ Este mensaje se dirige exclusivamente a su destinatario. Puede consultar nuestra pol?tica de env?o y recepci?n de correo electr?nico en el enlace situado m?s abajo. This message is intended exclusively for its addressee. We only send and receive email on the basis of the terms set out at. http://www.tid.es/ES/PAGINAS/disclaimer.aspx -------------- next part -------------- An HTML attachment was scrubbed... URL: From antonio.garcia at atosresearch.eu Thu Jul 26 12:10:57 2012 From: antonio.garcia at atosresearch.eu (Antonio Garcia Vazquez) Date: Thu, 26 Jul 2012 12:10:57 +0200 Subject: [Fiware-security] Review of more deliverables In-Reply-To: <12505_1343290375_5010FC07_12505_6609_1_2cab16aa-10cb-480e-b653-5c868de4030e@THSONEA01HUB01P.one.grp> References: <12505_1343290375_5010FC07_12505_6609_1_2cab16aa-10cb-480e-b653-5c868de4030e@THSONEA01HUB01P.one.grp> Message-ID: <8E18929A6C79354FB4BD9BD4636DCB06CF00DE@INTMAIL03.es.int.atosorigin.com> Pascal, - I?ve updated wiki page according with the comments on column ?User and Programmers Guide? - Regarding with comments on column ?Installation & Administration Guides?. Can you ask them to clarify what an End to End test should be for TID?. According with the template: This is basically quick testing to check that everything is up and running. It may be composed of a single test or a few of them. E.g.: login on a web site and doing a basic query on a web form or API (provide URL and user/password) It is supposed to be enough to login on the local management tool and validate the main OSSIM options are accessible to the user (and I?m reviewing the information uploaded in that direction). In case of some additional information is needed I?d appreciated any guide they could provide. - Finally, please notice that they?re providing references to a Generic Enablers with more than one implementation guide in their comments about wiki structure & component?s naming. I suppose that you?ve already clarify TID that MulVAL Attack Paths Engine & Service-Level-SIEM are not different implementations of a GE but components of the same one (Security monitoring GE), but it seems that they do not understood this point. Best Regards ************************************ * Antonio Garc?a-V?zquez * * (+34) 91 214 9384 * * antonio.garcia at atosresearch.eu * ************************************ From: BISSON Pascal [mailto:pascal.bisson at thalesgroup.com] Sent: jueves, 26 de julio de 2012 10:13 To: GIDOIN Daniel; Antonio Garcia Vazquez; Seidl, Robert (NSN - DE/Munich); Wolfgang.Steigerwald at telekom.de; Meyer, Gerald (NSN - DE/Munich); DI CERBO, Francesco; TRABELSI, Slim; Rodrigo Diaz Rodriguez; GASPARD Lucie Cc: BISSON Pascal; LELEU Philippe; fiware-security at lists.fi-ware.eu; MUSARAJ Kreshnik Subject: TR: Review of more deliverables Importance: High Dear Colleagues, (IMPORTANT EMAIL ? SO PLEASE READ CAREFULLY & PERFORM THE REQUESTED ACTIONS) Here is the TID review report of Instal & Admin manual and User and Programmer's manual of our Security Chapter (aka D8.3.1 & D8.4.1). As you will see once more it is not good in the sense there are a number of issues that if not corrected by each of you would lead to rejection of our deliverables by TID and also rejection of some our costs as per penalties TID as announced. According to the attached review report the content you put to Unit Test Plan & Reporting for the GE you own is rejected for both Instal & Admin manual and User and Programmer's manual (with one exception for DB Anonimyzer where content for Install & Admin is rejected but content for User & Programmers guide is accepted) Security Monitoring GE (Thales -> Daniel & al) rejected for both deliverables ! Identity Management GE (NSN - DT -> Robert & Wolfgang) rejected for both deliverables ! Data Handling GE (SAP -> Slim) rejected for both deliverables ! DB Anonimyzer GE (SAP -> Francesco) -> rejected Install & Admin ! (but ok for User & Programmers guide) Secure Storage Service (Thales -> Lucie) -> Rejected for both deliverables ! So please Daniel, Robert, Wolfgang, Slim, Francesco and Lucie look at the issues and add the necessary corrections for your content to both D8.3a and D8.4a to give a chance to these deliverables to be accepted. Bear in mind the ultimate deadline to have them fixed is July 27th EOB as per decision taken by CA at last WPL/WPA. But to a on the safe side and did some review of the fixes it could be appropriate to have them fixed by today EOB. In any case here is what is stated in the minutes of Monday 23 WPL/WPA audio and that you should have in mind as the contract: Installation and Admin guides Results of this check will be provided by July 25. As a result of this checking, the guides can be: ? Accepted ? rejected with a deadline on July 27th EOB to fix a number of identified issues Cost rejection measurements will be applied to GE owners failing to deliver the guides by July 27th EOB. Installation and Administration Guides which do not contain the mandatory sections established in the defined guidelines will be rejected. Several partners express objections to the request for the delivery of the Installation and Admin Guide in the case of GEs offered ?As a Service?. These need to be provided at least for auditing purposes. Users? and Programmers? Guide TID will check provided guides and will check whether they fulfill the defined guidelines at: https://forge.fi-ware.eu/plugins/mediawiki/wiki/fi-ware-private/index.php/ FiwareDeliverables Results of this check will be provided by July 25. As a result of this checking, the guides can be: ? accepted ? rejected with a deadline on July 27th EOB to fix a number of identified issues Cost rejection measurements will be applied to GE owners failing to deliver the guides by July 27th EOB. Last but not I?d like also to draw your attention to points stated in Miguel?s emails and some of you would also have to address: * General comment for all WPs: there are many GEs in some WP with an "Installation and Administration Guide" that is an installation manual only. Giving the need to deliver at once, we will not try to fix it immediately. After the delivery we will provide a deadline to address it and provide the administration part. Of course, the impact on the cost reporting could be affected by this. * This applies to part of the WPs only. The case of the Install and Admin Guides of GEs offered as a Service of nature PP the partner has to provide proper guides (what is needed by the administrator of the machine where it is running at your company ). This will given to the EC upon request and it will protected somehow (account/password, IP filtering, ...). In the deliverables at the end of the month we will provide simply a text stating that. We would give the manuals+binaries afterwards and only if they ask for it. * Please ALL to whom it applies please address. Counting on you all to have the issues for your GE fixed the sooner the better and according to the set and final deadline. Please acknowledge receipt of this email and let me know and Daniel once the issues have been fixed. As usual the sooner the better. Hearing from you BR Pascal De : Miguel Carrillo [mailto:mcp at tid.es] Envoy? : mercredi 25 juillet 2012 20:09 ? : BISSON Pascal; GIDOIN Daniel Cc : JUAN JOSE HIERRO SUREDA Objet : Review of more deliverables Dear Pascal, This is my review for the Instal & Admin l manual and also for the User and Programmer's manual. The problematic things are marked in light blue. Please be aware that you have a very short time to react so let your partners know ASAP. A few comments: * Things to be addressed are highlighted in blue. * Note that my review is "formal" (formats, structure, consistency, reasonable aspect) but the coordination (Juanjo) may add comments of a more technical nature afterwards. So an "ok" from me does not necessarily means a final approval by the project coordination. * General comment for all WPs: there are many GEs in some WP with an "Installation and Administration Guide" that is an installation manual only. Giving the need to deliver at once, we will not try to fix it immediately. After the delivery we will provide a deadline to address it and provide the administration part. Of course, the impact on the cost reporting could be affected by this. * This applies to part of the WPs only. The case of the Install and Admin Guides of GEs offered as a Service of nature PP the partner has to provide proper guides (what is needed by the administrator of the machine where it is running at your company ). This will given to the EC upon request and it will protected somehow (account/password, IP filtering, ...). In the deliverables at the end of the month we will provide simply a text stating that. We would give the manuals+binaries afterwards and only if they ask for it. I'd appreciate it if you could confirm what GEs are going to be provided as a Service (not to install on the testbed) in July. Theoretically this is in the testbed wiki but things change too fast and I prefer to ask you. Best regards, Miguel -- ---------------------------------------------------------------------- _/ _/_/ Miguel Carrillo Pacheco _/ _/ _/ _/ Telef?nica Distrito Telef?nica _/ _/_/_/ _/ _/ Investigaci?n y Edifico Oeste 1, Planta 9 _/ _/ _/ _/ Desarrollo Ronda de la Comunicaci?n S/N _/ _/_/ 28050 Madrid (Spain) Tel: (+34) 91 483 26 77 e-mail: mcp at tid.es Follow FI-WARE on the net Website: http://www.fi-ware.eu Facebook: http://www.facebook.com/pages/FI-WARE/251366491587242 Twitter: http://twitter.com/Fiware LinkedIn: http://www.linkedin.com/groups/FIWARE-4239932 ---------------------------------------------------------------------- ________________________________ Este mensaje se dirige exclusivamente a su destinatario. Puede consultar nuestra pol?tica de env?o y recepci?n de correo electr?nico en el enlace situado m?s abajo. This message is intended exclusively for its addressee. We only send and receive email on the basis of the terms set out at. http://www.tid.es/ES/PAGINAS/disclaimer.aspx ------------------------------------------------------------------ This e-mail and the documents attached are confidential and intended solely for the addressee; it may also be privileged. If you receive this e-mail in error, please notify the sender immediately and destroy it. As its integrity cannot be secured on the Internet, the Atos group liability cannot be triggered for the message content. Although the sender endeavours to maintain a computer virus-free network, the sender does not warrant that this transmission is virus-free and will not be liable for any damages resulting from any virus transmitted. Este mensaje y los ficheros adjuntos pueden contener informacion confidencial destinada solamente a