From daniel.gidoin at thalesgroup.com Thu Mar 1 09:38:39 2012 From: daniel.gidoin at thalesgroup.com (GIDOIN Daniel) Date: Thu, 1 Mar 2012 09:38:39 +0100 Subject: [Fiware-security] FIWARE: Security Architecture Description Chapter - VERY URGENT Message-ID: <4338_1330591118_4F4F358E_4338_15243_1_1ac626a3-3c05-4236-9052-741f06983c0f@THSONEA01HUB06P.one.grp> Dear GE owners, asset owners, dear All, Following the comments of Pascal and Juanjo, a lot of changes have been made (thank to every boby) but it is still work to comply with these expectations. Thank you to proceed as quickly to these changes. Dealine: Friday, March 2 at noon. There will be no audio conference Friday morning. I prefer this time be utilized so that we keep our deadlines. The final document is delivered to the commission Monday In particular (Highlight in yellow): 1. Major comments 1.1 Monitoring GE The Architecture Description is relatively well aligned with the guidelines provided for the Architecture Description deliverable except for the "Design Principles" section (contents placed in that section seems to be there because there was no other good places to place them). In a first approach, it seems a little bit strange that the structure of the section regarding "Main concepts" equals the one for "Main Interactions". I would expect that the "Main interactions" section would be structured into sections linked to the different processes that take place during Security Monitoring, but maybe their description can be structured in terms of components involved. On the other hand, it seems like description of some main interactions (Service Level SIEM) could be further elaborated including some sequence diagrams. There is also no reference to specific interface names and specific operations but I guess this GE will be mostly used by administrators/operators of a FI-WARE Instance who will make use of the User Interface of related admin tools instead of applications which make use of APIs. Some figures may need to be converted to follow FMC notation. 1.2 Context-based security & compliance It seems like the Architecture Description of this GE follows the guidelines provided but there is a mismatch in the table of contents ... The section titled "Main Interactions" looks like it should be titled "Context-based security & compliance architecture" while the sections under "sequence diagrams" within the "Basic Design Principles" section would actually fit better as contents of the "Main Interactions" section. Contents of the remaining of section "Design Principles" look more like the detailed description of data exchanged in some of the interactions described in the sequence diagrams ... however, the relationship is not so explicit because the text in the descriptions of sequence diagrams does not always include a reference to the request/response being issued. I see to alternatives to deal with this editorially: * Add the names of the specific operation request / responses within the sequence diagram descriptions and then endup the "Main Interactions" sections with a subsection titled "Basic Data Structures", elaborating on the detailed description of arguments linked to operation request/responses being referred in the interactions. * Add the names of the specific operation request / responses within the sequence diagram descriptions and enrich then with text describing the data structures linked to those operation request/responses (e.g., " invokes the request passing the , and as arguments") Probably the first option is easier to implement and I would recommend it. The figure on the Architecture should be converted to follow FMC notation. 1.3 Identity Management GE While this is one of the core GEs in the Security Chapter, the description is rather poor (My opinion: Overview must be enriched - Daniel) The "Basic Concepts" section doesn't say anything relevant and the "Main Interactions" section is merely a sequence of pictures with no explanation (btw, figures do not follow FMC conventions) . I don't understand what "Design Principles" we are trying to describe with contents on that section. Improvement of the Architecture Description for this GE requires urgent and immediate attention. 1.5. Data Handling GE I would review writing of the example scenario. Some comments (part of them editorial, but I have decided to compile all them together here): * First bullet, I guess that explaining that the Clique social network has been developed within the PrimeLife project doesn't add any value. * Also first bullet, we introduce the role of "Data Controller" ... I guess it would be nice to introduce the concept of "Data Controller" someway in the paragraph of the Description section (section previous to the example). Would it match the backend part of the "Data Handling GE" ? * Third bullet: * you refer to the "PrimeLife Privacy Tuner" ... is that a tool linked to the Data Handling GE ? If so, I would use the term "Data Handling Privacy Tuner" instead. Would "PPL Privacy Tuner" work, given the fact that use the term "PPP Privacy Engine" in the fourth bullet ? * you say: "This tuner is a graphical tool used to edit Privacy preferences in PPL language defined in the deliverable" ... is the usage of the term "deliverable" appropiate here or is it the result of copying&pasting from some document in the PrimeLife project ? * my understanding is that one of the things Alice would be able to configure using the Privacy Tuner would be what domain would be allowed to access data ... (or what rules will determine whether a domain would be allowed to access data). If this is correct, I would mention it to establish a better link with what is being said in the fourth bullet. This would make the example easier to follow. * Fourth bullet: * where is the PPL Privacy Engine running ? My understanding is that it runs on Alice's machine but if so, please say it explicitly. * simply editorial: should be "Alice's machine" instead of "Alice machine". * you say: "the engine will enforce the access control rules related to the requested data". If I understand it right, these access control rules would refer to rules setup by Alice using the Privacy Tuner ... If this is correct, I would mention it. Something like: " the engine will enforce the access control rules related to the requested data that were programmed by Alice using the PPL Privacy Tuner" * you say: " If the domain is allowed to access this data the engine match the privacy policy of the website with the preferences of Alice" ... where are the preferences of Alice configured ? My understanding is that it is also through the Privacy Tuner. If this is correct, I would mention it. Something like: "If the domain is allowed to access this data the engine match the privacy policy of the website with the preferences of Alice, also configured through the PPL Privacy Tuner" * Fifth bullet ... It is said: "Alice has the possibility to decide if she accepts or refuses to send her data". If my understanding is correct, it should not only be that. She should also be able to validate the privacy policy of the website (i.e., which data would be sent and what will it be exclusively used for). If so, I would mention it explicitly. * Sixth bullet ... I believe it would be nice to explain where both the sticky policy and Alice's data will be stored. You refer to "the server" but ... what is that server ? Will it be in the server where the backend of the Data Handling GE is running ? If so, mention it explictly. It would be worth mentioning, btw, maybe not in this bullet but somewhere, where can such Data Handling GE backend be running. Does it necessarely have to be collocated in the backend of the Clique portal ? Could be somewhere else, providing its functionality "as a Service" ? If it may go somewhere else, provided "as a Service", then I would explain this is a possibility. * Eight bullet ... (just editorial) You say: " The policy engine of clique.primelife.eu will match the privacy policy of travel.example.com with the sticky policy related to the e-mail of Alice (step 8), and will check if the sticky policy allows to forward for the purpose of statistics for example" ... I guess it would be better to say "... (step 8), checking if the sticky policy allows to forward Alice's e-mail address for the purpose of statistics, for example." * About what we describe in the last bullet ... how it is prevented that the travel agency doesn't make a wrong usage of Alice's data ? Could it be someway ? If so, it would be worth explaining ... There is no section on "Basic Concepts". Probably it would make sense to translate some of the content in the Appendix here (if you decide to move everything, just the reference would be kept at the end). I would also suggest to elaborate on the following concepts: * PPL and PPI * PPL Privacy Tuner tool Figure on Architecture should be adapted to follow FMC notation. On the other hand, it would be nice to illustrate there: * What is the role of the Privacy Tuner ? Please try to illustrate it * Is the left big grey box a description of the architecture linked to the "PPL Privacy Engine" ? If so, name it accordingly. Otherwise ... what components would be linked to the PPL Privacy Engine ? Main interactions after the Architecture figure: * You describe interactions in terms of operations described in some sort of description of a RESTful binding. This doesn't follow the reference example provided as guidelines. As a result, it is too austere and doesn't elaborate on who invokes an operation, for example. Sequence diagrams would be useful. * The suggested structure for the "Main Interactions" section is fine though: * Data subject side: * Managing PII * Managing Preference Groups * Data controller side: * Uploading resource data and policy * Uploading PII * PII downstream usage request for a single PII 1.6 Optional Security Enablers: I understand the Architecture Description of these enablers, and particularly adaption to published guidelines, is under way. Therefore, I will wait until they are more elaborated. My opinion (Daniel): DB anonymiser: Basic Concepts missing & Basic design principles to be developed CSS- Secure Storage Service: to be developed Morphus antivirus: Basic design principle to be developped 2. Minor comments (some editorial): 2.1 Monitoring GE 2.1.1 Service Level SIEM: * I would recommend explaining what SIEM stands for 2.2 Data Handling GE * I may be wrong but it seems to me like there is something missing or wrong (from an editorial point of view) in the following sentence: "It supports integrated data handling, in particular through two-sided detailed data handling, that takes into account specific preferences/policies expressed using the PPL language, based on XACML". * It would be nice to describe what PPL stands for, the first time this acronym is used. Same for PII. De : BISSON Pascal Envoy? : mardi 21 f?vrier 2012 11:07 ? : fiware-security at lists.fi-ware.eu Cc : BISSON Pascal; GIDOIN Daniel; LELEU Philippe Objet : TR: Comments on Security Architecture Description Chapter Importance : Haute Dear Colleagues, I'm just forwarding you this email I got from our Juanjo who as FI-WARE CA reviewed our Security Chapter contribution to D2.3a Architecture Specifications. I'd like here each of the task leads and GE owners to process those comments promptly not to delay any more release of D2.3 from the perspective of our Security Chapter. Comments have been enough detailed by Juanjo to be addressed by each GE owners as follow. 1.1 Monitoring GE (Thales - Daniel/Philippe/Pascal) 1.2 Context-based security & compliance GE (Atos - Antonio) 1.3 Identity Management GE (NSN - Robert) 1.4 Privacy Management GE (IBM - Anja/Michael) 1.5 Data Handling GE (SAP - Slim/Francesco) 1.6 Optional Security Enablers/Services (SAP - Slim/Francesco) Counting now on each Task leads & GE owners to process those comments asap. Best Regards, Pascal -------------- next part -------------- An HTML attachment was scrubbed... URL: From antonio.garcia at atosresearch.eu Thu Mar 1 12:02:30 2012 From: antonio.garcia at atosresearch.eu (Antonio Garcia Vazquez) Date: Thu, 1 Mar 2012 12:02:30 +0100 Subject: [Fiware-security] FIWARE: Security Architecture Description Chapter - VERY URGENT Message-ID: <8E18929A6C79354FB4BD9BD4636DCB0665DEA8@INTMAIL03.es.int.atosorigin.com> Daniel, We from Atos made a lot of modifications last week in order to align our work with these comments. I believe that most of the things you've Highlight are already done (in particular FMC notation) Do you think there are still some points to address? Best Regards. ************************************ * Antonio Garc?a-V?zquez * * (+34) 91 214 9384 * * antonio.garcia at atosresearch.eu * ************************************ From: fiware-security-bounces at lists.fi-ware.eu [mailto:fiware-security-bounces at lists.fi-ware.eu] On Behalf Of GIDOIN Daniel Sent: jueves, 01 de marzo de 2012 9:39 To: anj at zurich.ibm.com; osb at zurich.ibm.com; robert.seidl at nsn.com; Antonio Garcia Vazquez; francesco.di.cerbo at sap.com; TRABELSI, Slim; LELEU Philippe; Fiware-security at lists.fi-ware.eu Subject: [Fiware-security] FIWARE: Security Architecture Description Chapter - VERY URGENT Dear GE owners, asset owners, dear All, Following the comments of Pascal and Juanjo, a lot of changes have been made (thank to every boby) but it is still work to comply with these expectations. Thank you to proceed as quickly to these changes. Dealine: Friday, March 2 at noon. There will be no audio conference Friday morning. I prefer this time be utilized so that we keep our deadlines. The final document is delivered to the commission Monday In particular (Highlight in yellow): 1. Major comments 1.1 Monitoring GE The Architecture Description is relatively well aligned with the guidelines provided for the Architecture Description deliverable except for the "Design Principles" section (contents placed in that section seems to be there because there was no other good places to place them). In a first approach, it seems a little bit strange that the structure of the section regarding "Main concepts" equals the one for "Main Interactions". I would expect that the "Main interactions" section would be structured into sections linked to the different processes that take place during Security Monitoring, but maybe their description can be structured in terms of components involved. On the other hand, it seems like description of some main interactions (Service Level SIEM) could be further elaborated including some sequence diagrams. There is also no reference to specific interface names and specific operations but I guess this GE will be mostly used by administrators/operators of a FI-WARE Instance who will make use of the User Interface of related admin tools instead of applications which make use of APIs. Some figures may need to be converted to follow FMC notation. 1.2 Context-based security & compliance It seems like the Architecture Description of this GE follows the guidelines provided but there is a mismatch in the table of contents ... The section titled "Main Interactions" looks like it should be titled "Context-based security & compliance architecture" while the sections under "sequence diagrams" within the "Basic Design Principles" section would actually fit better as contents of the "Main Interactions" section. Contents of the remaining of section "Design Principles" look more like the detailed description of data exchanged in some of the interactions described in the sequence diagrams ... however, the relationship is not so explicit because the text in the descriptions of sequence diagrams does not always include a reference to the request/response being issued. I see to alternatives to deal with this editorially: * Add the names of the specific operation request / responses within the sequence diagram descriptions and then endup the "Main Interactions" sections with a subsection titled "Basic Data Structures", elaborating on the detailed description of arguments linked to operation request/responses being referred in the interactions. * Add the names of the specific operation request / responses within the sequence diagram descriptions and enrich then with text describing the data structures linked to those operation request/responses (e.g., " invokes the request passing the , and as arguments") Probably the first option is easier to implement and I would recommend it. The figure on the Architecture should be converted to follow FMC notation. 1.3 Identity Management GE While this is one of the core GEs in the Security Chapter, the description is rather poor (My opinion: Overview must be enriched - Daniel) The "Basic Concepts" section doesn't say anything relevant and the "Main Interactions" section is merely a sequence of pictures with no explanation (btw, figures do not follow FMC conventions) . I don't understand what "Design Principles" we are trying to describe with contents on that section. Improvement of the Architecture Description for this GE requires urgent and immediate attention. 1.5. Data Handling GE I would review writing of the example scenario. Some comments (part of them editorial, but I have decided to compile all them together here): * First bullet, I guess that explaining that the Clique social network has been developed within the PrimeLife project doesn't add any value. * Also first bullet, we introduce the role of "Data Controller" ... I guess it would be nice to introduce the concept of "Data Controller" someway in the paragraph of the Description section (section previous to the example). Would it match the backend part of the "Data Handling GE" ? * Third bullet: * you refer to the "PrimeLife Privacy Tuner" ... is that a tool linked to the Data Handling GE ? If so, I would use the term "Data Handling Privacy Tuner" instead. Would "PPL Privacy Tuner" work, given the fact that use the term "PPP Privacy Engine" in the fourth bullet ? * you say: "This tuner is a graphical tool used to edit Privacy preferences in PPL language defined in the deliverable" ... is the usage of the term "deliverable" appropiate here or is it the result of copying&pasting from some document in the PrimeLife project ? * my understanding is that one of the things Alice would be able to configure using the Privacy Tuner would be what domain would be allowed to access data ... (or what rules will determine whether a domain would be allowed to access data). If this is correct, I would mention it to establish a better link with what is being said in the fourth bullet. This would make the example easier to follow. * Fourth bullet: * where is the PPL Privacy Engine running ? My understanding is that it runs on Alice's machine but if so, please say it explicitly. * simply editorial: should be "Alice's machine" instead of "Alice machine". * you say: "the engine will enforce the access control rules related to the requested data". If I understand it right, these access control rules would refer to rules setup by Alice using the Privacy Tuner ... If this is correct, I would mention it. Something like: " the engine will enforce the access control rules related to the requested data that were programmed by Alice using the PPL Privacy Tuner" * you say: " If the domain is allowed to access this data the engine match the privacy policy of the website with the preferences of Alice" ... where are the preferences of Alice configured ? My understanding is that it is also through the Privacy Tuner. If this is correct, I would mention it. Something like: "If the domain is allowed to access this data the engine match the privacy policy of the website with the preferences of Alice, also configured through the PPL Privacy Tuner" * Fifth bullet ... It is said: "Alice has the possibility to decide if she accepts or refuses to send her data". If my understanding is correct, it should not only be that. She should also be able to validate the privacy policy of the website (i.e., which data would be sent and what will it be exclusively used for). If so, I would mention it explicitly. * Sixth bullet ... I believe it would be nice to explain where both the sticky policy and Alice's data will be stored. You refer to "the server" but ... what is that server ? Will it be in the server where the backend of the Data Handling GE is running ? If so, mention it explictly. It would be worth mentioning, btw, maybe not in this bullet but somewhere, where can such Data Handling GE backend be running. Does it necessarely have to be collocated in the backend of the Clique portal ? Could be somewhere else, providing its functionality "as a Service" ? If it may go somewhere else, provided "as a Service", then I would explain this is a possibility. * Eight bullet ... (just editorial) You say: " The policy engine of clique.primelife.eu will match the privacy policy of travel.example.com with the sticky policy related to the e-mail of Alice (step 8), and will check if the sticky policy allows to forward for the purpose of statistics for example" ... I guess it would be better to say "... (step 8), checking if the sticky policy allows to forward Alice's e-mail address for the purpose of statistics, for example." * About what we describe in the last bullet ... how it is prevented that the travel agency doesn't make a wrong usage of Alice's data ? Could it be someway ? If so, it would be worth explaining ... There is no section on "Basic Concepts". Probably it would make sense to translate some of the content in the Appendix here (if you decide to move everything, just the reference would be kept at the end). I would also suggest to elaborate on the following concepts: * PPL and PPI * PPL Privacy Tuner tool Figure on Architecture should be adapted to follow FMC notation. On the other hand, it would be nice to illustrate there: * What is the role of the Privacy Tuner ? Please try to illustrate it * Is the left big grey box a description of the architecture linked to the "PPL Privacy Engine" ? If so, name it accordingly. Otherwise ... what components would be linked to the PPL Privacy Engine ? Main interactions after the Architecture figure: * You describe interactions in terms of operations described in some sort of description of a RESTful binding. This doesn't follow the reference example provided as guidelines. As a result, it is too austere and doesn't elaborate on who invokes an operation, for example. Sequence diagrams would be useful. * The suggested structure for the "Main Interactions" section is fine though: * Data subject side: * Managing PII * Managing Preference Groups * Data controller side: * Uploading resource data and policy * Uploading PII * PII downstream usage request for a single PII 1.6 Optional Security Enablers: I understand the Architecture Description of these enablers, and particularly adaption to published guidelines, is under way. Therefore, I will wait until they are more elaborated. My opinion (Daniel): DB anonymiser: Basic Concepts missing & Basic design principles to be developed CSS- Secure Storage Service: to be developed Morphus antivirus: Basic design principle to be developped 2. Minor comments (some editorial): 2.1 Monitoring GE 2.1.1 Service Level SIEM: * I would recommend explaining what SIEM stands for 2.2 Data Handling GE * I may be wrong but it seems to me like there is something missing or wrong (from an editorial point of view) in the following sentence: "It supports integrated data handling, in particular through two-sided detailed data handling, that takes into account specific preferences/policies expressed using the PPL language, based on XACML". * It would be nice to describe what PPL stands for, the first time this acronym is used. Same for PII. De : BISSON Pascal Envoy? : mardi 21 f?vrier 2012 11:07 ? : fiware-security at lists.fi-ware.eu Cc : BISSON Pascal; GIDOIN Daniel; LELEU Philippe Objet : TR: Comments on Security Architecture Description Chapter Importance : Haute Dear Colleagues, I'm just forwarding you this email I got from our Juanjo who as FI-WARE CA reviewed our Security Chapter contribution to D2.3a Architecture Specifications. I'd like here each of the task leads and GE owners to process those comments promptly not to delay any more release of D2.3 from the perspective of our Security Chapter. Comments have been enough detailed by Juanjo to be addressed by each GE owners as follow. 1.1 Monitoring GE (Thales - Daniel/Philippe/Pascal) 1.2 Context-based security & compliance GE (Atos - Antonio) 1.3 Identity Management GE (NSN - Robert) 1.4 Privacy Management GE (IBM - Anja/Michael) 1.5 Data Handling GE (SAP - Slim/Francesco) 1.6 Optional Security Enablers/Services (SAP - Slim/Francesco) Counting now on each Task leads & GE owners to process those comments asap. Best Regards, Pascal ------------------------------------------------------------------ This e-mail and the documents attached are confidential and intended solely for the addressee; it may also be privileged. If you receive this e-mail in error, please notify the sender immediately and destroy it. As its integrity cannot be secured on the Internet, the Atos group liability cannot be triggered for the message content. Although the sender endeavours to maintain a computer virus-free network, the sender does not warrant that this transmission is virus-free and will not be liable for any damages resulting from any virus transmitted. Este mensaje y los ficheros adjuntos pueden contener informacion confidencial destinada solamente a la(s) persona(s) mencionadas anteriormente pueden estar protegidos por secreto profesional. Si usted recibe este correo electronico por error, gracias por informar inmediatamente al remitente y destruir el mensaje. Al no estar asegurada la integridad de este mensaje sobre la red, Atos no se hace responsable por su contenido. Su contenido no constituye ningun compromiso para el grupo Atos, salvo ratificacion escrita por ambas partes. Aunque se esfuerza al maximo por mantener su red libre de virus, el emisor no puede garantizar nada al respecto y no sera responsable de cualesquiera danos que puedan resultar de una transmision de virus. ------------------------------------------------------------------ -------------- next part -------------- An HTML attachment was scrubbed... URL: From francesco.di.cerbo at sap.com Thu Mar 1 13:56:16 2012 From: francesco.di.cerbo at sap.com (DI CERBO, Francesco) Date: Thu, 1 Mar 2012 13:56:16 +0100 Subject: [Fiware-security] FIWARE: Security Architecture Description Chapter - VERY URGENT In-Reply-To: <8E18929A6C79354FB4BD9BD4636DCB0665DEA8@INTMAIL03.es.int.atosorigin.com> References: <8E18929A6C79354FB4BD9BD4636DCB0665DEA8@INTMAIL03.es.int.atosorigin.com> Message-ID: <71C0C7C7A712EE4CA636EDFD663B4E2703999A69AE@DEWDFECCR09.wdf.sap.corp> Hello Daniel, Also with respect to the Data Handling GE, all comments should be already covered by our latest modifications. Best regards, Francesco From: fiware-security-bounces at lists.fi-ware.eu [mailto:fiware-security-bounces at lists.fi-ware.eu] On Behalf Of Antonio Garcia Vazquez Sent: jeudi 1 mars 2012 12:02 To: GIDOIN Daniel Cc: Fiware-security at lists.fi-ware.eu Subject: Re: [Fiware-security] FIWARE: Security Architecture Description Chapter - VERY URGENT Daniel, We from Atos made a lot of modifications last week in order to align our work with these comments. I believe that most of the things you've Highlight are already done (in particular FMC notation) Do you think there are still some points to address? Best Regards. ************************************ * Antonio Garc?a-V?zquez * * (+34) 91 214 9384 * * antonio.garcia at atosresearch.eu * ************************************ From: fiware-security-bounces at lists.fi-ware.eu [mailto:fiware-security-bounces at lists.fi-ware.eu] On Behalf Of GIDOIN Daniel Sent: jueves, 01 de marzo de 2012 9:39 To: anj at zurich.ibm.com; osb at zurich.ibm.com; robert.seidl at nsn.com; Antonio Garcia Vazquez; francesco.di.cerbo at sap.com; TRABELSI, Slim; LELEU Philippe; Fiware-security at lists.fi-ware.eu Subject: [Fiware-security] FIWARE: Security Architecture Description Chapter - VERY URGENT Dear GE owners, asset owners, dear All, Following the comments of Pascal and Juanjo, a lot of changes have been made (thank to every boby) but it is still work to comply with these expectations. Thank you to proceed as quickly to these changes. Dealine: Friday, March 2 at noon. There will be no audio conference Friday morning. I prefer this time be utilized so that we keep our deadlines. The final document is delivered to the commission Monday In particular (Highlight in yellow): 1. Major comments 1.1 Monitoring GE The Architecture Description is relatively well aligned with the guidelines provided for the Architecture Description deliverable except for the "Design Principles" section (contents placed in that section seems to be there because there was no other good places to place them). In a first approach, it seems a little bit strange that the structure of the section regarding "Main concepts" equals the one for "Main Interactions". I would expect that the "Main interactions" section would be structured into sections linked to the different processes that take place during Security Monitoring, but maybe their description can be structured in terms of components involved. On the other hand, it seems like description of some main interactions (Service Level SIEM) could be further elaborated including some sequence diagrams. There is also no reference to specific interface names and specific operations but I guess this GE will be mostly used by administrators/operators of a FI-WARE Instance who will make use of the User Interface of related admin tools instead of applications which make use of APIs. Some figures may need to be converted to follow FMC notation. 