la(s) persona(s) mencionadas anteriormente pueden estar protegidos por secreto profesional. Si usted recibe este correo electronico por error, gracias por informar inmediatamente al remitente y destruir el mensaje. Al no estar asegurada la integridad de este mensaje sobre la red, Atos no se hace responsable por su contenido. Su contenido no constituye ningun compromiso para el grupo Atos, salvo ratificacion escrita por ambas partes. Aunque se esfuerza al maximo por mantener su red libre de virus, el emisor no puede garantizar nada al respecto y no sera responsable de cualesquiera danos que puedan resultar de una transmision de virus. ------------------------------------------------------------------ -------------- next part -------------- An HTML attachment was scrubbed... URL: From pascal.bisson at thalesgroup.com Thu Jul 26 12:17:17 2012 From: pascal.bisson at thalesgroup.com (BISSON Pascal) Date: Thu, 26 Jul 2012 12:17:17 +0200 Subject: [Fiware-security] Review of more deliverables In-Reply-To: <8E18929A6C79354FB4BD9BD4636DCB06CF00DE@INTMAIL03.es.int.atosorigin.com> References: <12505_1343290375_5010FC07_12505_6609_1_2cab16aa-10cb-480e-b653-5c868de4030e@THSONEA01HUB01P.one.grp> <8E18929A6C79354FB4BD9BD4636DCB06CF00DE@INTMAIL03.es.int.atosorigin.com> Message-ID: <19358_1343297843_50111933_19358_6936_1_b94cbaef-03b8-47e5-96fe-e78f89b34d89@THSONEA01HUB03P.one.grp> Point 1 ? Thanks for yuor upate Point 2 ? I will ask for clarification Point 3 - I noticed it also and will definitely clarify (my hope) from their side Thanks and stay tuned. BR Pascal De : Antonio Garcia Vazquez [mailto:antonio.garcia at atosresearch.eu] Envoy? : jeudi 26 juillet 2012 12:11 ? : BISSON Pascal; GIDOIN Daniel; Seidl, Robert (NSN - DE/Munich); Wolfgang.Steigerwald at telekom.de; Meyer, Gerald (NSN - DE/Munich); DI CERBO, Francesco; TRABELSI, Slim; Rodrigo Diaz Rodriguez; GASPARD Lucie Cc : LELEU Philippe; fiware-security at lists.fi-ware.eu; MUSARAJ Kreshnik Objet : RE: Review of more deliverables Pascal, - I?ve updated wiki page according with the comments on column ?User and Programmers Guide? - Regarding with comments on column ?Installation & Administration Guides?. Can you ask them to clarify what an End to End test should be for TID?. According with the template: This is basically quick testing to check that everything is up and running. It may be composed of a single test or a few of them. E.g.: login on a web site and doing a basic query on a web form or API (provide URL and user/password) It is supposed to be enough to login on the local management tool and validate the main OSSIM options are accessible to the user (and I?m reviewing the information uploaded in that direction). In case of some additional information is needed I?d appreciated any guide they could provide. - Finally, please notice that they?re providing references to a Generic Enablers with more than one implementation guide in their comments about wiki structure & component?s naming. I suppose that you?ve already clarify TID that MulVAL Attack Paths Engine & Service-Level-SIEM are not different implementations of a GE but components of the same one (Security monitoring GE), but it seems that they do not understood this point. Best Regards ************************************ * Antonio Garc?a-V?zquez * * (+34) 91 214 9384 * * antonio.garcia at atosresearch.eu * ************************************ From: BISSON Pascal [mailto:pascal.bisson at thalesgroup.com] Sent: jueves, 26 de julio de 2012 10:13 To: GIDOIN Daniel; Antonio Garcia Vazquez; Seidl, Robert (NSN - DE/Munich); Wolfgang.Steigerwald at telekom.de; Meyer, Gerald (NSN - DE/Munich); DI CERBO, Francesco; TRABELSI, Slim; Rodrigo Diaz Rodriguez; GASPARD Lucie Cc: BISSON Pascal; LELEU Philippe; fiware-security at lists.fi-ware.eu; MUSARAJ Kreshnik Subject: TR: Review of more deliverables Importance: High Dear Colleagues, (IMPORTANT EMAIL ? SO PLEASE READ CAREFULLY & PERFORM THE REQUESTED ACTIONS) Here is the TID review report of Instal & Admin manual and User and Programmer's manual of our Security Chapter (aka D8.3.1 & D8.4.1). As you will see once more it is not good in the sense there are a number of issues that if not corrected by each of you would lead to rejection of our deliverables by TID and also rejection of some our costs as per penalties TID as announced. According to the attached review report the content you put to Unit Test Plan & Reporting for the GE you own is rejected for both Instal & Admin manual and User and Programmer's manual (with one exception for DB Anonimyzer where content for Install & Admin is rejected but content for User & Programmers guide is accepted) Security Monitoring GE (Thales -> Daniel & al) rejected for both deliverables ! Identity Management GE (NSN - DT -> Robert & Wolfgang) rejected for both deliverables ! Data Handling GE (SAP -> Slim) rejected for both deliverables ! DB Anonimyzer GE (SAP -> Francesco) -> rejected Install & Admin ! (but ok for User & Programmers guide) Secure Storage Service (Thales -> Lucie) -> Rejected for both deliverables ! So please Daniel, Robert, Wolfgang, Slim, Francesco and Lucie look at the issues and add the necessary corrections for your content to both D8.3a and D8.4a to give a chance to these deliverables to be accepted. Bear in mind the ultimate deadline to have them fixed is July 27th EOB as per decision taken by CA at last WPL/WPA. But to a on the safe side and did some review of the fixes it could be appropriate to have them fixed by today EOB. In any case here is what is stated in the minutes of Monday 23 WPL/WPA audio and that you should have in mind as the contract: Installation and Admin guides Results of this check will be provided by July 25. As a result of this checking, the guides can be: ? Accepted ? rejected with a deadline on July 27th EOB to fix a number of identified issues Cost rejection measurements will be applied to GE owners failing to deliver the guides by July 27th EOB. Installation and Administration Guides which do not contain the mandatory sections established in the defined guidelines will be rejected. Several partners express objections to the request for the delivery of the Installation and Admin Guide in the case of GEs offered ?As a Service?. These need to be provided at least for auditing purposes. Users? and Programmers? Guide TID will check provided guides and will check whether they fulfill the defined guidelines at: https://forge.fi-ware.eu/plugins/mediawiki/wiki/fi-ware-private/index.php/ FiwareDeliverables Results of this check will be provided by July 25. As a result of this checking, the guides can be: ? accepted ? rejected with a deadline on July 27th EOB to fix a number of identified issues Cost rejection measurements will be applied to GE owners failing to deliver the guides by July 27th EOB. Last but not I?d like also to draw your attention to points stated in Miguel?s emails and some of you would also have to address: * General comment for all WPs: there are many GEs in some WP with an "Installation and Administration Guide" that is an installation manual only. Giving the need to deliver at once, we will not try to fix it immediately. After the delivery we will provide a deadline to address it and provide the administration part. Of course, the impact on the cost reporting could be affected by this. * This applies to part of the WPs only. The case of the Install and Admin Guides of GEs offered as a Service of nature PP the partner has to provide proper guides (what is needed by the administrator of the machine where it is running at your company ). This will given to the EC upon request and it will protected somehow (account/password, IP filtering, ...). In the deliverables at the end of the month we will provide simply a text stating that. We would give the manuals+binaries afterwards and only if they ask for it. * Please ALL to whom it applies please address. Counting on you all to have the issues for your GE fixed the sooner the better and according to the set and final deadline. Please acknowledge receipt of this email and let me know and Daniel once the issues have been fixed. As usual the sooner the better. Hearing from you BR Pascal De : Miguel Carrillo [mailto:mcp at tid.es] Envoy? : mercredi 25 juillet 2012 20:09 ? : BISSON Pascal; GIDOIN Daniel Cc : JUAN JOSE HIERRO SUREDA Objet : Review of more deliverables Dear Pascal, This is my review for the Instal & Admin l manual and also for the User and Programmer's manual. The problematic things are marked in light blue. Please be aware that you have a very short time to react so let your partners know ASAP. A few comments: * Things to be addressed are highlighted in blue. * Note that my review is "formal" (formats, structure, consistency, reasonable aspect) but the coordination (Juanjo) may add comments of a more technical nature afterwards. So an "ok" from me does not necessarily means a final approval by the project coordination. * General comment for all WPs: there are many GEs in some WP with an "Installation and Administration Guide" that is an installation manual only. Giving the need to deliver at once, we will not try to fix it immediately. After the delivery we will provide a deadline to address it and provide the administration part. Of course, the impact on the cost reporting could be affected by this. * This applies to part of the WPs only. The case of the Install and Admin Guides of GEs offered as a Service of nature PP the partner has to provide proper guides (what is needed by the administrator of the machine where it is running at your company ). This will given to the EC upon request and it will protected somehow (account/password, IP filtering, ...). In the deliverables at the end of the month we will provide simply a text stating that. We would give the manuals+binaries afterwards and only if they ask for it. I'd appreciate it if you could confirm what GEs are going to be provided as a Service (not to install on the testbed) in July. Theoretically this is in the testbed wiki but things change too fast and I prefer to ask you. Best regards, Miguel -- ---------------------------------------------------------------------- _/ _/_/ Miguel Carrillo Pacheco _/ _/ _/ _/ Telef?nica Distrito Telef?nica _/ _/_/_/ _/ _/ Investigaci?n y Edifico Oeste 1, Planta 9 _/ _/ _/ _/ Desarrollo Ronda de la Comunicaci?n S/N _/ _/_/ 28050 Madrid (Spain) Tel: (+34) 91 483 26 77 e-mail: mcp at tid.es Follow FI-WARE on the net Website: http://www.fi-ware.eu Facebook: http://www.facebook.com/pages/FI-WARE/251366491587242 Twitter: http://twitter.com/Fiware LinkedIn: http://www.linkedin.com/groups/FIWARE-4239932 ---------------------------------------------------------------------- ________________________________ Este mensaje se dirige exclusivamente a su destinatario. Puede consultar nuestra pol?tica de env?o y recepci?n de correo electr?nico en el enlace situado m?s abajo. This message is intended exclusively for its addressee. We only send and receive email on the basis of the terms set out at. http://www.tid.es/ES/PAGINAS/disclaimer.aspx ------------------------------------------------------------------ This e-mail and the documents attached are confidential and intended solely for the addressee; it may also be privileged. If you receive this e-mail in error, please notify the sender immediately and destroy it. As its integrity cannot be secured on the Internet, the Atos group liability cannot be triggered for the message content. Although the sender endeavours to maintain a computer virus-free network, the sender does not warrant that this transmission is virus-free and will not be liable for any damages resulting from any virus transmitted. Este mensaje y los ficheros adjuntos pueden contener informacion confidencial destinada solamente a la(s) persona(s) mencionadas anteriormente pueden estar protegidos por secreto profesional. Si usted recibe este correo electronico por error, gracias por informar inmediatamente al remitente y destruir el mensaje. Al no estar asegurada la integridad de este mensaje sobre la red, Atos no se hace responsable por su contenido. Su contenido no constituye ningun compromiso para el grupo Atos, salvo ratificacion escrita por ambas partes. Aunque se esfuerza al maximo por mantener su red libre de virus, el emisor no puede garantizar nada al respecto y no sera responsable de cualesquiera danos que puedan resultar de una transmision de virus. ------------------------------------------------------------------ -------------- next part -------------- An HTML attachment was scrubbed... URL: From pascal.bisson at thalesgroup.com Thu Jul 26 16:05:04 2012 From: pascal.bisson at thalesgroup.com (BISSON Pascal) Date: Thu, 26 Jul 2012 16:05:04 +0200 Subject: [Fiware-security] FI-WARE - D8.5a (PDF Version) Message-ID: <12505_1343311524_50114EA4_12505_11348_1_c4911cbf-08a8-423f-b9cb-9b61c887f106@THSONEA01HUB02P.one.grp> Dear All, PDF Version of our Deliverable D8.5a Unit Test Plan & Reporting has been produced and is attached to this email. This for your information & check (especially the one of Task leads and GE owners who contributed to this deliverable) before official delivery to TID by EOB today. Please react before 5:30pm. Thanks in advance. Best Regards, PS: I joined the Unit Testing Report at the end PDF verison of our document as requested by TID. -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: D8.5a.pdf Type: application/pdf Size: 3751261 bytes Desc: D8.5a.pdf URL: From antonio.garcia at atosresearch.eu Thu Jul 26 16:49:55 2012 From: antonio.garcia at atosresearch.eu (Antonio Garcia Vazquez) Date: Thu, 26 Jul 2012 16:49:55 +0200 Subject: [Fiware-security] FI-WARE - D8.5a (PDF Version) Message-ID: <8E18929A6C79354FB4BD9BD4636DCB06CF01DF@INTMAIL03.es.int.atosorigin.com> Pascal, Regarding Unit Testing Report tables included. I believe that tests from components belonging to Security Monitoring GE should be all together in the same table with the appropriated tile (their currently under Generic Enabler title) Best Regards ************************************ * Antonio Garc?a-V?zquez * * (+34) 91 214 9384 * * antonio.garcia at atosresearch.eu * ************************************ From: fiware-security-bounces at lists.fi-ware.eu [mailto:fiware-security-bounces at lists.fi-ware.eu] On Behalf Of BISSON Pascal Sent: jueves, 26 de julio de 2012 16:05 To: fiware-security at lists.fi-ware.eu Subject: [Fiware-security] FI-WARE - D8.5a (PDF Version) Importance: High Dear All, PDF Version of our Deliverable D8.5a Unit Test Plan & Reporting has been produced and is attached to this email. This for your information & check (especially the one of Task leads and GE owners who contributed to this deliverable) before official delivery to TID by EOB today. Please react before 5:30pm. Thanks in advance. Best Regards, PS: I joined the Unit Testing Report at the end PDF verison of our document as requested by TID. ------------------------------------------------------------------ This e-mail and the documents attached are confidential and intended solely for the addressee; it may also be privileged. If you receive this e-mail in error, please notify the sender immediately and destroy it. As its integrity cannot be secured on the Internet, the Atos group liability cannot be triggered for the message content. Although the sender endeavours to maintain a computer virus-free network, the sender does not warrant that this transmission is virus-free and will not be liable for any damages resulting from any virus transmitted. Este mensaje y los ficheros adjuntos pueden contener informacion confidencial destinada solamente a la(s) persona(s) mencionadas anteriormente pueden estar protegidos por secreto profesional. Si usted recibe este correo electronico por error, gracias por informar inmediatamente al remitente y destruir el mensaje. Al no estar asegurada la integridad de este mensaje sobre la red, Atos no se hace responsable por su contenido. Su contenido no constituye ningun compromiso para el grupo Atos, salvo ratificacion escrita por ambas partes. Aunque se esfuerza al maximo por mantener su red libre de virus, el emisor no puede garantizar nada al respecto y no sera responsable de cualesquiera danos que puedan resultar de una transmision de virus. ------------------------------------------------------------------ -------------- next part -------------- An HTML attachment was scrubbed... URL: From antgarciav at yahoo.es Mon Jul 9 08:23:00 2012 From: antgarciav at yahoo.es (=?utf-8?B?QW50b25pbyBHYXJjw61hIFbDoXpxdWV6?=) Date: Mon, 09 Jul 2012 06:23:00 -0000 Subject: [Fiware-security] [FI-WARE security] bacl log & tracker Message-ID: <1341814979.94183.YahooMailNeo@web29018.mail.ird.yahoo.com> Pascal, I'm Antonio from ATOS. Im having some problems with ATOS e-mail. I'm writting to tell you that Backlog entries & tracker depending from ATOS are already updated. ? I?ve included new entries related to Context-based security & compliance, USDL-SEC & SIEM-OSSIM. ? As items related with the last two topics should be revised by Daniel and Slim or Francesco; I wiil? also notify them the situation. ? Best Regards. ? *************************************????? Antonio Garc?a-V?zquez????? * *??????? (+34) 91 214 9384???????? * *? antonio.garcia at atosresearch.eu?* ************************************ -------------- next part -------------- An HTML attachment was scrubbed... URL: From pascal.bisson at thalesgroup.com Thu Jul 26 17:57:18 2012 From: pascal.bisson at thalesgroup.com (BISSON Pascal) Date: Thu, 26 Jul 2012 17:57:18 +0200 Subject: [Fiware-security] FI-WARE - D8.5a (PDF Version) In-Reply-To: References: Message-ID: <14223_1343318250_501168EA_14223_4351_1_f7191dcf-c9b3-486c-b916-15dc960f8583@THSONEA01HUB02P.one.grp> Dear All, Find attached to this email an update of our deliverable D8.5a to integrate some changes introduced by DT in the meantime. BR Pascal De : BISSON Pascal Envoy? : jeudi 26 juillet 2012 16:05 ? : fiware-security at lists.fi-ware.eu Cc : BISSON Pascal; GIDOIN Daniel Objet : FI-WARE - D8.5a (PDF Version) Importance : Haute Dear All, PDF Version of our Deliverable D8.5a Unit Test Plan & Reporting has been produced and is attached to this email. This for your information & check (especially the one of Task leads and GE owners who contributed to this deliverable) before official delivery to TID by EOB today. Please react before 5:30pm. Thanks in advance. Best Regards, PS: I joined the Unit Testing Report at the end PDF verison of our document as requested by TID. -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: D8.5a.pdf Type: application/pdf Size: 3801051 bytes Desc: D8.5a.pdf URL: From pascal.bisson at thalesgroup.com Thu Jul 26 18:14:36 2012 From: pascal.bisson at thalesgroup.com (BISSON Pascal) Date: Thu, 26 Jul 2012 18:14:36 +0200 Subject: [Fiware-security] TR: FI-WARE - D8.5a (PDF Version) In-Reply-To: <5011644E.9090801@tid.es> References: <14223_1343311834_50114FD9_14223_1966_1_9996bcbd-30f5-47e4-8009-65f6f73629f7@THSONEA01HUB02P.one.grp> <5011644E.9090801@tid.es> Message-ID: <16440_1343319290_50116CFA_16440_4609_1_61f43183-7dcf-49d1-bda0-bf18bc93c21b@THSONEA01HUB06P.one.grp> Dear Miguel, Find attached an update of D8.5a integrating some minor changes introduced by DT. Unfortunately now and due to personal constraints I have to leave but will continue together with the other PDFs. Best Regards, Pascal De : Miguel Carrillo [mailto:mcp at tid.es] Envoy? : jeudi 26 juillet 2012 17:38 ? : BISSON Pascal Cc : GIDOIN Daniel; JUAN JOSE HIERRO SUREDA Objet : Re: TR: FI-WARE - D8.5a (PDF Version) Dear Pascal, Deadlines of 90 minutes are not reasonable, there is a lot of work and messages to read and answer and you cannot decide my priorities. Best regards, Miguel El 26/07/2012 16:10, BISSON Pascal escribi?: Dear Miguel, For you information and pre-check before official release (without answer from your side by 5:30 today we will assume it is fine). Also let me know if we do still to do other things for what concerns D8.5a release as per today which was by the way the set deadline to have things delivered. PS: Please note that I added at the end of this document the Unit Testing Report as requested in the Guidelines provided for D8.5a. PS2: As for where to put upload these Unit Testing Report please let us know where if we still have to De : BISSON Pascal Envoy? : jeudi 26 juillet 2012 16:05 ? : fiware-security at lists.fi-ware.eu Cc : BISSON Pascal; GIDOIN Daniel Objet : FI-WARE - D8.5a (PDF Version) Importance : Haute Dear All, PDF Version of our Deliverable D8.5a Unit Test Plan & Reporting has been produced and is attached to this email. This for your information & check (especially the one of Task leads and GE owners who contributed to this deliverable) before official delivery to TID by EOB today. Please react before 5:30pm. Thanks in advance. Best Regards, PS: I joined the Unit Testing Report at the end PDF verison of our document as requested by TID. -- ---------------------------------------------------------------------- _/ _/_/ Miguel Carrillo Pacheco _/ _/ _/ _/ Telef?nica Distrito Telef?nica _/ _/_/_/ _/ _/ Investigaci?n y Edifico Oeste 1, Planta 9 _/ _/ _/ _/ Desarrollo Ronda de la Comunicaci?n S/N _/ _/_/ 28050 Madrid (Spain) Tel: (+34) 91 483 26 77 e-mail: mcp at tid.es Follow FI-WARE on the net Website: http://www.fi-ware.eu Facebook: http://www.facebook.com/pages/FI-WARE/251366491587242 Twitter: http://twitter.com/Fiware LinkedIn: http://www.linkedin.com/groups/FIWARE-4239932 ---------------------------------------------------------------------- ________________________________ Este mensaje se dirige exclusivamente a su destinatario. Puede consultar nuestra pol?tica de env?o y recepci?n de correo electr?nico en el enlace situado m?s abajo. This message is intended exclusively for its addressee. We only send and receive email on the basis of the terms set out at. http://www.tid.es/ES/PAGINAS/disclaimer.aspx -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: D8.5a.pdf Type: application/pdf Size: 3801051 bytes Desc: D8.5a.pdf URL: From mcp at tid.es Fri Jul 27 09:31:42 2012 From: mcp at tid.es (Miguel Carrillo) Date: Fri, 27 Jul 2012 09:31:42 +0200 Subject: [Fiware-security] Installation on the Testbed and procedures Message-ID: <501243DE.3010807@tid.es> Dear all, As leader of the task D10.2 "FI-WARE Integration" and also from the coordination I'd like to make some clarifications of general interest. As you know, WP10 (Experimentation Support, Integrated Testing and Validation) has as main task the set-up and running of the FI-WARE Testbed. Given the importance of this goal, WP10 has a representative of each partner. This representative (not the WPL) should make sure that all people within his/her company are well informed of the situation and what we expect from them in the Testbed and the experimentation stage. Several partners are not doing this work (in same cases never attended the WP10 phc) and the project coordination is receiving complaints as many people don't seem to be well informed. We sometimes resort to the WPL to help here, but this is not the "official" channel. I will try to recap to give all the consortium an overview of the situation and what we need from you. GENERAL INFO * The Testbed Team is starting to send the details on how to install the testbed to the GE owners who declared that they are going to install their GE in July * Theoretically you should install your GE yourselves but we can give a hand deploying a KVM image for those who prefer this method (other hypervisors are not supported) * The GE owner is the one who administrates and maintains the GE, not the testbed team. If something goes wrong, he/she has to put it up and running again, the WP10 will only monitor the situation and will prompt about abnormal behaviour of the GE . * We have two tools to follow this up: * Implementation cockpit: https://forge.fi-ware.eu/plugins/mediawiki/wiki/testbed/index.php/Testbed_V1_Implementation_Cockpit * Integration Tracker : https://forge.fi-ware.eu/tracker/?atid=224&group_id=18&func=browse * Each release of each GE is represented by a ticket * The use of this is explained here: https://forge.fi-ware.eu/plugins/mediawiki/wiki/testbed/index.php/Testbed_V1_Integration_Plan#Integration_Process * If you do not have access to the testbed project and cannot reach this wiki and the tracker, request access following the standard procedure REQUESTS FOR GE OWNERS * We have an installation calendar. Please fill in the responsible person per GE and state the dates when you could install * http://www.doodle.com/bymgm9h9gnbfms8k * Fill the GE template in the Testbed Cockpit (https://forge.fi-ware.eu/plugins/mediawiki/wiki/testbed/index.php/Testbed_V1_Implementation_Cockpit ) declaring if the GE is multi-tenant or not (this deeply affects the GE usage by different Use case projects at the same time) * The access to the Testbed is limited per IP. Make sure that the IPs from which you are going to access the Testbed are listed here (if not, you will not be able to enter the testbed): * https://forge.fi-ware.eu/plugins/mediawiki/wiki/testbed/index.php/Testbed_V1_Implementation_Cockpit (click on your enabler and see the wiki page with the details per enabler) * Alternatively, there is also a page that has company wide IPs (not particular to an enabler): https://forge.fi-ware.eu/plugins/mediawiki/wiki/testbed/index.php/Testbed_V1_Operations_Cockpit * Make sure that when you install your GE, you update the corresponding ticket on the Integration tracker and also the Implementation cockpit. Best regards, Miguel -- ---------------------------------------------------------------------- _/ _/_/ Miguel Carrillo Pacheco _/ _/ _/ _/ Telef?nica Distrito Telef?nica _/ _/_/_/ _/ _/ Investigaci?n y Edifico Oeste 1, Planta 9 _/ _/ _/ _/ Desarrollo Ronda de la Comunicaci?n S/N _/ _/_/ 28050 Madrid (Spain) Tel: (+34) 91 483 26 77 e-mail: mcp at tid.es Follow FI-WARE on the net Website: http://www.fi-ware.eu Facebook: http://www.facebook.com/pages/FI-WARE/251366491587242 Twitter: http://twitter.com/Fiware LinkedIn: http://www.linkedin.com/groups/FIWARE-4239932 ---------------------------------------------------------------------- ________________________________ Este mensaje se dirige exclusivamente a su destinatario. Puede consultar nuestra pol?tica de env?o y recepci?n de correo electr?nico en el enlace situado m?s abajo. This message is intended exclusively for its addressee. We only send and receive email on the basis of the terms set out at. http://www.tid.es/ES/PAGINAS/disclaimer.aspx -------------- next part -------------- An HTML attachment was scrubbed... URL: From pascal.bisson at thalesgroup.com Fri Jul 27 09:55:12 2012 From: pascal.bisson at thalesgroup.com (BISSON Pascal) Date: Fri, 27 Jul 2012 09:55:12 +0200 Subject: [Fiware-security] FI-WARE Security - Audio conf of today (10am) - Confirmed Message-ID: <4684_1343375713_50124961_4684_15205_1_26ee433e-3798-46d3-a2b0-8fa5af558cc7@THSONEA01HUB02P.one.grp> Dear All, We will keep it but make it very short since we are all busy completing things to have deliverables be produced and hopefully accepted. In any case it 's worth to speak and all aspects. As to join: the details are the same as usual ... I will open it at 10am Talk with you there. BR Pascal -------------- next part -------------- An HTML attachment was scrubbed... URL: From pascal.bisson at thalesgroup.com Fri Jul 27 10:04:34 2012 From: pascal.bisson at thalesgroup.com (BISSON Pascal) Date: Fri, 27 Jul 2012 10:04:34 +0200 Subject: [Fiware-security] TR: [Fiware-wpl] Format of deliverable linked to software and Installation/Administration Guides of GEs marked as PP Message-ID: <4684_1343376276_50124B94_4684_15259_1_CBBCD6C304123F4AB23FAAE3055C8C0E0206D4AAC15E@THSONEA01CMS04P.one.grp> FYI De : fiware-wpl-bounces at lists.fi-ware.eu [mailto:fiware-wpl-bounces at lists.fi-ware.eu] De la part de Juanjo Hierro Envoy? : jeudi 26 juillet 2012 18:04 ? : fiware-wpl at lists.fi-ware.eu; fiware-wpa at lists.fi-ware.eu Objet : [Fiware-wpl] Format of deliverable linked to software and Installation/Administration Guides of GEs marked as PP Dear colleagues, As already announced, the software and Installation/Administration Guides of GEs marked as PP will be covered by the insertion of a page per GE that will be part of the corresponding WP deliverable. Following is the draft text of the page we plan to insert for your consideration in case you have any comments (please send them not just to me but with cc to Miguel): === - Software Release and Installation and Administration guide The GE will be offered as a service by the GE owner. Besides, the software release of the GE and the accompanying Installation and Administration guide are of PP dissemination level[1]. In accordance with the privacy restrictions requested by GE owner, both the software (binaries) and the Installation and Administration Guides were not reviewed by the FI-WARE coordinator or the Work Package leader and the responsibility for the quality and appropriateness of this part of the deliverables remain solely with the partner who is the GE owner. The software (binaries) and the Installation and Administration Guides are accessible to the EC for reviewing purposes on a remote server located at via ssh with user: EC and password to be disclaimed upon explicit request to the project coordinator. The partner who is the GE owner will govern this access. ________________________________ [1] Restricted to FI-PPP programme participants (including the Commission Services) upon request in writing, where access to the API is not sufficient for execution of a FI-PPP project. ==== The final version of this text, incorporating any comment you may have, will be provided to you in Word format by tomorrow. Best, -- Juanjo ------------- Product Development and Innovation (PDI) - Telefonica Digital website: www.tid.es email: jhierro at tid.es twitter: twitter.com/JuanjoHierro FI-WARE (European Future Internet Core Platform) Chief Architect You can follow FI-WARE at: website: http://www.fi-ware.eu facebook: http://www.facebook.com/pages/FI-WARE/251366491587242 twitter: http://twitter.com/FIware linkedIn: http://www.linkedin.com/groups/FIWARE-4239932 ________________________________ Este mensaje se dirige exclusivamente a su destinatario. Puede consultar nuestra pol?tica de env?o y recepci?n de correo electr?nico en el enlace situado m?s abajo. This message is intended exclusively for its addressee. We only send and receive email on the basis of the terms set out at. http://www.tid.es/ES/PAGINAS/disclaimer.aspx -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- An embedded and charset-unspecified text was scrubbed... Name: ATT00001.txt URL: From pascal.bisson at thalesgroup.com Fri Jul 27 17:50:15 2012 From: pascal.bisson at thalesgroup.com (BISSON Pascal) Date: Fri, 27 Jul 2012 17:50:15 +0200 Subject: [Fiware-security] TR: [Fiware-wpl] [Fiware-wpa] Format of deliverable linked to software and Installation/Administration Guides of GEs marked as PP Message-ID: <14716_1343404215_5012B8B7_14716_6273_1_CBBCD6C304123F4AB23FAAE3055C8C0E0206D525FD3C@THSONEA01CMS04P.one.grp> FYI. For you to read carefully to correctly deliver your contribution to Installation and Administration Guide (the one finalized on FI-WARE Private wiki) Take care it's a little bit tricky (between GE Public and GG PP). So check and do what is appropriate to your GE !!! Best Regards, Pascal De : fiware-wpl-bounces at lists.fi-ware.eu [mailto:fiware-wpl-bounces at lists.fi-ware.eu] De la part de Miguel Carrillo Envoy? : vendredi 27 juillet 2012 17:43 ? : fiware-wpl at lists.fi-ware.eu; fiware-wpa at lists.fi-ware.eu Objet : Re: [Fiware-wpl] [Fiware-wpa] Format of deliverable linked to software and Installation/Administration Guides of GEs marked as PP Dear all, We have received comments to the wording. Anyway, I uploaded the final version to the tutorial to make sure that we do not lean on emails and centralise it a bit. . https://forge.fi-ware.eu/plugins/mediawiki/wiki/fi-ware-private/index.php/FiwareDeliverables#Instructions_for_the_delivery_of_the_Installation_and_Administration_Guide BR Miguel El 27/07/2012 15:18, Miguel Carrillo