1.2 Context-based security & compliance It seems like the Architecture Description of this GE follows the guidelines provided but there is a mismatch in the table of contents ... The section titled "Main Interactions" looks like it should be titled "Context-based security & compliance architecture" while the sections under "sequence diagrams" within the "Basic Design Principles" section would actually fit better as contents of the "Main Interactions" section. Contents of the remaining of section "Design Principles" look more like the detailed description of data exchanged in some of the interactions described in the sequence diagrams ... however, the relationship is not so explicit because the text in the descriptions of sequence diagrams does not always include a reference to the request/response being issued. I see to alternatives to deal with this editorially: * Add the names of the specific operation request / responses within the sequence diagram descriptions and then endup the "Main Interactions" sections with a subsection titled "Basic Data Structures", elaborating on the detailed description of arguments linked to operation request/responses being referred in the interactions. * Add the names of the specific operation request / responses within the sequence diagram descriptions and enrich then with text describing the data structures linked to those operation request/responses (e.g., " invokes the request passing the , and as arguments") Probably the first option is easier to implement and I would recommend it. The figure on the Architecture should be converted to follow FMC notation. 1.3 Identity Management GE While this is one of the core GEs in the Security Chapter, the description is rather poor (My opinion: Overview must be enriched - Daniel) The "Basic Concepts" section doesn't say anything relevant and the "Main Interactions" section is merely a sequence of pictures with no explanation (btw, figures do not follow FMC conventions) . I don't understand what "Design Principles" we are trying to describe with contents on that section. Improvement of the Architecture Description for this GE requires urgent and immediate attention. 1.5. Data Handling GE I would review writing of the example scenario. Some comments (part of them editorial, but I have decided to compile all them together here): * First bullet, I guess that explaining that the Clique social network has been developed within the PrimeLife project doesn't add any value. * Also first bullet, we introduce the role of "Data Controller" ... I guess it would be nice to introduce the concept of "Data Controller" someway in the paragraph of the Description section (section previous to the example). Would it match the backend part of the "Data Handling GE" ? * Third bullet: * you refer to the "PrimeLife Privacy Tuner" ... is that a tool linked to the Data Handling GE ? If so, I would use the term "Data Handling Privacy Tuner" instead. Would "PPL Privacy Tuner" work, given the fact that use the term "PPP Privacy Engine" in the fourth bullet ? * you say: "This tuner is a graphical tool used to edit Privacy preferences in PPL language defined in the deliverable" ... is the usage of the term "deliverable" appropiate here or is it the result of copying&pasting from some document in the PrimeLife project ? * my understanding is that one of the things Alice would be able to configure using the Privacy Tuner would be what domain would be allowed to access data ... (or what rules will determine whether a domain would be allowed to access data). If this is correct, I would mention it to establish a better link with what is being said in the fourth bullet. This would make the example easier to follow. * Fourth bullet: * where is the PPL Privacy Engine running ? My understanding is that it runs on Alice's machine but if so, please say it explicitly. * simply editorial: should be "Alice's machine" instead of "Alice machine". * you say: "the engine will enforce the access control rules related to the requested data". If I understand it right, these access control rules would refer to rules setup by Alice using the Privacy Tuner ... If this is correct, I would mention it. Something like: " the engine will enforce the access control rules related to the requested data that were programmed by Alice using the PPL Privacy Tuner" * you say: " If the domain is allowed to access this data the engine match the privacy policy of the website with the preferences of Alice" ... where are the preferences of Alice configured ? My understanding is that it is also through the Privacy Tuner. If this is correct, I would mention it. Something like: "If the domain is allowed to access this data the engine match the privacy policy of the website with the preferences of Alice, also configured through the PPL Privacy Tuner" * Fifth bullet ... It is said: "Alice has the possibility to decide if she accepts or refuses to send her data". If my understanding is correct, it should not only be that. She should also be able to validate the privacy policy of the website (i.e., which data would be sent and what will it be exclusively used for). If so, I would mention it explicitly. * Sixth bullet ... I believe it would be nice to explain where both the sticky policy and Alice's data will be stored. You refer to "the server" but ... what is that server ? Will it be in the server where the backend of the Data Handling GE is running ? If so, mention it explictly. It would be worth mentioning, btw, maybe not in this bullet but somewhere, where can such Data Handling GE backend be running. Does it necessarely have to be collocated in the backend of the Clique portal ? Could be somewhere else, providing its functionality "as a Service" ? If it may go somewhere else, provided "as a Service", then I would explain this is a possibility. * Eight bullet ... (just editorial) You say: " The policy engine of clique.primelife.eu will match the privacy policy of travel.example.com with the sticky policy related to the e-mail of Alice (step 8), and will check if the sticky policy allows to forward for the purpose of statistics for example" ... I guess it would be better to say "... (step 8), checking if the sticky policy allows to forward Alice's e-mail address for the purpose of statistics, for example." * About what we describe in the last bullet ... how it is prevented that the travel agency doesn't make a wrong usage of Alice's data ? Could it be someway ? If so, it would be worth explaining ... There is no section on "Basic Concepts". Probably it would make sense to translate some of the content in the Appendix here (if you decide to move everything, just the reference would be kept at the end). I would also suggest to elaborate on the following concepts: * PPL and PPI * PPL Privacy Tuner tool Figure on Architecture should be adapted to follow FMC notation. On the other hand, it would be nice to illustrate there: * What is the role of the Privacy Tuner ? Please try to illustrate it * Is the left big grey box a description of the architecture linked to the "PPL Privacy Engine" ? If so, name it accordingly. Otherwise ... what components would be linked to the PPL Privacy Engine ? Main interactions after the Architecture figure: * You describe interactions in terms of operations described in some sort of description of a RESTful binding. This doesn't follow the reference example provided as guidelines. As a result, it is too austere and doesn't elaborate on who invokes an operation, for example. Sequence diagrams would be useful. * The suggested structure for the "Main Interactions" section is fine though: * Data subject side: * Managing PII * Managing Preference Groups * Data controller side: * Uploading resource data and policy * Uploading PII * PII downstream usage request for a single PII 1.6 Optional Security Enablers: I understand the Architecture Description of these enablers, and particularly adaption to published guidelines, is under way. Therefore, I will wait until they are more elaborated. My opinion (Daniel): DB anonymiser: Basic Concepts missing & Basic design principles to be developed CSS- Secure Storage Service: to be developed Morphus antivirus: Basic design principle to be developped 2. Minor comments (some editorial): 2.1 Monitoring GE 2.1.1 Service Level SIEM: * I would recommend explaining what SIEM stands for 2.2 Data Handling GE * I may be wrong but it seems to me like there is something missing or wrong (from an editorial point of view) in the following sentence: "It supports integrated data handling, in particular through two-sided detailed data handling, that takes into account specific preferences/policies expressed using the PPL language, based on XACML". * It would be nice to describe what PPL stands for, the first time this acronym is used. Same for PII. De : BISSON Pascal Envoy? : mardi 21 f?vrier 2012 11:07 ? : fiware-security at lists.fi-ware.eu Cc : BISSON Pascal; GIDOIN Daniel; LELEU Philippe Objet : TR: Comments on Security Architecture Description Chapter Importance : Haute Dear Colleagues, I'm just forwarding you this email I got from our Juanjo who as FI-WARE CA reviewed our Security Chapter contribution to D2.3a Architecture Specifications. I'd like here each of the task leads and GE owners to process those comments promptly not to delay any more release of D2.3 from the perspective of our Security Chapter. Comments have been enough detailed by Juanjo to be addressed by each GE owners as follow. 1.1 Monitoring GE (Thales - Daniel/Philippe/Pascal) 1.2 Context-based security & compliance GE (Atos - Antonio) 1.3 Identity Management GE (NSN - Robert) 1.4 Privacy Management GE (IBM - Anja/Michael) 1.5 Data Handling GE (SAP - Slim/Francesco) 1.6 Optional Security Enablers/Services (SAP - Slim/Francesco) Counting now on each Task leads & GE owners to process those comments asap. Best Regards, Pascal ------------------------------------------------------------------ This e-mail and the documents attached are confidential and intended solely for the addressee; it may also be privileged. If you receive this e-mail in error, please notify the sender immediately and destroy it. As its integrity cannot be secured on the Internet, the Atos group liability cannot be triggered for the message content. Although the sender endeavours to maintain a computer virus-free network, the sender does not warrant that this transmission is virus-free and will not be liable for any damages resulting from any virus transmitted. Este mensaje y los ficheros adjuntos pueden contener informacion confidencial destinada solamente a la(s) persona(s) mencionadas anteriormente pueden estar protegidos por secreto profesional. Si usted recibe este correo electronico por error, gracias por informar inmediatamente al remitente y destruir el mensaje. Al no estar asegurada la integridad de este mensaje sobre la red, Atos no se hace responsable por su contenido. Su contenido no constituye ningun compromiso para el grupo Atos, salvo ratificacion escrita por ambas partes. Aunque se esfuerza al maximo por mantener su red libre de virus, el emisor no puede garantizar nada al respecto y no sera responsable de cualesquiera danos que puedan resultar de una transmision de virus. ------------------------------------------------------------------ -------------- next part -------------- An HTML attachment was scrubbed... URL: From daniel.gidoin at thalesgroup.com Thu Mar 1 18:03:13 2012 From: daniel.gidoin at thalesgroup.com (GIDOIN Daniel) Date: Thu, 1 Mar 2012 18:03:13 +0100 Subject: [Fiware-security] FIWARE- URGENT - warning from Juanjo regarding the Identity Management GE Message-ID: <2849_1330621397_4F4FABD5_2849_9695_1_8F1D40232A0E68409E3FC23A30C3266201670BD5EB37@THSONEA01CMS04P.one.grp> Dear All, I forward the message received in the early morning. Daniel De : Juanjo Hierro [mailto:jhierro at tid.es] Envoy? : jeudi 1 mars 2012 13:01 ? : GIDOIN Daniel; BISSON Pascal Cc : jhierro >> "Juan J. Hierro" Objet : Re: URGENT: No Security representative in joint WPL/WPA follow-up confcall Please note that I haven't seen any further development regarding the Identity Management GE. I haven't check the rest Please push towards recovery of the situation. Regards, -- Juanjo ------------- Product Development and Innovation (PDI) - Telefonica Digital website: www.tid.es email: jhierro at tid.es twitter: twitter.com/JuanjoHierro FI-WARE (European Future Internet Core Platform) Chief Architect You can follow FI-WARE at: website: http://www.fi-ware.eu facebook: http://www.facebook.com/pages/FI-WARE/251366491587242 twitter: http://twitter.com/FIware linkedIn: http://www.linkedin.com/groups/FIWARE-4239932 On 28/02/12 15:28, JUAN JOSE HIERRO SUREDA wrote: Hi, I'm still concerned about the status of the GE Core Identity Management description. It's rather far from the target. I tried to setup a confcall with Pascal last week to know about what action plan you will put in place to recover from the situation. However, unfortunately Pascal couldn't make it. May you tell me what your plans are ? On the other hand, I send a detailed list of comments and I haven't seen so much progress. Please try to push so all of them are addressed during this week so that the Security chapter can be included in the deliverable to be officially submited to the EC by March 6. That is the last delay we can maintain in front of our POs and also the UC projects without them starting to blame on us ! Best regards, -- Juanjo On 27/02/12 13:39, GIDOIN Daniel wrote: Dear Juanjo I am coming from vacation and Pascal is away this week. I apologize, following issues networks this morning, I connect to my mail now, and the last week, I had no opportunity to open my email. So, this week we are finalizing the WP8 contribution to the D2.3. I make sure that owners have sent GE's comments to you (NSN particular concerning the level expected for the GE Core Identity management). On my side, I take into account your comments concerning the GE Security Monitoring. Best regards Daniel De : Juanjo Hierro [mailto:jhierro at tid.es] Envoy? : lundi 27 f?vrier 2012 11:50 ? : GIDOIN Daniel Cc : BISSON Pascal Objet : URGENT: No Security representative in joint WPL/WPA follow-up confcall We are missing you: We'll use powwownow. PIN: 050662. Local dial-in phone numbers at: http://pdf.powwownow.com/pdf/USA_en_pwn-dial-in-numbers.pdf -------- Original Message -------- Subject: Webex and shared minutes in google docs Date: Mon, 27 Feb 2012 10:43:31 +0100 From: Juanjo Hierro To: fiware-wpl at lists.fi-ware.eu , fiware-wpa at lists.fi-ware.eu Hi, The Webex bridge can be found at: https://telefonica.webex.com/telefonica/j.php?ED=191128867&UID=1272924167&PW=NYWNjYTYyZDk1&RT=MTQjMjM%3D If password is required, it is 1234abcD We will share the minutes during the confcall as we did the last time. The URL for the shared minutes is: https://docs.google.com/document/d/1gkEUTMfUizrYxt9y24jOWdT3fvFpv5nKQJch1_3sVAc/edit Cheers, -- Juanjo -------- Original Message -------- Subject: Invitaci?n a reuni?n: FI-WARE Joint WPLs/WPAs follow-up confcall Date: Mon, 27 Feb 2012 10:12:55 +0100 From: Gestor i-Reunion webex7000 Reply-To: Webex7000 at tid.es To: JUAN JOSE HIERRO SUREDA Hola , Gestor i-Reunion webex7000 lo invita a asistir a esta reuni?n en l?nea. Tema: FI-WARE Joint WPLs/WPAs follow-up confcall Fecha: lunes, 27 de febrero de 2012 Hora: 11:00, Europa Hora (Par?s, GMT+01:00) N?mero de la reuni?n: 964 407 