escribi?: Dear all, Further to this message from Juanjo and after a reasonable wait for comments, I send the definite template that tries to be reasonable uniform with the wiki-generated pdf files. Fill in the part in yellow (note that there is also one in the header) and then place them in the installation guide in he place where you would have the part of the PP enabler if it was PU. This implies printing this out to pdf and using the pdf handling tool I mention in the manual to generate pdf deliverables (of course, if you can use another tool if you like). Best regards, Miguel El 26/07/2012 18:03, Juanjo Hierro escribi?: Dear colleagues, As already announced, the software and Installation/Administration Guides of GEs marked as PP will be covered by the insertion of a page per GE that will be part of the corresponding WP deliverable. Following is the draft text of the page we plan to insert for your consideration in case you have any comments (please send them not just to me but with cc to Miguel): === - Software Release and Installation and Administration guide The GE will be offered as a service by the GE owner. Besides, the software release of the GE and the accompanying Installation and Administration guide are of PP dissemination level[1]. In accordance with the privacy restrictions requested by GE owner, both the software (binaries) and the Installation and Administration Guides were not reviewed by the FI-WARE coordinator or the Work Package leader and the responsibility for the quality and appropriateness of this part of the deliverables remain solely with the partner who is the GE owner. The software (binaries) and the Installation and Administration Guides are accessible to the EC for reviewing purposes on a remote server located at via ssh with user: EC and password to be disclaimed upon explicit request to the project coordinator. The partner who is the GE owner will govern this access. ________________________________ [1] Restricted to FI-PPP programme participants (including the Commission Services) upon request in writing, where access to the API is not sufficient for execution of a FI-PPP project. ==== The final version of this text, incorporating any comment you may have, will be provided to you in Word format by tomorrow. Best, -- Juanjo ------------- Product Development and Innovation (PDI) - Telefonica Digital website: www.tid.es email: jhierro at tid.es twitter: twitter.com/JuanjoHierro FI-WARE (European Future Internet Core Platform) Chief Architect You can follow FI-WARE at: website: http://www.fi-ware.eu facebook: http://www.facebook.com/pages/FI-WARE/251366491587242 twitter: http://twitter.com/FIware linkedIn: http://www.linkedin.com/groups/FIWARE-4239932 ________________________________ Este mensaje se dirige exclusivamente a su destinatario. Puede consultar nuestra pol?tica de env?o y recepci?n de correo electr?nico en el enlace situado m?s abajo. This message is intended exclusively for its addressee. We only send and receive email on the basis of the terms set out at. http://www.tid.es/ES/PAGINAS/disclaimer.aspx -- ---------------------------------------------------------------------- _/ _/_/ Miguel Carrillo Pacheco _/ _/ _/ _/ Telef?nica Distrito Telef?nica _/ _/_/_/ _/ _/ Investigaci?n y Edifico Oeste 1, Planta 9 _/ _/ _/ _/ Desarrollo Ronda de la Comunicaci?n S/N _/ _/_/ 28050 Madrid (Spain) Tel: (+34) 91 483 26 77 e-mail: mcp at tid.es Follow FI-WARE on the net Website: http://www.fi-ware.eu Facebook: http://www.facebook.com/pages/FI-WARE/251366491587242 Twitter: http://twitter.com/Fiware LinkedIn: http://www.linkedin.com/groups/FIWARE-4239932 ---------------------------------------------------------------------- ________________________________ Este mensaje se dirige exclusivamente a su destinatario. Puede consultar nuestra pol?tica de env?o y recepci?n de correo electr?nico en el enlace situado m?s abajo. This message is intended exclusively for its addressee. We only send and receive email on the basis of the terms set out at. http://www.tid.es/ES/PAGINAS/disclaimer.aspx -- ---------------------------------------------------------------------- _/ _/_/ Miguel Carrillo Pacheco _/ _/ _/ _/ Telef?nica Distrito Telef?nica _/ _/_/_/ _/ _/ Investigaci?n y Edifico Oeste 1, Planta 9 _/ _/ _/ _/ Desarrollo Ronda de la Comunicaci?n S/N _/ _/_/ 28050 Madrid (Spain) Tel: (+34) 91 483 26 77 e-mail: mcp at tid.es Follow FI-WARE on the net Website: http://www.fi-ware.eu Facebook: http://www.facebook.com/pages/FI-WARE/251366491587242 Twitter: http://twitter.com/Fiware LinkedIn: http://www.linkedin.com/groups/FIWARE-4239932 ---------------------------------------------------------------------- ________________________________ Este mensaje se dirige exclusivamente a su destinatario. Puede consultar nuestra pol?tica de env?o y recepci?n de correo electr?nico en el enlace situado m?s abajo. This message is intended exclusively for its addressee. We only send and receive email on the basis of the terms set out at. http://www.tid.es/ES/PAGINAS/disclaimer.aspx -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: PP binaries and admin guide deliverables.docx Type: application/vnd.openxmlformats-officedocument.wordprocessingml.document Size: 18555 bytes Desc: PP binaries and admin guide deliverables.docx URL: -------------- next part -------------- An embedded and charset-unspecified text was scrubbed... Name: ATT00001.txt URL: From pascal.bisson at thalesgroup.com Fri Jul 27 18:58:11 2012 From: pascal.bisson at thalesgroup.com (BISSON Pascal) Date: Fri, 27 Jul 2012 18:58:11 +0200 Subject: [Fiware-security] TR: FI-WARE - Security - D8.3a & D8.4a PDF releases Message-ID: <28414_1343408304_5012C8B0_28414_8512_1_CBBCD6C304123F4AB23FAAE3055C8C0E0206D525FE00@THSONEA01CMS04P.one.grp> FYI De : BISSON Pascal Envoy? : vendredi 27 juillet 2012 18:57 ? : Miguel Carrillo; JUAN JOSE HIERRO SUREDA Cc : BISSON Pascal; GIDOIN Daniel Objet : FI-WARE - Security - D8.3a & D8.4a PDF releases Dear Miguel, Dear Juanjo, Find attached to this email the release as PDF files of both D8.3a & D8.4a. Best Regards, Pascal -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: D8.3a.pdf Type: application/pdf Size: 1886302 bytes Desc: D8.3a.pdf URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: D8.4a.pdf Type: application/pdf Size: 4146513 bytes Desc: D8.4a.pdf URL: From pascal.bisson at thalesgroup.com Mon Jul 30 11:30:35 2012 From: pascal.bisson at thalesgroup.com (BISSON Pascal) Date: Mon, 30 Jul 2012 11:30:35 +0200 Subject: [Fiware-security] TR: [Fiware-wpl] Fwd: FI-WARE: extract executive summary draft review report Message-ID: <15753_1343640637_5016543D_15753_13251_1_CBBCD6C304123F4AB23FAAE3055C8C0E0206D5260473@THSONEA01CMS04P.one.grp> FYI De : fiware-wpl-bounces at lists.fi-ware.eu [mailto:fiware-wpl-bounces at lists.fi-ware.eu] De la part de Juanjo Hierro Envoy? : lundi 30 juillet 2012 10:59 ? : fiware-wpl at lists.fi-ware.eu; fiware-wpa at lists.fi-ware.eu Objet : [Fiware-wpl] Fwd: FI-WARE: extract executive summary draft review report Dear colleagues, We have just received the following extract of the executive summary draft review report. We haven't had time to review it. But certainly the review report is not as positive as we thought after the first year review meeting. Overall, it is worth to highlight that the project's assestment is: * Unsatisfactory progress (The project has failed to achieve key objectives and/or is not at all on schedule)" This, among other things, confirms us that the recent measurements put in place were required. Now, it's critical to demonstrate that we are going to deliver what was due and that the testbed will not get delayed. We'll come with additional comments later. Best regards, -- Juanjo -------- Original Message -------- Subject: FI-WARE: extract executive summary draft review report Date: Mon, 30 Jul 2012 08:42:05 +0000 From: To: , CC: , , Dear all, Below is an extract from the draft executive summary of the draft M12 review report. The extract may deviate from the executive summary in the final version of the review report. It is sent since it contains some information, e.g. about deliverable acceptance, that you may want to know asap. Best regards, Arian. ====================== The objectives of the project during this period remain unchanged, but are brought into sharp focus due to the delay of two months plus now apparent, and the critical need to release the complete and comprehensive Generic Enabler (GE) Open Specifications and accompanying reference code as soon as possible in order to not risk destabilizing the entire FI PPP. Many primary technical deliverables expected at M12 are not yet available, which is extremely poor progress given that they are some of the main achievements planned for Month 12 and create the first useable foundation for Use Cases projects to build upon. Compounding this failure is the poor quality and incompleteness of various technical deliverables; a quite astounding result given the resources available to the project. According to the Description of Work (DoW), the main achievements for this period should be the first version of the GE open specifications, software prototypes and related guidance material and test plan. Only the specifications were delivered so far. However, they are inadequate for communication and unified understanding with the Use Case projects, are not of the required quality to serve the needs of those projects, and do not provide sufficient basis for practical implementation by software developers - all of which are fundamental to the rationale for and objectives of FI-WARE. It is unclear in many of the GE specifications which are the reusable and commonly shared functions, and which usage areas across various sectors would utilize these GEs. There are also no details on the protocols that support interoperability with other GEs or third party products or how this interoperability would be achieved. Moreover, a consolidated and consistent presentation of the specifications is still missing. There is a lot of confusion about what the GEs really are, or meant to be, within the FI-WARE consortium, and most probably the UC projects, not to mention the world at large. They are a mixed bag, including functional descriptions, specifications of (not necessarily well-defined) technical functions, specification of access and other operational protocols, specification of access to other existing "modules"/"components"/"devices" and so on, specifications to enable interfaces between existing protocols, specifications to enable deployment of other collection of protocols as "engines", etc. As mentioned in the DoW, "GE Open Specifications will contain all the information required in order to build