309 Contrase?a de la reuni?n: 1234abcD ------------------------------------------------------- Para unirse a la reuni?n en l?nea (?Ahora tambi?n desde iPhones!) ------------------------------------------------------- 1. Vaya a https://telefonica.webex.com/telefonica/j.php?ED=191128867&UID=1272924167&PW=NYWNjYTYyZDk1&RT=MTQjMjM%3D 2. Introduzca su nombre y direcci?n de correo electr?nico. 3. Introduzca la contrase?a de la reuni?n: 1234abcD 4. Haga clic en "Entrar ahora". Para ver en otras zonas horarias o idiomas, haga clic en el enlace: https://telefonica.webex.com/telefonica/j.php?ED=191128867&UID=1272924167&PW=NYWNjYTYyZDk1&ORT=MTQjMjM%3D ------------------------------------------------------- Para obtener ayuda ------------------------------------------------------- 1. Vaya a https://telefonica.webex.com/telefonica/mc 2. En la barra de navegaci?n izquierda, haga clic en "Soporte". Puede ponerse en contacto conmigo en: Webex7000 at tid.es Para a?adir esta reuni?n al programa del calendario (por ejemplo Microsoft Outlook), haga clic en este enlace: https://telefonica.webex.com/telefonica/j.php?ED=191128867&UID=1272924167&ICS=MI&LD=12&RD=14&ST=1&SHA2=RKvdh4UUEmcynXedXePcLCBeH4YxexjTbu7LE9Akeo0=&RT=MTQjMjM%3D La reproducci?n de archivos multimedia enriquecidos con formato universal de comunicaciones (UCF) necesita reproductores adecuados. Para ver este tipo de archivos multimedia enriquecidos en esta reuni?n, compruebe si tiene los reproductores instalados en la computadora. Vaya a https://telefonica.webex.com/telefonica/systemdiagnosis.php Inscr?base para disfrutar de la prueba gratuita de WebEx http://www.webex.com/go/mcemfreetrial http://www.webex.com AVISO IMPORTANTE: Este servicio de WebEx incluye una funci?n que permite ver e intercambiar audio, documentos y otros materiales durante la sesi?n que va a grabarse. Al unirse a esta sesi?n, autom?ticamente da permiso para realizar dichas grabaciones. Si no est? de acuerdo con la grabaci?n, no se una a la sesi?n. ________________________________ Este mensaje se dirige exclusivamente a su destinatario. Puede consultar nuestra pol?tica de env?o y recepci?n de correo electr?nico en el enlace situado m?s abajo. This message is intended exclusively for its addressee. We only send and receive email on the basis of the terms set out at http://www.tid.es/ES/PAGINAS/disclaimer.aspx ________________________________ Este mensaje se dirige exclusivamente a su destinatario. Puede consultar nuestra pol?tica de env?o y recepci?n de correo electr?nico en el enlace situado m?s abajo. This message is intended exclusively for its addressee. We only send and receive email on the basis of the terms set out at http://www.tid.es/ES/PAGINAS/disclaimer.aspx -------------- next part -------------- An HTML attachment was scrubbed... URL: From antonio.garcia at atosresearch.eu Fri Mar 2 10:03:03 2012 From: antonio.garcia at atosresearch.eu (Antonio Garcia Vazquez) Date: Fri, 2 Mar 2012 10:03:03 +0100 Subject: [Fiware-security] FIWARE- URGENT - warning from Juanjo regarding the Identity Management GE Message-ID: <8E18929A6C79354FB4BD9BD4636DCB0665E173@INTMAIL03.es.int.atosorigin.com> Hello, It seems that the main issue is about Identity Management GE Identity Management GE While this is one of the core GEs in the Security Chapter, the description is rather poor (My opinion: Overview must be enriched - Daniel) The "Basic Concepts" section doesn't say anything relevant and the "Main Interactions" section is merely a sequence of pictures with no explanation (btw, figures do not follow FMC conventions) . I don't understand what "Design Principles" we are trying to describe with contents on that section. Improvement of the Architecture Description for this GE requires urgent and immediate attention. Does anybody know If Robert is working on this topic? Meantime it could be a good idea answer Juanjo?s e-mail to tell him the other point are ready for his review. As far as possible I?d like to know ASAP if he has additional comments to handle it before the deadline on 6th March. Best Regards ************************************ * Antonio Garc?a-V?zquez * * (+34) 91 214 9384 * * antonio.garcia at atosresearch.eu * ************************************ From: fiware-security-bounces at lists.fi-ware.eu [mailto:fiware-security-bounces at lists.fi-ware.eu] On Behalf Of GIDOIN Daniel Sent: jueves, 01 de marzo de 2012 18:03 To: Fiware-security at lists.fi-ware.eu Subject: [Fiware-security] FIWARE- URGENT - warning from Juanjo regarding the Identity Management GE Dear All, I forward the message received in the early morning. Daniel De : Juanjo Hierro [mailto:jhierro at tid.es] Envoy? : jeudi 1 mars 2012 13:01 ? : GIDOIN Daniel; BISSON Pascal Cc : jhierro >> "Juan J. Hierro" Objet : Re: URGENT: No Security representative in joint WPL/WPA follow-up confcall Please note that I haven't seen any further development regarding the Identity Management GE. I haven't check the rest Please push towards recovery of the situation. Regards, -- Juanjo ------------- Product Development and Innovation (PDI) - Telefonica Digital website: www.tid.es email: jhierro at tid.es twitter: twitter.com/JuanjoHierro FI-WARE (European Future Internet Core Platform) Chief Architect You can follow FI-WARE at: website: http://www.fi-ware.eu facebook: http://www.facebook.com/pages/FI-WARE/251366491587242 twitter: http://twitter.com/FIware linkedIn: http://www.linkedin.com/groups/FIWARE-4239932 On 28/02/12 15:28, JUAN JOSE HIERRO SUREDA wrote: Hi, I'm still concerned about the status of the GE Core Identity Management description. It's rather far from the target. I tried to setup a confcall with Pascal last week to know about what action plan you will put in place to recover from the situation. However, unfortunately Pascal couldn't make it. May you tell me what your plans are ? On the other hand, I send a detailed list of comments and I haven't seen so much progress. Please try to push so all of them are addressed during this week so that the Security chapter can be included in the deliverable to be officially submited to the EC by March 6. That is the last delay we can maintain in front of our POs and also the UC projects without them starting to blame on us ! Best regards, -- Juanjo On 27/02/12 13:39, GIDOIN Daniel wrote: Dear Juanjo I am coming from vacation and Pascal is away this week. I apologize, following issues networks this morning, I connect to my mail now, and the last week, I had no opportunity to open my email. So, this week we are finalizing the WP8 contribution to the D2.3. I make sure that owners have sent GE's comments to you (NSN particular concerning the level expected for the GE Core Identity management). On my side, I take into account your comments concerning the GE Security Monitoring. Best regards Daniel De : Juanjo Hierro [mailto:jhierro at tid.es] Envoy? : lundi 27 f?vrier 2012 11:50 ? : GIDOIN Daniel Cc : BISSON Pascal Objet : URGENT: No Security representative in joint WPL/WPA follow-up confcall We are missing you: We'll use powwownow. PIN: 050662. Local dial-in phone numbers at: http://pdf.powwownow.com/pdf/USA_en_pwn-dial-in-numbers.pdf -------- Original Message -------- Subject: Webex and shared minutes in google docs Date: Mon, 27 Feb 2012 10:43:31 +0100 From: Juanjo Hierro To: fiware-wpl at lists.fi-ware.eu , fiware-wpa at lists.fi-ware.eu Hi, The Webex bridge can be found at: https://telefonica.webex.com/telefonica/j.php?ED=191128867&UID=1272924167&PW=NYWNjYTYyZDk1&RT=MTQjMjM%3D If password is required, it is 1234abcD We will share the minutes during the confcall as we did the last time. The URL for the shared minutes is: https://docs.google.com/document/d/1gkEUTMfUizrYxt9y24jOWdT3fvFpv5nKQJch1_3sVAc/edit Cheers, -- Juanjo -------- Original Message -------- Subject: Invitaci?n a reuni?n: FI-WARE Joint WPLs/WPAs follow-up confcall Date: Mon, 27 Feb 2012 10:12:55 +0100 From: Gestor i-Reunion webex7000 Reply-To: Webex7000 at tid.es To: JUAN JOSE HIERRO SUREDA Hola , Gestor i-Reunion webex7000 lo invita a asistir a esta reuni?n en l?nea. Tema: FI-WARE Joint WPLs/WPAs follow-up confcall Fecha: lunes, 27 de febrero de 2012 Hora: 11:00, Europa Hora (Par?s, GMT+01:00) N?mero de la reuni?n: 964 407 309 Contrase?a de la reuni?n: 1234abcD ------------------------------------------------------- Para unirse a la reuni?n en l?nea (?Ahora tambi?n desde iPhones!) ------------------------------------------------------- 1. Vaya a https://telefonica.webex.com/telefonica/j.php?ED=191128867&UID=1272924167&PW=NYWNjYTYyZDk1&RT=MTQjMjM%3D 2. Introduzca su nombre y direcci?n de correo electr?nico. 3. Introduzca la contrase?a de la reuni?n: 1234abcD 4. Haga clic en "Entrar ahora". Para ver en otras zonas horarias o idiomas, haga clic en el enlace: https://telefonica.webex.com/telefonica/j.php?ED=191128867&UID=1272924167&PW=NYWNjYTYyZDk1&ORT=MTQjMjM%3D ------------------------------------------------------- Para obtener ayuda ------------------------------------------------------- 1. Vaya a https://telefonica.webex.com/telefonica/mc 2. En la barra de navegaci?n izquierda, haga clic en "Soporte". Puede ponerse en contacto conmigo en: Webex7000 at tid.es Para a?adir esta reuni?n al programa del calendario (por ejemplo Microsoft Outlook), haga clic en este enlace: https://telefonica.webex.com/telefonica/j.php?ED=191128867&UID=1272924167&ICS=MI&LD=12&RD=14&ST=1&SHA2=RKvdh4UUEmcynXedXePcLCBeH4YxexjTbu7LE9Akeo0=&RT=MTQjMjM%3D La reproducci?n de archivos multimedia enriquecidos con formato universal de comunicaciones (UCF) necesita reproductores adecuados. Para ver este tipo de archivos multimedia enriquecidos en esta reuni?n, compruebe si tiene los reproductores instalados en la computadora. Vaya a https://telefonica.webex.com/telefonica/systemdiagnosis.php Inscr?base para disfrutar de la prueba gratuita de WebEx http://www.webex.com/go/mcemfreetrial http://www.webex.com AVISO IMPORTANTE: Este servicio de WebEx incluye una funci?n que permite ver e intercambiar audio, documentos y otros materiales durante la sesi?n que va a grabarse. Al unirse a esta sesi?n, autom?ticamente da permiso para realizar dichas grabaciones. Si no est? de acuerdo con la grabaci?n, no se una a la sesi?n. ________________________________ Este mensaje se dirige exclusivamente a su destinatario. Puede consultar nuestra pol?tica de env?o y recepci?n de correo electr?nico en el enlace situado m?s abajo. This message is intended exclusively for its addressee. We only send and receive email on the basis of the terms set out at http://www.tid.es/ES/PAGINAS/disclaimer.aspx ________________________________ Este mensaje se dirige exclusivamente a su destinatario. Puede consultar nuestra pol?tica de env?o y recepci?n de correo electr?nico en el enlace situado m?s abajo. This message is intended exclusively for its addressee. We only send and receive email on the basis of the terms set out at http://www.tid.es/ES/PAGINAS/disclaimer.aspx ------------------------------------------------------------------ This e-mail and the documents attached are confidential and intended solely for the addressee; it may also be privileged. If you receive this e-mail in error, please notify the sender immediately and destroy it. As its integrity cannot be secured on the Internet, the Atos group liability cannot be triggered for the message content. Although the sender endeavours to maintain a computer virus-free network, the sender does not warrant that this transmission is virus-free and will not be liable for any damages resulting from any virus transmitted. Este mensaje y los ficheros adjuntos pueden contener informacion confidencial destinada solamente a la(s) persona(s) mencionadas anteriormente pueden estar protegidos por secreto profesional. Si usted recibe este correo electronico por error, gracias por informar inmediatamente al remitente y destruir el mensaje. Al no estar asegurada la integridad de este mensaje sobre la red, Atos no se hace responsable por su contenido. Su contenido no constituye ningun compromiso para el grupo Atos, salvo ratificacion escrita por ambas partes. Aunque se esfuerza al maximo por mantener su red libre de virus, el emisor no puede garantizar nada al respecto y no sera responsable de cualesquiera danos que puedan resultar de una transmision de virus. ------------------------------------------------------------------ -------------- next part -------------- An HTML attachment was scrubbed... URL: From robert.seidl at nsn.com Fri Mar 2 10:49:19 2012 From: robert.seidl at nsn.com (Seidl, Robert (NSN - DE/Munich)) Date: Fri, 2 Mar 2012 10:49:19 +0100 Subject: [Fiware-security] FIWARE- URGENT - warning from Juanjo regarding the Identity Management GE In-Reply-To: <8E18929A6C79354FB4BD9BD4636DCB0665E173@INTMAIL03.es.int.atosorigin.com> References: <8E18929A6C79354FB4BD9BD4636DCB0665E173@INTMAIL03.es.int.atosorigin.com> Message-ID: <9739B018F0466A4CAB10A9DABBEBF5A6818879@DEMUEXC027.nsn-intra.net> Hi, DT and NSN are working on an updated version. We will provide updates by today. Greetings Robert From: ext Antonio Garcia Vazquez [mailto:antonio.garcia at atosresearch.eu] Sent: Friday, March 02, 2012 10:03 AM To: GIDOIN Daniel; Seidl, Robert (NSN - DE/Munich) Cc: Fiware-security at lists.fi-ware.eu Subject: RE: [Fiware-security] FIWARE- URGENT - warning from Juanjo regarding the Identity Management GE Hello, It seems that the main issue is about Identity Management GE Identity Management GE While this is one of the core GEs in the Security Chapter, the description is rather poor (My opinion: Overview must be enriched - Daniel) The "Basic Concepts" section doesn't say anything relevant and the "Main Interactions" section is merely a sequence of pictures with no explanation (btw, figures do not follow FMC conventions) . I don't understand what "Design Principles" we are trying to describe with contents on that section. Improvement of the Architecture Description for this GE requires urgent and immediate attention. Does anybody know If Robert is working on this topic? Meantime it could be a good idea answer Juanjo?s e-mail to tell him the other point are ready for his review. As far as possible I?d like to know ASAP if he has additional comments to handle it before the deadline on 6th March. Best Regards ************************************ * Antonio Garc?a-V?zquez * * (+34) 91 214 9384 * * antonio.garcia at atosresearch.eu * ************************************ From: fiware-security-bounces at lists.fi-ware.eu [mailto:fiware-security-bounces at lists.fi-ware.eu] On Behalf Of GIDOIN Daniel Sent: jueves, 01 de marzo de 2012 18:03 To: Fiware-security at lists.fi-ware.eu Subject: [Fiware-security] FIWARE- URGENT - warning from Juanjo regarding the Identity Management GE Dear All, I forward the message received in the early morning. Daniel De : Juanjo Hierro [mailto:jhierro at tid.es] Envoy? : jeudi 1 mars 2012 13:01 ? : GIDOIN Daniel; BISSON Pascal Cc : jhierro >> "Juan J. Hierro" Objet : Re: URGENT: No Security representative in joint WPL/WPA follow-up confcall Please note that I haven't seen any further development regarding the Identity Management GE. I haven't check the rest Please push towards recovery of the situation. Regards, -- Juanjo ------------- Product Development and Innovation (PDI) - Telefonica Digital website: www.tid.es email: jhierro at tid.es twitter: twitter.com/JuanjoHierro FI-WARE (European Future Internet Core Platform) Chief Architect You can follow FI-WARE at: website: http://www.fi-ware.eu facebook: http://www.facebook.com/pages/FI-WARE/251366491587242 twitter: http://twitter.com/FIware linkedIn: http://www.linkedin.com/groups/FIWARE-4239932 On 28/02/12 15:28, JUAN JOSE HIERRO SUREDA wrote: Hi, I'm still concerned about the status of the GE Core Identity Management description. It's rather far from the target. I tried to setup a confcall with Pascal last week to know about what action plan you will put in place to recover from the situation. However, unfortunately Pascal couldn't make it. May you tell me what your plans are ? On the other hand, I send a detailed list of comments and I haven't seen so much progress. Please try to push so all of them are addressed during this week so that the Security chapter can be included in the deliverable to be officially submited to the EC by March 6. That is the last delay we can maintain in front of our POs and also the UC projects without them starting to blame on us ! Best regards, -- Juanjo On 27/02/12 13:39, GIDOIN Daniel wrote: Dear Juanjo I am coming from vacation and Pascal is away this week. I apologize, following issues networks this morning, I connect to my mail now, and the last week, I had no opportunity to open my email. So, this week we are finalizing the WP8 contribution to the D2.3. I make sure that owners have sent GE's comments to you (NSN particular concerning the level expected for the GE Core Identity management). On my side, I take into account your comments concerning the GE Security Monitoring. Best regards Daniel De : Juanjo Hierro [mailto:jhierro at tid.es] Envoy? : lundi 27 f?vrier 2012 11:50 ? : GIDOIN Daniel Cc : BISSON Pascal Objet : URGENT: No Security representative in joint WPL/WPA follow-up confcall We are missing you: We'll use powwownow. PIN: 050662. Local dial-in phone numbers at: http://pdf.powwownow.com/pdf/USA_en_pwn-dial-in-numbers.pdf -------- Original Message -------- Subject: Webex and shared minutes in google docs Date: Mon, 27 Feb 2012 10:43:31 +0100 From: Juanjo Hierro To: fiware-wpl at lists.fi-ware.eu , fiware-wpa at lists.fi-ware.eu Hi, The Webex bridge can be found at: https://telefonica.webex.com/telefonica/j.php?ED=191128867&UID=1272924167&PW=NYWNjYTYyZDk1&RT=MTQjMjM%3D If password is required, it is 1234abcD We will share the minutes during the confcall as we did the last time. The URL for the shared minutes is: https://docs.google.com/document/d/1gkEUTMfUizrYxt9y24jOWdT3fvFpv5nKQJch1_3sVAc/edit Cheers, -- Juanjo -------- Original Message -------- Subject: Invitaci?n a reuni?n: FI-WARE Joint WPLs/WPAs follow-up confcall Date: Mon, 27 Feb 2012 10:12:55 +0100 From: Gestor i-Reunion webex7000 Reply-To: Webex7000 at tid.es To: JUAN JOSE HIERRO SUREDA Hola , Gestor i-Reunion webex7000 lo invita a asistir a esta reuni?n en l?nea. Tema: FI-WARE Joint WPLs/WPAs follow-up confcall Fecha: lunes, 27 de febrero de 2012 Hora: 11:00, Europa Hora (Par?s, GMT+01:00) N?mero de la reuni?n: 964 407 309 Contrase?a de la reuni?n: 1234abcD ------------------------------------------------------- Para unirse a la reuni?n en l?nea (?Ahora tambi?n desde iPhones!) ------------------------------------------------------- 1. Vaya a https://telefonica.webex.com/telefonica/j.php?ED=191128867&UID=1272924167&PW=NYWNjYTYyZDk1&RT=MTQjMjM%3D 2. Introduzca su nombre y direcci?n de correo electr?nico. 3. Introduzca la contrase?a de la reuni?n: 1234abcD 4. Haga clic en "Entrar ahora". Para ver en otras zonas horarias o idiomas, haga clic en el enlace: https://telefonica.webex.com/telefonica/j.php?ED=191128867&UID=1272924167&PW=NYWNjYTYyZDk1&ORT=MTQjMjM%3D ------------------------------------------------------- Para obtener ayuda ------------------------------------------------------- 1. Vaya a https://telefonica.webex.com/telefonica/mc 2. En la barra de navegaci?n izquierda, haga clic en "Soporte". Puede ponerse en contacto conmigo en: Webex7000 at tid.es Para a?adir esta reuni?n al programa del calendario (por ejemplo Microsoft Outlook), haga clic en este enlace: https://telefonica.webex.com/telefonica/j.php?ED=191128867&UID=1272924167&ICS=MI&LD=12&RD=14&ST=1&SHA2=RKvdh4UUEmcynXedXePcLCBeH4YxexjTbu7LE9Akeo0=&RT=MTQjMjM%3D La reproducci?n de archivos multimedia enriquecidos con formato universal de comunicaciones (UCF) necesita reproductores adecuados. Para ver este tipo de archivos multimedia enriquecidos en esta reuni?n, compruebe si tiene los reproductores instalados en la computadora. Vaya a https://telefonica.webex.com/telefonica/systemdiagnosis.php Inscr?base para disfrutar de la prueba gratuita de WebEx http://www.webex.com/go/mcemfreetrial http://www.webex.com AVISO IMPORTANTE: Este servicio de WebEx incluye una funci?n que permite ver e intercambiar audio, documentos y otros materiales durante la sesi?n que va a grabarse. Al unirse a esta sesi?n, autom?ticamente da permiso para realizar dichas grabaciones. Si no est? de acuerdo con la grabaci?n, no se una a la sesi?n. ________________________________ Este mensaje se dirige exclusivamente a su destinatario. Puede consultar nuestra pol?tica de env?o y recepci?n de correo electr?nico en el enlace situado m?s abajo. This message is intended exclusively for its addressee. We only send and receive email on the basis of the terms set out at http://www.tid.es/ES/PAGINAS/disclaimer.aspx ________________________________ Este mensaje se dirige exclusivamente a su destinatario. Puede consultar nuestra pol?tica de env?o y recepci?n de correo electr?nico en el enlace situado m?s abajo. This message is intended exclusively for its addressee. We only send and receive email on the basis of the terms set out at http://www.tid.es/ES/PAGINAS/disclaimer.aspx ------------------------------------------------------------------ This e-mail and the documents attached are confidential and intended solely for the addressee; it may also be privileged. If you receive this e-mail in error, please notify the sender immediately and destroy it. As its integrity cannot be secured on the Internet, the Atos group liability cannot be triggered for the message content. Although the sender endeavours to maintain a computer virus-free network, the sender does not warrant that this transmission is virus-free and will not be liable for any damages resulting from any virus transmitted. Este mensaje y los ficheros adjuntos pueden contener informacion confidencial destinada solamente a la(s) persona(s) mencionadas anteriormente pueden estar protegidos por secreto profesional. Si usted recibe este correo electronico por error, gracias por informar inmediatamente al remitente y destruir el mensaje. Al no estar asegurada la integridad de este mensaje sobre la red, Atos no se hace responsable por su contenido. Su contenido no constituye ningun compromiso para el grupo Atos, salvo ratificacion escrita por ambas partes. Aunque se esfuerza al maximo por mantener su red libre de virus, el emisor no puede garantizar nada al respecto y no sera responsable de cualesquiera danos que puedan resultar de una transmision de virus. ------------------------------------------------------------------ -------------- next part -------------- An HTML attachment was scrubbed... URL: From daniel.gidoin at thalesgroup.com Fri Mar 2 10:57:29 2012 From: daniel.gidoin at thalesgroup.com (GIDOIN Daniel) Date: Fri, 2 Mar 2012 10:57:29 +0100 Subject: [Fiware-security] FIWARE- VERY URGENT - FOR THE ATTENTION OF NSN In-Reply-To: <8E18929A6C79354FB4BD9BD4636DCB0665E173@INTMAIL03.es.int.atosorigin.com> References: <8E18929A6C79354FB4BD9BD4636DCB0665E173@INTMAIL03.es.int.atosorigin.com> Message-ID: <15388_1330682252_4F50998C_15388_12512_1_980e4dae-1fae-4e7e-aaf7-618dda6f1a3f@THSONEA01HUB02P.one.grp> Dear NSN partners, Indeed, the main issue is about Identity Management GE. It is absolutely imperative to take into account the recommendations by Juanjo today. No postponement is possible, the deliverable must be delivered to the commission Monday. For memory: 1.3 Identity Management GE While this is one of the core GEs in the Security Chapter, the description is rather poor The "Basic Concepts" section doesn't say anything relevant and the "Main Interactions" section is merely a sequence of pictures with no explanation (btw, figures do not follow FMC conventions) . I don't understand what "Design Principles" we are trying to describe with contents on that section. Thank you very much, NSN Partners, for answering this message on receipt. Best regard Daniel De : Antonio Garcia Vazquez [mailto:antonio.garcia at atosresearch.eu] Envoy? : vendredi 2 mars 2012 10:03 ? : GIDOIN Daniel; robert.seidl at nsn.com Cc : Fiware-security at lists.fi-ware.eu Objet : RE: [Fiware-security] FIWARE- URGENT - warning from Juanjo regarding the Identity Management GE Hello, It seems that the main issue is about Identity Management GE Identity Management GE While this is one of the core GEs in the Security Chapter, the description is rather poor (My opinion: Overview must be enriched - Daniel) The "Basic Concepts" section doesn't say anything relevant and the "Main Interactions" section is merely a sequence of pictures with no explanation (btw, figures do not follow FMC conventions) . I don't understand what "Design Principles" we are trying to describe with contents on that section. Improvement of the Architecture Description for this GE requires urgent and immediate attention. Does anybody know If Robert is working on this topic? Meantime it could be a good idea answer Juanjo?s e-mail to tell him the other point are ready for his review. As far as possible I?d like to know ASAP if he has additional comments to handle it before the deadline on 6th March. Best Regards ************************************ * Antonio Garc?a-V?zquez * * (+34) 91 214 9384 * * antonio.garcia at atosresearch.eu * ************************************ From: fiware-security-bounces at lists.fi-ware.eu [mailto:fiware-security-bounces at lists.fi-ware.eu] On Behalf Of GIDOIN Daniel Sent: jueves, 01 de marzo de 2012 18:03 To: Fiware-security at lists.fi-ware.eu Subject: [Fiware-security] FIWARE- URGENT - warning from Juanjo regarding the Identity Management GE Dear All, I forward the message received in the early morning. Daniel De : Juanjo Hierro [mailto:jhierro at tid.es] Envoy? : jeudi 1 mars 2012 13:01 ? : GIDOIN Daniel; BISSON Pascal Cc : jhierro >> "Juan J. Hierro" Objet : Re: URGENT: No Security representative in joint WPL/WPA follow-up confcall Please note that I haven't seen any further development regarding the Identity Management GE. I haven't check the rest Please push towards recovery of the situation. Regards, -- Juanjo ------------- Product Development and Innovation (PDI) - Telefonica Digital website: www.tid.es email: jhierro at tid.es twitter: twitter.com/JuanjoHierro FI-WARE (European Future Internet Core Platform) Chief Architect You can follow FI-WARE at: website: http://www.fi-ware.eu facebook: http://www.facebook.com/pages/FI-WARE/251366491587242 twitter: http://twitter.com/FIware linkedIn: http://www.linkedin.com/groups/FIWARE-4239932 On 28/02/12 15:28, JUAN JOSE HIERRO SUREDA wrote: Hi, I'm still concerned about the status of the GE Core Identity Management description. It's rather far from the target. I tried to setup a confcall with Pascal last week to know about what action plan you will put in place to recover from the situation. However, unfortunately Pascal couldn't make it. May you tell me what your plans are ? On the other hand, I send a detailed list of comments and I haven't seen so much progress. Please try to push so all of them are addressed during this week so that the Security chapter can be included in the deliverable to be officially submited to the EC by March 6. That is the last delay we can maintain in front of our POs and also the UC projects without them starting to blame on us ! Best regards, -- Juanjo On 27/02/12 13:39, GIDOIN Daniel wrote: Dear Juanjo I am coming from vacation and Pascal is away this week. I apologize, following issues networks this morning, I connect to my mail now, and the last week, I had no opportunity to open my email. So, this week we are finalizing the WP8 contribution to the D2.3. I make sure that owners have sent GE's comments to you (NSN particular concerning the level expected for the GE Core Identity management). On my side, I take into account your comments concerning the GE Security Monitoring. Best regards Daniel De : Juanjo Hierro [mailto:jhierro at tid.es] Envoy? : lundi 27 f?vrier 2012 11:50 ? : GIDOIN Daniel Cc : BISSON Pascal Objet : URGENT: No Security representative in joint WPL/WPA follow-up confcall We are missing you: We'll use powwownow. PIN: 050662. Local dial-in phone numbers at: http://pdf.powwownow.com/pdf/USA_en_pwn-dial-in-numbers.pdf -------- Original Message -------- Subject: Webex and shared minutes in google docs Date: Mon, 27 Feb 2012 10:43:31 +0100 From: Juanjo Hierro To: fiware-wpl at lists.fi-ware.eu , fiware-wpa at lists.fi-ware.eu Hi, The Webex bridge can be found at: https://telefonica.webex.com/telefonica/j.php?ED=191128867&UID=1272924167&PW=NYWNjYTYyZDk1&RT=MTQjMjM%3D If password is required, it is 1234abcD We will share the minutes during the confcall as we did the last time. The URL for the shared minutes is: https://docs.google.com/document/d/1gkEUTMfUizrYxt9y24jOWdT3fvFpv5nKQJch1_3sVAc/edit Cheers, -- Juanjo -------- Original Message -------- Subject: Invitaci?n a reuni?n: FI-WARE Joint WPLs/WPAs follow-up confcall Date: Mon, 27 Feb 2012 10:12:55 +0100 From: Gestor i-Reunion webex7000 Reply-To: Webex7000 at tid.es To: JUAN JOSE HIERRO SUREDA Hola , Gestor i-Reunion webex7000 lo invita a asistir a esta reuni?n en l?nea. Tema: FI-WARE Joint WPLs/WPAs follow-up confcall Fecha: lunes, 27 de febrero de 2012 Hora: 11:00, Europa Hora (Par?s, GMT+01:00) N?mero de la reuni?n: 964 407 309 Contrase?a de la reuni?n: 1234abcD ------------------------------------------------------- Para unirse a la reuni?n en l?nea (?Ahora tambi?n desde iPhones!) ------------------------------------------------------- 1. Vaya a https://telefonica.webex.com/telefonica/j.php?ED=191128867&UID=1272924167&PW=NYWNjYTYyZDk1&RT=MTQjMjM%3D 2. Introduzca su nombre y direcci?n de correo electr?nico. 3. Introduzca la contrase?a de la reuni?n: 1234abcD 4. Haga clic en "Entrar ahora". Para ver en otras zonas horarias o idiomas, haga clic en el enlace: https://telefonica.webex.com/telefonica/j.php?ED=191128867&UID=1272924167&PW=NYWNjYTYyZDk1&ORT=MTQjMjM%3D ------------------------------------------------------- Para obtener ayuda ------------------------------------------------------- 1. Vaya a https://telefonica.webex.com/telefonica/mc 2. En la barra de navegaci?n izquierda, haga clic en "Soporte". Puede ponerse en contacto conmigo en: Webex7000 at tid.es Para a?adir esta reuni?n al programa del calendario (por ejemplo Microsoft Outlook), haga clic en este enlace: https://telefonica.webex.com/telefonica/j.php?ED=191128867&UID=1272924167&ICS=MI&LD=12&RD=14&ST=1&SHA2=RKvdh4UUEmcynXedXePcLCBeH4YxexjTbu7LE9Akeo0=&RT=MTQjMjM%3D La reproducci?n de archivos multimedia enriquecidos con formato universal de comunicaciones (UCF) necesita reproductores adecuados. Para ver este tipo de archivos multimedia enriquecidos en esta reuni?n, compruebe si tiene los reproductores instalados en la computadora. Vaya a https://telefonica.webex.com/telefonica/systemdiagnosis.php Inscr?base para disfrutar de la prueba gratuita de WebEx http://www.webex.com/go/mcemfreetrial http://www.webex.com AVISO IMPORTANTE: Este servicio de WebEx incluye una funci?n que permite ver e intercambiar audio, documentos y otros materiales durante la sesi?n que va a grabarse. Al unirse a esta sesi?n, autom?ticamente da permiso para realizar dichas grabaciones. Si no est? de acuerdo con la grabaci?n, no se una a la sesi?n. ________________________________ Este mensaje se dirige exclusivamente a su destinatario. Puede consultar nuestra pol?tica de env?o y recepci?n de correo electr?nico en el enlace situado m?s abajo. This message is intended exclusively for its addressee. We only send and receive email on the basis of the terms set out at http://www.tid.es/ES/PAGINAS/disclaimer.aspx ________________________________ Este mensaje se dirige exclusivamente a su destinatario. Puede consultar nuestra pol?tica de env?o y recepci?n de correo electr?nico en el enlace situado m?s abajo. This message is intended exclusively for its addressee. We only send and receive email on the basis of the terms set out at http://www.tid.es/ES/PAGINAS/disclaimer.aspx ------------------------------------------------------------------ This e-mail and the documents attached are confidential and intended solely for the addressee; it may also be privileged. If you receive this e-mail in error, please notify the sender immediately and destroy it. As its integrity cannot be secured on the Internet, the Atos group liability cannot be triggered for the message content. Although the sender endeavours to maintain a computer virus-free network, the sender does not warrant that this transmission is virus-free and will not be liable for any damages resulting from any virus transmitted. Este mensaje y los ficheros adjuntos pueden contener informacion confidencial destinada solamente a la(s) persona(s) mencionadas anteriormente pueden estar protegidos por secreto profesional. Si usted recibe este correo electronico por error, gracias por informar inmediatamente al remitente y destruir el mensaje. Al no estar asegurada la integridad de este mensaje sobre la red, Atos no se hace responsable por su contenido. Su contenido no constituye ningun compromiso para el grupo Atos, salvo ratificacion escrita por ambas partes. Aunque se esfuerza al maximo por mantener su red libre de virus, el emisor no puede garantizar nada al respecto y no sera responsable de cualesquiera danos que puedan resultar de una transmision de virus. ------------------------------------------------------------------ -------------- next part -------------- An HTML attachment was scrubbed... URL: From robert.seidl at nsn.com Fri Mar 2 10:59:50 2012 From: robert.seidl at nsn.com (Seidl, Robert (NSN - DE/Munich)) Date: Fri, 2 Mar 2012 10:59:50 +0100 Subject: [Fiware-security] FIWARE- VERY URGENT - FOR THE ATTENTION OF NSN In-Reply-To: <15388_1330682252_4F50998C_15388_12512_1_980e4dae-1fae-4e7e-aaf7-618dda6f1a3f@THSONEA01HUB02P.one.grp> References: <8E18929A6C79354FB4BD9BD4636DCB0665E173@INTMAIL03.es.int.atosorigin.com> <15388_1330682252_4F50998C_15388_12512_1_980e4dae-1fae-4e7e-aaf7-618dda6f1a3f@THSONEA01HUB02P.one.grp> Message-ID: <9739B018F0466A4CAB10A9DABBEBF5A6818891@DEMUEXC027.nsn-intra.net> Please have a look on the email I sent already! From: ext GIDOIN Daniel [mailto:daniel.gidoin at thalesgroup.com] Sent: Friday, March 02, 2012 10:57 AM To: Seidl, Robert (NSN - DE/Munich) Cc: Fiware-security at lists.fi-ware.eu; Antonio Garcia Vazquez; Bisztray, Denes (NSN - HU/Budapest); Nemeth, Lorant (NSN - HU/Budapest); thierry.nagellen at orange.com; BISSON Pascal Subject: FIWARE- VERY URGENT - FOR THE ATTENTION OF NSN Dear NSN partners, Indeed, the main issue is about Identity Management GE. It is absolutely imperative to take into account the recommendations by Juanjo today. No postponement is possible, the deliverable must be delivered to the commission Monday. For memory: 1.3 Identity Management GE While this is one of the core GEs in the Security Chapter, the description is rather poor The "Basic Concepts" section doesn't say anything relevant and the "Main Interactions" section is merely a sequence of pictures with no explanation (btw, figures do not follow FMC conventions) . I don't understand what "Design Principles" we are trying to describe with contents on that section. Thank you very much, NSN Partners, for answering this message on receipt. Best regard Daniel De : Antonio Garcia Vazquez [mailto:antonio.garcia at atosresearch.eu] Envoy? : vendredi 2 mars 2012 10:03 ? : GIDOIN Daniel; robert.seidl at nsn.com Cc : Fiware-security at lists.fi-ware.eu Objet : RE: [Fiware-security] FIWARE- URGENT - warning from Juanjo regarding the Identity Management GE Hello, It seems that the main issue is about Identity Management GE Identity Management GE While this is one of the core GEs in the Security Chapter, the description is rather poor (My opinion: Overview must be enriched - Daniel) The "Basic Concepts" section doesn't say anything relevant and the "Main Interactions" section is merely a sequence of pictures with no explanation (btw, figures do not follow FMC conventions) . I don't understand what "Design Principles" we are trying to describe with contents on that section. Improvement of the Architecture Description for this GE requires urgent and immediate attention. Does anybody know If Robert is working on this topic? Meantime it could be a good idea answer Juanjo?s e-mail to tell him the other point are ready for his review. As far as possible I?d like to know ASAP if he has additional comments to handle it before the deadline on 6th March. Best Regards ************************************ * Antonio Garc?a-V?zquez * * (+34) 91 214 9384 * * antonio.garcia at atosresearch.eu * ************************************ From: fiware-security-bounces at lists.fi-ware.eu [mailto:fiware-security-bounces at lists.fi-ware.eu] On Behalf Of GIDOIN Daniel Sent: jueves, 01 de marzo de 2012 18:03 To: Fiware-security at lists.fi-ware.eu Subject: [Fiware-security] FIWARE- URGENT - warning from Juanjo regarding the Identity Management GE Dear All, I forward the message received in the early morning. Daniel De : Juanjo Hierro [mailto:jhierro at tid.es] Envoy? : jeudi 1 mars 2012 13:01 ? : GIDOIN Daniel; BISSON Pascal Cc : jhierro >> "Juan J. Hierro" Objet : Re: URGENT: No Security representative in joint WPL/WPA follow-up confcall Please note that I haven't seen any further development regarding the Identity Management GE. I haven't check the rest Please push towards recovery of the situation. Regards, -- Juanjo ------------- Product Development and Innovation (PDI) - Telefonica Digital website: www.tid.es email: jhierro at tid.es twitter: twitter.com/JuanjoHierro FI-WARE (European Future Internet Core Platform) Chief Architect You can follow FI-WARE at: website: http://www.fi-ware.eu facebook: http://www.facebook.com/pages/FI-WARE/251366491587242 twitter: http://twitter.com/FIware linkedIn: http://www.linkedin.com/groups/FIWARE-4239932 On 28/02/12 15:28, JUAN JOSE HIERRO SUREDA wrote: Hi, I'm still concerned about the status of the GE Core Identity Management description. It's rather far from the target. I tried to setup a confcall with Pascal last week to know about what action plan you will put in place to recover from the situation. However, unfortunately Pascal couldn't make it. May you tell me what your plans are ? On the other hand, I send a detailed list of comments and I haven't seen so much progress. Please try to push so all of them are addressed during this week so that the Security chapter can be included in the deliverable to be officially submited to the EC by March 6. That is the last delay we can maintain in front of our POs and also the UC projects without them starting to blame on us ! Best regards, -- Juanjo On 27/02/12 13:39, GIDOIN Daniel wrote: Dear Juanjo I am coming from vacation and Pascal is away this week. I apologize, following issues networks this morning, I connect to my mail now, and the last week, I had no opportunity to open my email. So, this week we are finalizing the WP8 contribution to the D2.3. I make sure that owners have sent GE's comments to you (NSN particular concerning the level expected for the GE Core Identity management). On my side, I take into account your comments concerning the GE Security Monitoring. Best regards Daniel De : Juanjo Hierro [mailto:jhierro at tid.es] Envoy? : lundi 27 f?vrier 2012 11:50 ? : GIDOIN Daniel Cc : BISSON Pascal Objet : URGENT: No Security representative in joint WPL/WPA follow-up confcall We are missing you: We'll use powwownow. PIN: 050662. Local dial-in phone numbers at: http://pdf.powwownow.com/pdf/USA_en_pwn-dial-in-numbers.pdf -------- Original Message -------- Subject: Webex and shared minutes in google docs Date: Mon, 27 Feb 2012 10:43:31 +0100 From: Juanjo Hierro To: fiware-wpl at lists.fi-ware.eu , fiware-wpa at lists.fi-ware.eu Hi, The Webex bridge can be found at: https://telefonica.webex.com/telefonica/j.php?ED=191128867&UID=1272924167&PW=NYWNjYTYyZDk1&RT=MTQjMjM%3D If password is required, it is 1234abcD We will share the minutes during the confcall as we did the last time. The URL for the shared minutes is: https://docs.google.com/document/d/1gkEUTMfUizrYxt9y24jOWdT3fvFpv5nKQJch1_3sVAc/edit Cheers, -- Juanjo -------- Original Message -------- Subject: Invitaci?n a reuni?n: FI-WARE Joint WPLs/WPAs follow-up confcall Date: Mon, 27 Feb 2012 10:12:55 +0100 From: Gestor i-Reunion webex7000 Reply-To: Webex7000 at tid.es To: JUAN JOSE HIERRO SUREDA Hola , Gestor i-Reunion webex7000 lo invita a asistir a esta reuni?n en l?nea. Tema: FI-WARE Joint WPLs/WPAs follow-up confcall Fecha: lunes, 27 de febrero de 2012 Hora: 11:00, Europa Hora (Par?s, GMT+01:00) N?mero de la reuni?n: 964 407 309 Contrase?a de la reuni?n: 1234abcD ------------------------------------------------------- Para unirse a la reuni?n en l?nea (?Ahora tambi?n desde iPhones!) ------------------------------------------------------- 1. Vaya a https://telefonica.webex.com/telefonica/j.php?ED=191128867&UID=1272924167&PW=NYWNjYTYyZDk1&RT=MTQjMjM%3D 2. Introduzca su nombre y direcci?n de correo electr?nico. 3. Introduzca la contrase?a de la reuni?n: 1234abcD 4. Haga clic en "Entrar ahora". Para ver en otras zonas horarias o idiomas, haga clic en el enlace: https://telefonica.webex.com/telefonica/j.php?ED=191128867&UID=1272924167&PW=NYWNjYTYyZDk1&ORT=MTQjMjM%3D ------------------------------------------------------- Para obtener ayuda ------------------------------------------------------- 1. Vaya a https://telefonica.webex.com/telefonica/mc 2. En la barra de navegaci?n izquierda, haga clic en "Soporte". Puede ponerse en contacto conmigo en: Webex7000 at tid.es Para a?adir esta reuni?n al programa del calendario (por ejemplo Microsoft Outlook), haga clic en este enlace: https://telefonica.webex.com/telefonica/j.php?ED=191128867&UID=1272924167&ICS=MI&LD=12&RD=14&ST=1&SHA2=RKvdh4UUEmcynXedXePcLCBeH4YxexjTbu7LE9Akeo0=&RT=MTQjMjM%3D La reproducci?n de archivos multimedia enriquecidos con formato universal de comunicaciones (UCF) necesita reproductores adecuados. Para ver este tipo de archivos multimedia enriquecidos en esta reuni?n, compruebe si tiene los reproductores instalados en la computadora. Vaya a https://telefonica.webex.com/telefonica/systemdiagnosis.php Inscr?base para disfrutar de la prueba gratuita de WebEx http://www.webex.com/go/mcemfreetrial http://www.webex.com AVISO IMPORTANTE: Este servicio de WebEx incluye una funci?n que permite ver e intercambiar audio, documentos y otros materiales durante la sesi?n que va a grabarse. Al unirse a esta sesi?n, autom?ticamente da permiso para realizar dichas grabaciones. Si no est? de acuerdo con la grabaci?n, no se una a la sesi?n. ________________________________ Este mensaje se dirige exclusivamente a su destinatario. Puede consultar nuestra pol?tica de env?o y recepci?n de correo electr?nico en el enlace situado m?s abajo. This message is intended exclusively for its addressee. We only send and receive email on the basis of the terms set out at http://www.tid.es/ES/PAGINAS/disclaimer.aspx ________________________________ Este mensaje se dirige exclusivamente a su destinatario. Puede consultar nuestra pol?tica de env?o y recepci?n de correo electr?nico en el enlace situado m?s abajo. This message is intended exclusively for its addressee. We only send and receive email on the basis of the terms set out at http://www.tid.es/ES/PAGINAS/disclaimer.aspx ------------------------------------------------------------------ This e-mail and the documents attached are confidential and intended solely for the addressee; it may also be privileged. If you receive this e-mail in error, please notify the sender immediately and destroy it. As its integrity cannot be secured on the Internet, the Atos group liability cannot be triggered for the message content. Although the sender endeavours to maintain a computer virus-free network, the sender does not warrant that this transmission is virus-free and will not be liable for any damages resulting from any virus transmitted. Este mensaje y los ficheros adjuntos pueden contener informacion confidencial destinada solamente a la(s) persona(s) mencionadas anteriormente pueden estar protegidos por secreto profesional. Si usted recibe este correo electronico por error, gracias por informar inmediatamente al remitente y destruir el mensaje. Al no estar asegurada la integridad de este mensaje sobre la red, Atos no se hace responsable por su contenido. Su contenido no constituye ningun compromiso para el grupo Atos, salvo ratificacion escrita por ambas partes. Aunque se esfuerza al maximo por mantener su red libre de virus, el emisor no puede garantizar nada al respecto y no sera responsable de cualesquiera danos que puedan resultar de una transmision de virus. ------------------------------------------------------------------ -------------- next part -------------- An HTML attachment was scrubbed... URL: From daniel.gidoin at thalesgroup.com Fri Mar 2 13:49:42 2012 From: daniel.gidoin at thalesgroup.com (GIDOIN Daniel) Date: Fri, 2 Mar 2012 13:49:42 +0100 Subject: [Fiware-security] FIWARE- URGENT - warning from Juanjo regarding the Identity Management GE In-Reply-To: <9739B018F0466A4CAB10A9DABBEBF5A6818879@DEMUEXC027.nsn-intra.net> References: <8E18929A6C79354FB4BD9BD4636DCB0665E173@INTMAIL03.es.int.atosorigin.com> <9739B018F0466A4CAB10A9DABBEBF5A6818879@DEMUEXC027.nsn-intra.net> Message-ID: <925_1330692589_4F50C1ED_925_1755_1_8F1D40232A0E68409E3FC23A30C3266201670BD8FA22@THSONEA01CMS04P.one.grp> Thank a lot Robert? De : Seidl, Robert (NSN - DE/Munich) [mailto:robert.seidl at nsn.com] Envoy? : vendredi 2 mars 2012 10:49 ? : ext Antonio Garcia Vazquez; GIDOIN Daniel Cc : Fiware-security at lists.fi-ware.eu Objet : RE: [Fiware-security] FIWARE- URGENT - warning from Juanjo regarding the Identity Management GE Hi, DT and NSN are working on an updated version. We will provide updates by today. Greetings Robert From: ext Antonio Garcia Vazquez [mailto:antonio.garcia at atosresearch.eu] Sent: Friday, March 02, 2012 10:03 AM To: GIDOIN Daniel; Seidl, Robert (NSN - DE/Munich) Cc: Fiware-security at lists.fi-ware.eu Subject: RE: [Fiware-security] FIWARE- URGENT - warning from Juanjo regarding the Identity Management GE Hello, It seems that the main issue is about Identity Management GE Identity Management GE While this is one of the core GEs in the Security Chapter, the description is rather poor (My opinion: Overview must be enriched - Daniel) The "Basic Concepts" section doesn't say anything relevant and the "Main Interactions" section is merely a sequence of pictures with no explanation (btw, figures do not follow FMC conventions) . I don't understand what "Design Principles" we are trying to describe with contents on that section. Improvement of the Architecture Description for this GE requires urgent and immediate attention. Does anybody know If Robert is working on this topic? Meantime it could be a good idea answer Juanjo?s e-mail to tell him the other point are ready for his review. As far as possible I?d like to know ASAP if he has additional comments to handle it before the deadline on 6th March. Best Regards ************************************ * Antonio Garc?a-V?zquez * * (+34) 91 214 9384 * * antonio.garcia at atosresearch.eu * ************************************ From: fiware-security-bounces at lists.fi-ware.eu [mailto:fiware-security-bounces at lists.fi-ware.eu] On Behalf Of GIDOIN Daniel Sent: jueves, 01 de marzo de 2012 18:03 To: Fiware-security at lists.fi-ware.eu Subject: [Fiware-security] FIWARE- URGENT - warning from Juanjo regarding the Identity Management GE Dear All, I forward the message received in the early morning. Daniel De : Juanjo Hierro [mailto:jhierro at tid.es] Envoy? : jeudi 1 mars 2012 13:01 ? : GIDOIN Daniel; BISSON Pascal Cc : jhierro >> "Juan J. Hierro" Objet : Re: URGENT: No Security representative in joint WPL/WPA follow-up confcall Please note that I haven't seen any further development regarding the Identity Management GE. I haven't check the rest Please push towards recovery of the situation. Regards, -- Juanjo ------------- Product Development and Innovation (PDI) - Telefonica Digital website: www.tid.es email: jhierro at tid.es twitter: twitter.com/JuanjoHierro FI-WARE (European Future Internet Core Platform) Chief Architect You can follow FI-WARE at: website: http://www.fi-ware.eu facebook: http://www.facebook.com/pages/FI-WARE/251366491587242 twitter: http://twitter.com/FIware linkedIn: http://www.linkedin.com/groups/FIWARE-4239932 On 28/02/12 15:28, JUAN JOSE HIERRO SUREDA wrote: Hi, I'm still concerned about the status of the GE Core Identity Management description. It's rather far from the target. I tried to setup a confcall with Pascal last week to know about what action plan you will put in place to recover from the situation. However, unfortunately Pascal couldn't make it. May you tell me what your plans are ? On the other hand, I send a detailed list of comments and I haven't seen so much progress. Please try to push so all of them are addressed during this week so that the Security chapter can be included in the deliverable to be officially submited to the EC by March 6. That is the last delay we can maintain in front of our POs and also the UC projects without them starting to blame on us ! Best regards, -- Juanjo On 27/02/12 13:39, GIDOIN Daniel wrote: Dear Juanjo I am coming from vacation and Pascal is away this week. I apologize, following issues networks this morning, I connect to my mail now, and the last week, I had no opportunity to open my email. So, this week we are finalizing the WP8 contribution to the D2.3. I make sure that owners have sent GE's comments to you (NSN particular concerning the level expected for the GE Core Identity management). On my side, I take into account your comments concerning the GE Security Monitoring. Best regards Daniel De : Juanjo Hierro [mailto:jhierro at tid.es] Envoy? : lundi 27 f?vrier 2012 11:50 ? : GIDOIN Daniel Cc : BISSON Pascal Objet : URGENT: No Security representative in joint WPL/WPA follow-up confcall We are missing you: We'll use powwownow. PIN: 050662. Local dial-in phone numbers at: http://pdf.powwownow.com/pdf/USA_en_pwn-dial-in-numbers.pdf -------- Original Message -------- Subject: Webex and shared minutes in google docs Date: Mon, 27 Feb 2012 10:43:31 +0100 From: Juanjo Hierro To: fiware-wpl at lists.fi-ware.eu , fiware-wpa at lists.fi-ware.eu Hi, The Webex bridge can be found at: https://telefonica.webex.com/telefonica/j.php?ED=191128867&UID=1272924167&PW=NYWNjYTYyZDk1&RT=MTQjMjM%3D If password is required, it is 1234abcD We will share the minutes during the confcall as we did the last time. The URL for the shared minutes is: https://docs.google.com/document/d/1gkEUTMfUizrYxt9y24jOWdT3fvFpv5nKQJch1_3sVAc/edit Cheers, -- Juanjo -------- Original Message -------- Subject: Invitaci?n a reuni?n: FI-WARE Joint WPLs/WPAs follow-up confcall Date: Mon, 27 Feb 2012 10:12:55 +0100 From: Gestor i-Reunion webex7000 Reply-To: Webex7000 at tid.es To: JUAN JOSE HIERRO SUREDA Hola , Gestor i-Reunion webex7000 lo invita a asistir a esta reuni?n en l?nea. Tema: FI-WARE Joint WPLs/WPAs follow-up confcall Fecha: lunes, 27 de febrero de 2012 Hora: 11:00, Europa Hora (Par?s, GMT+01:00) N?mero de la reuni?n: 964 407 309 Contrase?a de la reuni?n: 1234abcD ------------------------------------------------------- Para unirse a la reuni?n en l?nea (?Ahora tambi?n desde iPhones!) ------------------------------------------------------- 1. Vaya a https://telefonica.webex.com/telefonica/j.php?ED=191128867&UID=1272924167&PW=NYWNjYTYyZDk1&RT=MTQjMjM%3D 2. Introduzca su nombre y direcci?n de correo electr?nico. 3. Introduzca la contrase?a de la reuni?n: 1234abcD 4. Haga clic en "Entrar ahora". Para ver en otras zonas horarias o idiomas, haga clic en el enlace: https://telefonica.webex.com/telefonica/j.php?ED=191128867&UID=1272924167&PW=NYWNjYTYyZDk1&ORT=MTQjMjM%3D ------------------------------------------------------- Para obtener ayuda ------------------------------------------------------- 1. Vaya a https://telefonica.webex.com/telefonica/mc 2. En la barra de navegaci?n izquierda, haga clic en "Soporte". Puede ponerse en contacto conmigo en: Webex7000 at tid.es Para a?adir esta reuni?n al programa del calendario (por ejemplo Microsoft Outlook), haga clic en este enlace: https://telefonica.webex.com/telefonica/j.php?ED=191128867&UID=1272924167&ICS=MI&LD=12&RD=14&ST=1&SHA2=RKvdh4UUEmcynXedXePcLCBeH4YxexjTbu7LE9Akeo0=&RT=MTQjMjM%3D La reproducci?n de archivos multimedia enriquecidos con formato universal de comunicaciones (UCF) necesita reproductores adecuados. Para ver este tipo de archivos multimedia enriquecidos en esta reuni?n, compruebe si tiene los reproductores instalados en la computadora. Vaya a https://telefonica.webex.com/telefonica/systemdiagnosis.php Inscr?base para disfrutar de la prueba gratuita de WebEx http://www.webex.com/go/mcemfreetrial http://www.webex.com AVISO IMPORTANTE: Este servicio de WebEx incluye una funci?n que permite ver e intercambiar audio, documentos y otros materiales durante la sesi?n que va a grabarse. Al unirse a esta sesi?n, autom?ticamente da permiso para realizar dichas grabaciones. Si no est? de acuerdo con la grabaci?n, no se una a la sesi?n. ________________________________ Este mensaje se dirige exclusivamente a su destinatario. Puede consultar nuestra pol?tica de env?o y recepci?n de correo electr?nico en el enlace situado m?s abajo. This message is intended exclusively for its addressee. We only send and receive email on the basis of the terms set out at http://www.tid.es/ES/PAGINAS/disclaimer.aspx ________________________________ Este mensaje se dirige exclusivamente a su destinatario. Puede consultar nuestra pol?tica de env?o y recepci?n de correo electr?nico en el enlace situado m?s abajo. This message is intended exclusively for its addressee. We only send and receive email on the basis of the terms set out at http://www.tid.es/ES/PAGINAS/disclaimer.aspx ------------------------------------------------------------------ This e-mail and the documents attached are confidential and intended solely for the addressee; it may also be privileged. If you receive this e-mail in error, please notify the sender immediately and destroy it. As its integrity cannot be secured on the Internet, the Atos group liability cannot be triggered for the message content. Although the sender endeavours to maintain a computer virus-free network, the sender does not warrant that this transmission is virus-free and will not be liable for any damages resulting from any virus transmitted. Este mensaje y los ficheros adjuntos pueden contener informacion confidencial destinada solamente a la(s) persona(s) mencionadas anteriormente pueden estar protegidos por secreto profesional. Si usted recibe este correo electronico por error, gracias por informar inmediatamente al remitente y destruir el mensaje. Al no estar asegurada la integridad de este mensaje sobre la red, Atos no se hace responsable por su contenido. Su contenido no constituye ningun compromiso para el grupo Atos, salvo ratificacion escrita por ambas partes. Aunque se esfuerza al maximo por mantener su red libre de virus, el emisor no puede garantizar nada al respecto y no sera responsable de cualesquiera danos que puedan resultar de una transmision de virus. ------------------------------------------------------------------ -------------- next part -------------- An HTML attachment was scrubbed... URL: From robert.seidl at nsn.com Fri Mar 2 18:35:39 2012 From: robert.seidl at nsn.com (Seidl, Robert (NSN - DE/Munich)) Date: Fri, 2 Mar 2012 18:35:39 +0100 Subject: [Fiware-security] FIWARE- URGENT - warning from Juanjo regarding the Identity Management GE In-Reply-To: <925_1330692589_4F50C1ED_925_1755_1_8F1D40232A0E68409E3FC23A30C3266201670BD8FA22@THSONEA01CMS04P.one.grp> References: <8E18929A6C79354FB4BD9BD4636DCB0665E173@INTMAIL03.es.int.atosorigin.com> <9739B018F0466A4CAB10A9DABBEBF5A6818879@DEMUEXC027.nsn-intra.net> <925_1330692589_4F50C1ED_925_1755_1_8F1D40232A0E68409E3FC23A30C3266201670BD8FA22@THSONEA01CMS04P.one.grp> Message-ID: <9739B018F0466A4CAB10A9DABBEBF5A6818A27@DEMUEXC027.nsn-intra.net> Together with Alexandra and Wolfgang we have updated the GE IDM enabler. It should be fine now. Have a nice weekend Robert Von: ext GIDOIN Daniel [mailto:daniel.gidoin at thalesgroup.com] Gesendet: Freitag, 2. M?rz 2012 13:50 An: Seidl, Robert (NSN - DE/Munich); ext Antonio Garcia Vazquez Cc: Fiware-security at lists.fi-ware.eu Betreff: RE: [Fiware-security] FIWARE- URGENT - warning from Juanjo regarding the Identity Management GE Thank a lot RobertJ De : Seidl, Robert (NSN - DE/Munich) [mailto:robert.seidl at nsn.com] Envoy? : vendredi 2 mars 2012 10:49 ? : ext Antonio Garcia Vazquez; GIDOIN Daniel Cc : Fiware-security at lists.fi-ware.eu Objet : RE: [Fiware-security] FIWARE- URGENT - warning from Juanjo regarding the Identity Management GE Hi, DT and NSN are working on an updated version. We will provide updates by today. Greetings Robert From: ext Antonio Garcia Vazquez [mailto:antonio.garcia at atosresearch.eu] Sent: Friday, March 02, 2012 10:03 AM To: GIDOIN Daniel; Seidl, Robert (NSN - DE/Munich) Cc: Fiware-security at lists.fi-ware.eu Subject: RE: [Fiware-security] FIWARE- URGENT - warning from Juanjo regarding the Identity Management GE Hello, It seems that the main issue is about Identity Management GE Identity Management GE While this is one of the core GEs in the Security Chapter, the description is rather poor (My opinion: Overview must be enriched - Daniel) The "Basic Concepts" section doesn't say anything relevant and the "Main Interactions" section is merely a sequence of pictures with no explanation (btw, figures do not follow FMC conventions) . I don't understand what "Design Principles" we are trying to describe with contents on that section. Improvement of the Architecture Description for this GE requires urgent and immediate attention. Does anybody know If Robert is working on this topic? Meantime it could be a good idea answer Juanjo?s e-mail to tell him the other point are ready for his review. As far as possible I?d like to know ASAP if he has additional comments to handle it before the deadline on 6th March. Best Regards ************************************ * Antonio Garc?a-V?zquez * * (+34) 91 214 9384 * * antonio.garcia at atosresearch.eu * ************************************ From: fiware-security-bounces at lists.fi-ware.eu [mailto:fiware-security-bounces at lists.fi-ware.eu] On Behalf Of GIDOIN Daniel Sent: jueves, 01 de marzo de 2012 18:03 To: Fiware-security at lists.fi-ware.eu Subject: [Fiware-security] FIWARE- URGENT - warning from Juanjo regarding the Identity Management GE Dear All, I forward the message received in the early morning. Daniel De : Juanjo Hierro [mailto:jhierro at tid.es] Envoy? : jeudi 1 mars 2012 13:01 ? : GIDOIN Daniel; BISSON Pascal Cc : jhierro >> "Juan J. Hierro" Objet : Re: URGENT: No Security representative in joint WPL/WPA follow-up confcall Please note that I haven't seen any further development regarding the Identity Management GE. I haven't check the rest Please push towards recovery of the situation. Regards, -- Juanjo ------------- Product Development and Innovation (PDI) - Telefonica Digital website: www.tid.es email: jhierro at tid.es twitter: twitter.com/JuanjoHierro FI-WARE (European Future Internet Core Platform) Chief Architect You can follow FI-WARE at: website: http://www.fi-ware.eu facebook: http://www.facebook.com/pages/FI-WARE/251366491587242 twitter: http://twitter.com/FIware linkedIn: http://www.linkedin.com/groups/FIWARE-4239932 On 28/02/12 15:28, JUAN JOSE HIERRO SUREDA wrote: Hi, I'm still concerned about the status of the GE Core Identity Management description. It's rather far from the target. I tried to setup a confcall with Pascal last week to know about what action plan you will put in place to recover from the situation. However, unfortunately Pascal couldn't make it. May you tell me what your plans are ? On the other hand, I send a detailed list of comments and I haven't seen so much progress. Please try to push so all of them are addressed during this week so that the Security chapter can be included in the deliverable to be officially submited to the EC by March 6. That is the last delay we can maintain in front of