compliant products which can work as alternative implementations of GEs developed in FI-WARE and therefore may replace a GE implementation developed in FI-WARE within a particular FI-WARE Instance." However, given the current state of the GE deliverables, there are severe doubts about how a FI-WARE instance ("platform") could be built from the GEs without a massive amount of "imagination" and tweaking to make them work together. There are also severe doubts about how a "Future Internet Application" could be portable across different FI-WARE Instances that implement the (same set of?) GEs that the Future Internet Application relies on. The GEs as currently defined are not, by themselves, implementable in the sense of delivering a practical software solution ("platform"). This is compounded by the difficulty of understanding what is really meant by a "coherent" set of GEs. Some GEs seem to have closer inter-relationships than others. Notwithstanding the (useful) clarifications and information orally provided at the review meeting, the inadequate and indeed scarce information within these specifications and the discrepancies between the Technical Roadmap and the available GE contents lead the reviewers to cast doubts on the project achievement so far, and its prospect. FI-WARE failed to meet its milestones for Month 12. Given the above, technical progress of the project for the first year is unacceptable. Moreover, any further delay is likely to significantly risk integrity of the entire FI-PPP and the smooth transition to Phase 2. The consortium made a generally positive and concerted effort so far as the review meeting is concerned. It presented itself as a credible team. The verbal presentations made at the meeting were typically more informative and explanatory than the written deliverables would lead readers to expect (some material within the presentation, such as the matrix of use cases using GEs, is highly appreciated by the reviewers). With evident technical capability, but lack of timely and quality delivery, managerial action is an absolute and urgent must for an accelerated FI-WARE recovery, and to ensure that the FI-PPP programme will deliver meaningful innovations. Collaboration with Use Case projects appears to be improving markedly thanks to key face-to-face training weeks, and enhancements to the way the Fusion Forge system is managed. However, there are still significant issues concerning the processing and documentation of the requirements/backlogs. A main conclusion from the review is that the Use Cases requirements are still not considered as high priority by FI-WARE. Feedback from Use Case projects, including implications for the technology perspective and choices made by FI-WARE, should be (more visibly) taken into account and demonstrated as such. Traceability is crucial for the credibility of the FI-WARE technical deliverables and uptake beyond the consortium; and accountability is required to justify financing from the public purse. The recently conducted architecture training weeks should be used as a stepping stone towards building an FI-PPP "culture" between all Programme participants. More such sessions should be planned, particularly around the test-bed integration deployment and use of the DevComE toolset. For its own part, DevComE is presently a positive highlight of the project. Integration planning for the test-bed is sound and detailed. The testing and the integration activities are among the project highlights. Both are carefully planned and well specified. As the development of the GEs is delayed, the integration activities still lack concreteness in terms of specific scenarios in which several of the GEs will be involved, which is a pity. Work undertaken regarding communication and dissemination is showing significant advancement, albeit with still substantial opportunity for improvement. Given the overall delay in the work plan, the postponement of many key deliverables, and the insufficient quality (and quantity) of the technical specifications, the reviewers consider that the resources were not utilized effectively within the first project year. The consortium has put reasonable effort into analysing and positioning FI-WARE in the current market context. The exploitation within the scope of "Smart Cities" is promising and welcome, but the Use Cases projects should be targeted as prime users. The business strategy is however absent, in so far that no credible and preliminary quantified business case has been presented yet. The consortium's position that the business case will arrive in the second year of the project is a matter of serious concerns; for example, the reviewers have the strong impression that nobody in the consortium has any notion of the overall amount of investment required to take FI-WARE results to the market, and the work presented is clearly (still) lacking substantive input from the business departments of the industrial partners. Despite the extensive comments in the Month 6 Review Report and notwithstanding the voluminous deliverable D11.2.1, there is still no unified or compelling marketing message, including no compelling unique selling proposition, of the FI-WARE results. The individual exploitation plans of the partners are timid. There is inadequate consideration of third party development and SME exploitation at the business level. The globalisation dimension of the exploitation plan is unconvincing. The consortium is reminded that the success of FI-WARE depends on the delivery of a genuine global solution, exploitable by partners inside and outside the consortium and beyond Europe. In summary, there is a glaring and alarming discrepancy between the high ambitions of FI-WARE given in the DoW and the very limited perspective of exploitation offered so far. The reviewers are disappointed that many of the recommendations made - dating back to the Month 6 review or even earlier - have not been sufficiently considered. Additionally, the reviewers are frustrated by the pattern of (extremely) late submission of the majority of the deliverables, and hastily communicated rescheduling of other deliverables with debatable arguments. Such behaviour is not acceptable in the business world; it is equally unacceptable in the context of European collaborative activity, especially in view of the public funding involved. b. Recommendations concerning the period under review The following deliverables require re-submission: * D2.3.1 by Month 15 (from Month 9 review) * D2.4.1 by Month 15 (from Month 9 review) * D2.1.2 by Month 18 * D3.1.1 by Month 18 * D4.1.1 by Month 18 * D5.1.1 by Month 18 * D6.1.1 by Month 18 * D7.1.1 by Month 18 * D8.1.1 by Month 18 * D11.1.1 by Month 18 * D11.2.1 by Month 18 * D11.3.1 by Month 18 The following recommendations are reiterated from the Month 6 review report (with the timeframe for R[1][2]1 adjusted in light of the Month 9 review) and were expected to be addressed in a satisfactory manner by the Month 12 review (original recommendations re-produced in italics): R [1-3]1. Given FI-WARE's intent to remain domain neutral, a comprehensive technology map must be created that clearly and unambiguously illustrates the relationships between all Generic Enablers to be produced by FI-WARE. This was expected to be documented in deliverable D2.3.1 originally due Month 9, for which re-submission is now due Month 15. Still to be addressed in the forthcoming resubmission of D2.3.1 due Month 15. As regards the "transparent encompassing architecture" for FI-WARE as a whole also asked for already in the first recommendation of the review report at M3, we advise the consortium to keep in mind and log this recommendation, and re-visit it in 2013, after the projects selected under Phase 2 have joined the FI PPP. R [1-3]3. Ensure meaningful interaction with standards bodies including Internet-related standards groups such as the IETF, the W3C, the IEEE, the ITU-T, the OMA, and the 3GPP/2. This is expected to be reported in deliverable D12.3.2 due Month 12 and/or deliverable D11.4.1 due Month 9. Still to be addressed in the forthcoming D11.4.2 due Month 15. R [1-3]6. Ensure there is a focus on attracting a development community for FI-WARE, and not only within the FI-PPP, but where possible within the partner organisations and the open community of potential users. This is expected to be considered in relation to deliverable D2.5.1 and reported in deliverable D12.2.2. Still to be addressed in the forthcoming D2.5.1. R [1-3]7. As there is substantial reliance on external technology sources, e.g., other FP7 projects and open source projects, contingencies should be prepared which address what actions to take should those projects fail to deliver, or are delayed with planned delivery upon which FI-WARE depends. This is expected to be documented in deliverable D1.1.2 due Month 12. The sourcing of technology is still not sufficiently clear. Contingency planning is still not adequately provided for or documented in D1.1.2. Please provide an adequate plan in the online version of the Project Management Handbook asap. R [1-3]8. There is a reasonable likelihood that FI-WARE chapters will be unable to achieve all that they would like to. A risk mitigation strategy should be put in place for this, with thought given in advance on how the project plans to prioritise resources if insufficient resources are available to cope with all planned work. This is expected to be documented in deliverable D1.1.2. The consortium is reminded that effort and funding allocations in the DoW are indicative and not sacrosanct. A robust risk management strategy is still missing from D1.1.2. Please provide such a strategy in the online version of the Project Management Handbook asap. R [1-3]9. Make sustained effort to enrol the support of stakeholders from the business and marketing departments of all major commercial partners in the project. External to the consortium, dissemination should go considerably beyond the "traditional groups" that are usually targeted for dissemination in FP7 projects. This concerns both the RTD communities and the business communities at large, within as well as outside Europe. Consumer organisations should also be considered and inputs be sought, to make sure that the FI-PPP results will be successfully adopted by the mass market. This is expected to be reported in deliverable D12.2.2. Progress has been made in relation to dissemination. The active involvement and support of the business and marketing personnel from the industrial project partners is still largely absent. R [1-3]10. Ensure that planning of the Open Calls starts early and the Open Calls are inclusive enough to attract any prospective submitters including specialist SMEs (without making a priori assumptions about who might be interested in the calls). The Open Calls should be used as a strategic opportunity for disseminating FI-WARE to FI stakeholders and engaging their interest in FI-WARE outputs. The Open Call processes and experience, including lessons learnt, should be documented and assimilated by the consortium for subsequent calls, and included in the relevant editions of deliverable D1.2.x for reporting and auditing purposes. Please take into full account our remarks on the management and administration of the Open Calls in Section 1a of the previous (M6) Review Report, and clarify the rationale for the selection of the topic(s) for the forthcoming first Open Call and to what extent the use case projects have a voice in the topic selection in the first and subsequent calls. The reviewers are still awaiting the reporting of the first Open Call. Progress to be re-assessed in relation to the planning/reporting of the next Open Call in the forthcoming D1.3.2. R [1-3]11. The reviewers cannot over-emphasise the importance of exploitation planning, including detailed documentation of IPR management. In our view, this is also intimately linked to enablement of third party exploitation. Please refer to our remarks in Sections 1a and 1b of the previous (M6) Review Report. It is obvious that high expectations are placed by the reviewers on deliverables D11.2.1 and D2.5.1 due Month 12. Please do not treat this as a paper exercise for satisfying the reviewers. Instead, they should be treated as initial blueprints for realistic business models backed by genuine commitment from especially the industrial partners. Unsatisfactory addressed. Exploitation planning lacks credibility and market traction. To be addressed in the resubmission of D11.2.1 due M18. R [1-3]12. All future deliverables should continue to be made available to the reviewers in pdf format. They should also be submitted on time. The consortium should investigate whether posting such files on its website or wiki might provide value for potential users, in addition to the wiki pages (at least those files relating to key deliverables). Please report the findings of the investigation at the next review. Unsatisfactory addressed. Large numbers of deliverables not submitted on time, yet again. Others have been rescheduled in a hasty manner. The reviewers strongly recommend corrective actions. Additionally, the reviewers request that project deliverables be made available as a consolidated file for future reviews. The consortium has no inclination to make deliverables available in a file format, other than to the EC and reviewers for pure compliance purposes, after evident resistance. The need to investigate the usefulness of such files to would-be users was dismissed. R [1-3]13. Improve the usefulness and attractiveness of the project website: make the information (even) more easy to find, bearing in mind that users might not be familiar with the FI-PPP; enhance the website as a marketing tool to would-be third parties and 'customers' of FI-WARE results (make the website answer the question to companies not involved in EU funded activities: why should I be interested in what FI-WARE is doing, and what is in it for me?). Consider the use of creditable Search Engine Optimization techniques. Unsatisfactorily addressed - no evidence of website improvement as a marketing tool. Significant improvement required for Month 17. The consortium is also encouraged to bring forward the implementation of the FI-WARE GE portal (not in DoW, but highly welcome) currently planned for Year 3. R [1-3]14. Put in place contingencies for loss of key people from the project. This is expected to be documented in deliverable D1.1.2. Recommendation addressed to some degree, for example by involving WP leaders in the management of backlog. Please provide a clear update in the online version of the Project Management Handbook asap. Recommendations still outstanding from the initial review of D2.2.1: * R2: the relationship between GEs and the Specific Enablers needs to be clarified and documented, bearing in mind that the former are potential candidates for standardisation in due course, and the latter are critical from the view point of making business out of FI-WARE results. Documentation is now expected at Month 9 with deliverable D2.3.1. Still to be addressed in the resubmitted version of the D2.3.1 due Month 15. * R9: The requested delivery schedule for the GEs, or at a minimum indication of prioritisation, has not been presented. This is now expected for deliverable D2.4.1 at Month 9. The information should be made visibly available in the public domain. Still not addressed, with mismatches between the Backlog, the Technical Roadmap and the Open Specifications delivered; To be addressed in the resubmitted version of the D2.4.1 due Month 15. c. Recommendations concerning future work R[3]15. Ensure that the quality of the GE specifications is high and consistent. Use GE specification for WP8 as a template for all other WPs. R[3]16. Clean up the backlog, and keep it up to date at all times. Specific resources must be dedicated to this. R[3]17. Focus on delivery of critical-path, high-priority (for the Use Cases) GEs. R[3]18. GE code releases must be synchronized with GE priorities indicated by Use Case projects. R[3]19. Ensure that architectural documentation clearly and unambiguously indicates the trace of source requirements and justification. R[3]20. Transparency and visibility in what was delivered and what is going to be delivered by the consortium in all future FI-WARE Releases. R[3]21. Meeting the "check points" set by the reviewers. For the next period leading up to the M18 review, the reviewers will be monitoring and assessing project progress against the following key "check points", in addition to DoW compliance and assessment of the project deliverables due: 1. Technical Paper including common usage scenarios for the GEs for wide dissemination (incl. to Use Case projects and third parties), month 15 2. Public availability matrix of use cases using the GEs; continuous update of the matrix, month 15 & thereafter 3. FI-WARE software release, month 15 4. Public availability of the SAP GEs in WP3, month 15 (done) 5. Testbed in operation, feedback from UC projects on using the testbed, month 17 6. Enhancement/re-design of the current website for impact creation, month 17 7. Hold additional architectural weeks, develop training plan for use of the DevComE framework, consider inviting 3rd party developers, month 18 8. Develop and publish a plan for fostering developer communities, month 18 9. Live demonstration of the FI-WARE test-bed with deployed GE software, Next review meeting 10. Presentation by senior business personnel from the main commercial partners of the consortium (at a minimum: TID, SAP, TI, Orange/FT) on corporate plans to bring the FI-WARE key results to the market, Next review meeting R[3]22. For the next period overall project resource allocation should be reviewed to identify the specific weaknesses leading to the failings identified in this review project; resources should be re-planned and re-allocated to rectify the failings where necessary. d. Assessment Unsatisfactory progress (The project has failed to achieve key objectives and/or is not at all on schedule) ============================== Some other considerations: After one year in the project, one may want to evaluate what has been achieved, esp taking into account that 12 MEuro has been spent. A specific feature of the first reporting period, and a direct result of the delays, is that efforts have been spent on tasks that did not result in submitted deliverables. The economy, effectiveness and efficiency of these efforts can therefore not be evaluated. More importantly, after one year in the project, one may want to evaluate what can be realistically achieved at the end of the project: - The status and maturity of single GEs differ a lot. More consistency and maturity in the specification of GEs needs to be achieved. The litmus test is that these specifications need to be sufficiently mature and complete so that independent software developers can use them to develop implementations that are interchangeable. Prospect: good. - It is not clear to what extent the GE Open Specifications satisfy the requirements from use cases, FI-WARE organisations, or otherwise. There is a risk that at the end of the project the GE Open Specifications do not satisfy the requirements of the use cases. - The baseline assets of each individual GE are not clear. Partly because of this, the roadmap is not clear. At the end of the project, there will be reference implementations, no doubt, but it is not clear to what extent the GE Open Specifications follow the existing baseline assets or v.v. There is a risk that the reference implementations do not satisfy the requirements of the use cases. - The IPR protection of the reference implementations is unclear. At the end of the project, the use cases need clarity on this. It is essential that this information becomes available as soon as possible. - Likewise, the exploitation plans of the owners of the reference implementations are unclear. At the end of the project, the use cases need clarity on this. It is essential that this information becomes available as soon as possible. - The division of budgets in FI-WARE is (largely) based on the existence of baseline assets. The more baseline assets a partner brought into the project, the larger its budget in FI-WARE. The advantage is that the work does not start from scratch. It is likely that these baseline assets are typically proprietary solutions. It can be expected that partners will give priority to their baseline assets, further developing these assets, and give less priority to fulfilling use case requirements. Although access to these assets by use case projects after the end of the FI-WARE project is addressed by clause 41, the exact conditions for access, the availability of the assets, and their maturity are unknown. This leaves use cases, possible FI-WARE Instance providers, and third party application developers in an uncertain situation, and clarity is necessary. - There is a high risk that current developments on GE reference implementations do not fulfil the requirements of the use cases. This could be accepted to some extent if these reference implementations would be based on clear requirements from the business departments of the technology providers, and if there were clear exploitation plans for these reference implementations. In such situation, usefulness to use cases would be offset by wide availability and accessibility. However, at the