our POs and also the UC projects without them starting to blame on us ! Best regards, -- Juanjo On 27/02/12 13:39, GIDOIN Daniel wrote: Dear Juanjo I am coming from vacation and Pascal is away this week. I apologize, following issues networks this morning, I connect to my mail now, and the last week, I had no opportunity to open my email. So, this week we are finalizing the WP8 contribution to the D2.3. I make sure that owners have sent GE's comments to you (NSN particular concerning the level expected for the GE Core Identity management). On my side, I take into account your comments concerning the GE Security Monitoring. Best regards Daniel De : Juanjo Hierro [mailto:jhierro at tid.es] Envoy? : lundi 27 f?vrier 2012 11:50 ? : GIDOIN Daniel Cc : BISSON Pascal Objet : URGENT: No Security representative in joint WPL/WPA follow-up confcall We are missing you: We'll use powwownow. PIN: 050662. Local dial-in phone numbers at: http://pdf.powwownow.com/pdf/USA_en_pwn-dial-in-numbers.pdf -------- Original Message -------- Subject: Webex and shared minutes in google docs Date: Mon, 27 Feb 2012 10:43:31 +0100 From: Juanjo Hierro To: fiware-wpl at lists.fi-ware.eu , fiware-wpa at lists.fi-ware.eu Hi, The Webex bridge can be found at: https://telefonica.webex.com/telefonica/j.php?ED=191128867&UID=1272924167&PW=NYWNjYTYyZDk1&RT=MTQjMjM%3D If password is required, it is 1234abcD We will share the minutes during the confcall as we did the last time. The URL for the shared minutes is: https://docs.google.com/document/d/1gkEUTMfUizrYxt9y24jOWdT3fvFpv5nKQJch1_3sVAc/edit Cheers, -- Juanjo -------- Original Message -------- Subject: Invitaci?n a reuni?n: FI-WARE Joint WPLs/WPAs follow-up confcall Date: Mon, 27 Feb 2012 10:12:55 +0100 From: Gestor i-Reunion webex7000 Reply-To: Webex7000 at tid.es To: JUAN JOSE HIERRO SUREDA Hola , Gestor i-Reunion webex7000 lo invita a asistir a esta reuni?n en l?nea. Tema: FI-WARE Joint WPLs/WPAs follow-up confcall Fecha: lunes, 27 de febrero de 2012 Hora: 11:00, Europa Hora (Par?s, GMT+01:00) N?mero de la reuni?n: 964 407 309 Contrase?a de la reuni?n: 1234abcD ------------------------------------------------------- Para unirse a la reuni?n en l?nea (?Ahora tambi?n desde iPhones!) ------------------------------------------------------- 1. Vaya a https://telefonica.webex.com/telefonica/j.php?ED=191128867&UID=1272924167&PW=NYWNjYTYyZDk1&RT=MTQjMjM%3D 2. Introduzca su nombre y direcci?n de correo electr?nico. 3. Introduzca la contrase?a de la reuni?n: 1234abcD 4. Haga clic en "Entrar ahora". Para ver en otras zonas horarias o idiomas, haga clic en el enlace: https://telefonica.webex.com/telefonica/j.php?ED=191128867&UID=1272924167&PW=NYWNjYTYyZDk1&ORT=MTQjMjM%3D ------------------------------------------------------- Para obtener ayuda ------------------------------------------------------- 1. Vaya a https://telefonica.webex.com/telefonica/mc 2. En la barra de navegaci?n izquierda, haga clic en "Soporte". Puede ponerse en contacto conmigo en: Webex7000 at tid.es Para a?adir esta reuni?n al programa del calendario (por ejemplo Microsoft Outlook), haga clic en este enlace: https://telefonica.webex.com/telefonica/j.php?ED=191128867&UID=1272924167&ICS=MI&LD=12&RD=14&ST=1&SHA2=RKvdh4UUEmcynXedXePcLCBeH4YxexjTbu7LE9Akeo0=&RT=MTQjMjM%3D La reproducci?n de archivos multimedia enriquecidos con formato universal de comunicaciones (UCF) necesita reproductores adecuados. Para ver este tipo de archivos multimedia enriquecidos en esta reuni?n, compruebe si tiene los reproductores instalados en la computadora. Vaya a https://telefonica.webex.com/telefonica/systemdiagnosis.php Inscr?base para disfrutar de la prueba gratuita de WebEx http://www.webex.com/go/mcemfreetrial http://www.webex.com AVISO IMPORTANTE: Este servicio de WebEx incluye una funci?n que permite ver e intercambiar audio, documentos y otros materiales durante la sesi?n que va a grabarse. Al unirse a esta sesi?n, autom?ticamente da permiso para realizar dichas grabaciones. Si no est? de acuerdo con la grabaci?n, no se una a la sesi?n. ________________________________ Este mensaje se dirige exclusivamente a su destinatario. Puede consultar nuestra pol?tica de env?o y recepci?n de correo electr?nico en el enlace situado m?s abajo. This message is intended exclusively for its addressee. We only send and receive email on the basis of the terms set out at http://www.tid.es/ES/PAGINAS/disclaimer.aspx ________________________________ Este mensaje se dirige exclusivamente a su destinatario. Puede consultar nuestra pol?tica de env?o y recepci?n de correo electr?nico en el enlace situado m?s abajo. This message is intended exclusively for its addressee. We only send and receive email on the basis of the terms set out at http://www.tid.es/ES/PAGINAS/disclaimer.aspx ------------------------------------------------------------------ This e-mail and the documents attached are confidential and intended solely for the addressee; it may also be privileged. If you receive this e-mail in error, please notify the sender immediately and destroy it. As its integrity cannot be secured on the Internet, the Atos group liability cannot be triggered for the message content. Although the sender endeavours to maintain a computer virus-free network, the sender does not warrant that this transmission is virus-free and will not be liable for any damages resulting from any virus transmitted. Este mensaje y los ficheros adjuntos pueden contener informacion confidencial destinada solamente a la(s) persona(s) mencionadas anteriormente pueden estar protegidos por secreto profesional. Si usted recibe este correo electronico por error, gracias por informar inmediatamente al remitente y destruir el mensaje. Al no estar asegurada la integridad de este mensaje sobre la red, Atos no se hace responsable por su contenido. Su contenido no constituye ningun compromiso para el grupo Atos, salvo ratificacion escrita por ambas partes. Aunque se esfuerza al maximo por mantener su red libre de virus, el emisor no puede garantizar nada al respecto y no sera responsable de cualesquiera danos que puedan resultar de una transmision de virus. ------------------------------------------------------------------ -------------- next part -------------- An HTML attachment was scrubbed... URL: From daniel.gidoin at thalesgroup.com Sun Mar 4 14:48:41 2012 From: daniel.gidoin at thalesgroup.com (GIDOIN Daniel) Date: Sun, 4 Mar 2012 14:48:41 +0100 Subject: [Fiware-security] FIWARE- URGENT - warning from Juanjo regarding the Identity Management GE In-Reply-To: <9739B018F0466A4CAB10A9DABBEBF5A6818A27@DEMUEXC027.nsn-intra.net> References: <8E18929A6C79354FB4BD9BD4636DCB0665E173@INTMAIL03.es.int.atosorigin.com> <9739B018F0466A4CAB10A9DABBEBF5A6818879@DEMUEXC027.nsn-intra.net> <925_1330692589_4F50C1ED_925_1755_1_8F1D40232A0E68409E3FC23A30C3266201670BD8FA22@THSONEA01CMS04P.one.grp> <9739B018F0466A4CAB10A9DABBEBF5A6818A27@DEMUEXC027.nsn-intra.net> Message-ID: <27359_1330868943_4F5372CF_27359_2733_1_25226739-a9a8-45ed-9661-63658f90e974@THSONEA01HUB03P.one.grp> Big thank Robert, Alexandra and Wolfgang Daniel De : Seidl, Robert (NSN - DE/Munich) [mailto:robert.seidl at nsn.com] Envoy? : vendredi 2 mars 2012 18:36 ? : GIDOIN Daniel; BISSON Pascal Cc : Fiware-security at lists.fi-ware.eu Objet : AW: [Fiware-security] FIWARE- URGENT - warning from Juanjo regarding the Identity Management GE Together with Alexandra and Wolfgang we have updated the GE IDM enabler. It should be fine now. Have a nice weekend Robert Von: ext GIDOIN Daniel [mailto:daniel.gidoin at thalesgroup.com] Gesendet: Freitag, 2. M?rz 2012 13:50 An: Seidl, Robert (NSN - DE/Munich); ext Antonio Garcia Vazquez Cc: Fiware-security at lists.fi-ware.eu Betreff: RE: [Fiware-security] FIWARE- URGENT - warning from Juanjo regarding the Identity Management GE Thank a lot Robert? De : Seidl, Robert (NSN - DE/Munich) [mailto:robert.seidl at nsn.com] Envoy? : vendredi 2 mars 2012 10:49 ? : ext Antonio Garcia Vazquez; GIDOIN Daniel Cc : Fiware-security at lists.fi-ware.eu Objet : RE: [Fiware-security] FIWARE- URGENT - warning from Juanjo regarding the Identity Management GE Hi, DT and NSN are working on an updated version. We will provide updates by today. Greetings Robert From: ext Antonio Garcia Vazquez [mailto:antonio.garcia at atosresearch.eu] Sent: Friday, March 02, 2012 10:03 AM To: GIDOIN Daniel; Seidl, Robert (NSN - DE/Munich) Cc: Fiware-security at lists.fi-ware.eu Subject: RE: [Fiware-security] FIWARE- URGENT - warning from Juanjo regarding the Identity Management GE Hello, It seems that the main issue is about Identity Management GE Identity Management GE While this is one of the core GEs in the Security Chapter, the description is rather poor (My opinion: Overview must be enriched - Daniel) The "Basic Concepts" section doesn't say anything relevant and the "Main Interactions" section is merely a sequence of pictures with no explanation (btw, figures do not follow FMC conventions) . I don't understand what "Design Principles" we are trying to describe with contents on that section. Improvement of the Architecture Description for this GE requires urgent and immediate attention. Does anybody know If Robert is working on this topic? Meantime it could be a good idea answer Juanjo?s e-mail to tell him the other point are ready for his review. As far as possible I?d like to know ASAP if he has additional comments to handle it before the deadline on 6th March. Best Regards ************************************ * Antonio Garc?a-V?zquez * * (+34) 91 214 9384 * * antonio.garcia at atosresearch.eu * ************************************ From: fiware-security-bounces at lists.fi-ware.eu [mailto:fiware-security-bounces at lists.fi-ware.eu] On Behalf Of GIDOIN Daniel Sent: jueves, 01 de marzo de 2012 18:03 To: Fiware-security at lists.fi-ware.eu Subject: [Fiware-security] FIWARE- URGENT - warning from Juanjo regarding the Identity Management GE Dear All, I forward the message received in the early morning. Daniel De : Juanjo Hierro [mailto:jhierro at tid.es] Envoy? : jeudi 1 mars 2012 13:01 ? : GIDOIN Daniel; BISSON Pascal Cc : jhierro >> "Juan J. Hierro" Objet : Re: URGENT: No Security representative in joint WPL/WPA follow-up confcall Please note that I haven't seen any further development regarding the Identity Management GE. I haven't check the rest Please push towards recovery of the situation. Regards, -- Juanjo ------------- Product Development and Innovation (PDI) - Telefonica Digital website: www.tid.es email: jhierro at tid.es twitter: twitter.com/JuanjoHierro FI-WARE (European Future Internet Core Platform) Chief Architect You can follow FI-WARE at: website: http://www.fi-ware.eu facebook: http://www.facebook.com/pages/FI-WARE/251366491587242 twitter: http://twitter.com/FIware linkedIn: http://www.linkedin.com/groups/FIWARE-4239932 On 28/02/12 15:28, JUAN JOSE HIERRO SUREDA wrote: Hi, I'm still concerned about the status of the GE Core Identity Management description. It's rather far from the target. I tried to setup a confcall with Pascal last week to know about what action plan you will put in place to recover from the situation. However, unfortunately Pascal couldn't make it. May you tell me what your plans are ? On the other hand, I send a detailed list of comments and I haven't seen so much progress. Please try to push so all of them are addressed during this week so that the Security chapter can be included in the deliverable to be officially submited to the EC by March 6. That is the last delay we can maintain in front of our POs and also the UC projects without them starting to blame on us ! Best regards, -- Juanjo On 27/02/12 13:39, GIDOIN Daniel wrote: Dear Juanjo I am coming from vacation and Pascal is away this week. I apologize, following issues networks this morning, I connect to my mail now, and the last week, I had no opportunity to open my email. So, this week we are finalizing the WP8 contribution to the D2.3. I make sure that owners have sent GE's comments to you (NSN particular concerning the level expected for the GE Core Identity management). On my side, I take into account your comments concerning the GE Security Monitoring. Best regards Daniel De : Juanjo Hierro [mailto:jhierro at tid.es] Envoy? : lundi 27 f?vrier 2012 11:50 ? : GIDOIN Daniel Cc : BISSON Pascal Objet : URGENT: No Security representative in joint WPL/WPA follow-up confcall We are missing you: We'll use powwownow. PIN: 050662. Local dial-in phone numbers at: http://pdf.powwownow.com/pdf/USA_en_pwn-dial-in-numbers.pdf -------- Original Message -------- Subject: Webex and shared minutes in google docs Date: Mon, 27 Feb 2012 10:43:31 +0100 From: Juanjo Hierro To: fiware-wpl at lists.fi-ware.eu , fiware-wpa at lists.fi-ware.eu Hi, The Webex bridge can be found at: https://telefonica.webex.com/telefonica/j.php?ED=191128867&UID=1272924167&PW=NYWNjYTYyZDk1&RT=MTQjMjM%3D If password is required, it is 1234abcD We will share the minutes during the confcall as we did the last time. The URL for the shared minutes is: https://docs.google.com/document/d/1gkEUTMfUizrYxt9y24jOWdT3fvFpv5nKQJch1_3sVAc/edit Cheers, -- Juanjo -------- Original Message -------- Subject: Invitaci?n a reuni?n: FI-WARE Joint WPLs/WPAs follow-up confcall Date: Mon, 27 Feb 2012 10:12:55 +0100 From: Gestor i-Reunion webex7000 Reply-To: Webex7000 at tid.es To: JUAN JOSE HIERRO SUREDA Hola , Gestor i-Reunion webex7000 lo invita a asistir a esta reuni?n en l?nea. Tema: FI-WARE Joint WPLs/WPAs follow-up confcall Fecha: lunes, 27 de febrero de 2012 Hora: 11:00, Europa Hora (Par?s, GMT+01:00) N?mero de la reuni?n: 964 407 309 Contrase?a de la reuni?n: 1234abcD ------------------------------------------------------- Para unirse a la reuni?n en l?nea (?Ahora tambi?n desde iPhones!) ------------------------------------------------------- 1. Vaya a https://telefonica.webex.com/telefonica/j.php?ED=191128867&UID=1272924167&PW=NYWNjYTYyZDk1&RT=MTQjMjM%3D 2. Introduzca su nombre y direcci?n de correo electr?nico. 3. Introduzca la contrase?a de la reuni?n: 1234abcD 4. Haga clic en "Entrar ahora". Para ver en otras zonas horarias o idiomas, haga clic en el enlace: https://telefonica.webex.com/telefonica/j.php?ED=191128867&UID=1272924167&PW=NYWNjYTYyZDk1&ORT=MTQjMjM%3D ------------------------------------------------------- Para obtener ayuda ------------------------------------------------------- 1. Vaya a https://telefonica.webex.com/telefonica/mc 2. En la barra de navegaci?n izquierda, haga clic en "Soporte". Puede ponerse en contacto conmigo en: Webex7000 at tid.es Para a?adir esta reuni?n al programa del calendario (por ejemplo Microsoft Outlook), haga clic en este enlace: https://telefonica.webex.com/telefonica/j.php?ED=191128867&UID=1272924167&ICS=MI&LD=12&RD=14&ST=1&SHA2=RKvdh4UUEmcynXedXePcLCBeH4YxexjTbu7LE9Akeo0=&RT=MTQjMjM%3D La reproducci?n de archivos multimedia enriquecidos con formato universal de comunicaciones (UCF) necesita reproductores adecuados. Para ver este tipo de archivos multimedia enriquecidos en esta reuni?n, compruebe si tiene los reproductores instalados en la