moment there is a high risk that at the end of the FI-WARE project the reference implementations will not fulfil the requirements from the use cases AND will not be accessible. The month 18 review and the Call 2 evaluation will provide an opportunity to analyse the situation with respect to a) the FI-WARE GEs and their reference implementations, b) the priorities of the phase 2 use cases, and c) the commitments of the FI-WARE beneficiaries. Regarding the FI-WARE GEs and their reference implementations, information is needed a.o. concerning: - The final list of GEs for which Open Specifications will be written - The extent to which these GEs fulfil requirements (from all sources), providing justification and accountability - For each GE: the reference implementation(s) of the GE - For each GE reference implementation: the baseline asset(s) upon which the reference implementation will be based, the current status, the owner, the relation to other GE (reference implementations) Regarding the phase 2 use cases: - The list of GEs the phase 2 use cases plan to use, and their priority - The list of GE reference implementations the phase 2 use cases plan to use, and their priority Regarding the commitment of the FI-WARE beneficiaries: - For each GE reference implementation: the conditions under which it will be available for FI-PPP programme participants and third parties beyond the lifetime of FI-WARE With respect to the last point, stated intentions in confidential exploitation plans are not sufficient. True commitment and therefore true assurance of the use cases and third parties of the sustainability of their efforts building on FI-WARE can be shown via e.g. a public statement by the GE reference implementation IPR holders. Such a public statement could follow lines as sketched below: - "Our developments in FI-WARE/FI-PPP will be made available as open-source, and/or - Our developments in FI-WARE will be proprietary, conforming to the GE Open Specifications, and we guarantee that they will be available on the market as of [date] under FRAND conditions and will be available for at least [y] years. The exact conditions will be specified within [x] months. In case our companies determine the product will no longer be commercially offered, the source code will be made available as open source and donated to [xyz], and/or - Company X is developing an implementation of a certain GE. Within FI-WARE, an open source reference implementation of the same GE is being developed. Company X builds a proprietary implementation, outside the FI-WARE project, using own funds, and/or - Our companies encourage the development of multiple implementations of a certain GE, will develop a reference implementation for each of the specified GEs within the context of the FI-WARE project, using public money, and will develop additional proprietary implementations [for GEs g,h,k] using own funds - We commit to safeguard the evolution and nature of the GEs for at least [x] years after the FI-PPP programme. - Etc" ________________________________ Este mensaje se dirige exclusivamente a su destinatario. Puede consultar nuestra pol?tica de env?o y recepci?n de correo electr?nico en el enlace situado m?s abajo. This message is intended exclusively for its addressee. We only send and receive email on the basis of the terms set out at. http://www.tid.es/ES/PAGINAS/disclaimer.aspx -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- An embedded and charset-unspecified text was scrubbed... Name: ATT00001.txt URL: From pascal.bisson at thalesgroup.com Mon Jul 30 14:41:18 2012 From: pascal.bisson at thalesgroup.com (BISSON Pascal) Date: Mon, 30 Jul 2012 14:41:18 +0200 Subject: [Fiware-security] TID - Review of status of dleiverables (update and final plan) Message-ID: <9377_1343652084_501680F4_9377_3905_1_0f473ccd-ca46-4e28-89a9-92ed952ae4bb@THSONEA01HUB05P.one.grp> Dear Colleagues, This just to report to you what has been announced by TID at WPL/WPA audio conf of today. In view of what is detailed below please finalized your actions and be prepared to address additional feedback that TID promised to send us today and to have them addressed according to the set deadline. Thanks in advance for your cooperation and support. BR Pascal ================================================================================ Review of status of deliverables due by end of June as per our internal planning (announced to the EC) * Review of the Unit Testing Plan sent on 24/July * Review of the Instal & Admin manual sent on 25/July * Review of the User and Programmer's guide sent on 25/July * Now checking that changes have been implemented. * Cloud, IoT, I2ND & Data have received feedback already * Deadline to address it: 30/July EOB (today) * Security and Apps will receive feedback today * Deadline to address it: 31/July EOB (tomorrow) * Review of Features sent last week. And a second review of changes afterwards. * Reaction expected by 31/July EOB (tomorrow) * Wait to generate pdfs until told to do so (or do it at your own risk!) * Today we will verify status of SCM also * FINAL DECISIONS ON ACCEPTANCE TO BE TAKEN ON WEDNESDAY -------------- next part -------------- An HTML attachment was scrubbed... URL: From antonio.garcia at atosresearch.eu Tue Jul 31 09:52:29 2012 From: antonio.garcia at atosresearch.eu (Antonio Garcia Vazquez) Date: Tue, 31 Jul 2012 09:52:29 +0200 Subject: [Fiware-security] TID - Review of status of dleiverables (update and final plan) In-Reply-To: <9377_1343652084_501680F4_9377_3905_1_0f473ccd-ca46-4e28-89a9-92ed952ae4bb@THSONEA01HUB05P.one.grp> References: <9377_1343652084_501680F4_9377_3905_1_0f473ccd-ca46-4e28-89a9-92ed952ae4bb@THSONEA01HUB05P.one.grp> Message-ID: <8E18929A6C79354FB4BD9BD4636DCB06CF0681@INTMAIL03.es.int.atosorigin.com> Pascal, Has you received any additional comments?; We haven't As no comment has been sent yesterday ... It that means that all deliverables are OK? Best Regards ************************************ * Antonio Garc?a-V?zquez * * (+34) 91 214 9384 * * antonio.garcia at atosresearch.eu * ************************************ From: BISSON Pascal [mailto:pascal.bisson at thalesgroup.com] Sent: lunes, 30 de julio de 2012 14:41 To: robert.seidl at nsn.com; Meyer, Gerald (NSN - DE/Munich); TRABELSI, Slim; DI CERBO, Francesco; GIDOIN Daniel; GASPARD Lucie; Antonio Garcia Vazquez; Rodrigo Diaz Rodriguez; Wolfgang.Steigerwald at telekom.de; GASPARD Lucie; MUSARAJ Kreshnik Cc: BISSON Pascal; fiware-security at lists.fi-ware.eu Subject: TID - Review of status of dleiverables (update and final plan) Dear Colleagues, This just to report to you what has been announced by TID at WPL/WPA audio conf of today. In view of what is detailed below please finalized your actions and be prepared to address additional feedback that TID promised to send us today and to have them addressed according to the set deadline. Thanks in advance for your cooperation and support. BR Pascal ================================================================================ Review of status of deliverables due by end of June as per our internal planning (announced to the EC) * Review of the Unit Testing Plan sent on 24/July * Review of the Instal & Admin manual sent on 25/July * Review of the User and Programmer's guide sent on 25/July * Now checking that changes have been implemented. * Cloud, IoT, I2ND & Data have received feedback already * Deadline to address it: 30/July EOB (today) * Security and Apps will receive feedback today * Deadline to address it: 31/July EOB (tomorrow) * Review of Features sent last week. And a second review of changes afterwards. * Reaction expected by 31/July EOB (tomorrow) * Wait to generate pdfs until told to do so (or do it at your own risk!) * Today we will verify status of SCM also * FINAL DECISIONS ON ACCEPTANCE TO BE TAKEN ON WEDNESDAY ------------------------------------------------------------------ This e-mail and the documents attached are confidential and intended solely for the addressee; it may also be privileged. If you receive this e-mail in error, please notify the sender immediately and destroy it. As its integrity cannot be secured on the Internet, the Atos group liability cannot be triggered for the message content. Although the sender endeavours to maintain a computer virus-free network, the sender does not warrant that this transmission is virus-free and will not be liable for any damages resulting from any virus transmitted. Este mensaje y los ficheros adjuntos pueden contener informacion confidencial destinada solamente a la(s) persona(s) mencionadas anteriormente pueden estar protegidos por secreto profesional. Si usted recibe este correo electronico por error, gracias por informar inmediatamente al remitente y destruir el mensaje. Al no estar asegurada la integridad de este mensaje sobre la red, Atos no se hace responsable por su contenido. Su contenido no constituye ningun compromiso para el grupo Atos, salvo ratificacion escrita por ambas partes. Aunque se esfuerza al maximo por mantener su red libre de virus, el emisor no puede garantizar nada al respecto y no sera responsable de cualesquiera danos que puedan resultar de una transmision de virus. ------------------------------------------------------------------ -------------- next part -------------- An HTML attachment was scrubbed... URL: From pascal.bisson at thalesgroup.com Tue Jul 31 18:24:07 2012 From: pascal.bisson at thalesgroup.com (BISSON Pascal) Date: Tue, 31 Jul 2012 18:24:07 +0200 Subject: [Fiware-security] D8.5.1 - Final PDF release Message-ID: <6089_1343751877_501806C5_6089_18478_1_d2db5a6d-d1b9-46da-82ee-167358b5cdc0@THSONEA01HUB04P.one.grp> Dear Miguel, Find attached to this email the PDF version of D8.5.a Unit Test Plan and Reporting. It has been generated from the Wiki where all your comments have been addressed by the Security Chapter Team. Best Regards, Pascal -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: D8.5.1 final.pdf Type: application/pdf Size: 3750573 bytes Desc: D8.5.1 final.pdf URL: From pascal.bisson at thalesgroup.com Tue Jul 31 18:45:10 2012 From: pascal.bisson at thalesgroup.com (BISSON Pascal) Date: Tue, 31 Jul 2012 18:45:10 +0200 Subject: [Fiware-security] FI-WARE Security: D8.4.1 - Final PDF release Message-ID: <30275_1343753137_50180BB0_30275_7041_1_205b9026-afb9-4806-8f6a-65c8989c4b07@THSONEA01HUB06P.one.grp> Dear Miguel, Find attached to this email the PDF version of D8.4.a User & Programmers .guide It has been generated from the Wiki where your comments have also been addressed by the Security Chapter Team. Best Regards, Pascal -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: D8.4.1 final.pdf Type: application/pdf Size: 4150261 bytes Desc: D8.4.1 final.pdf URL: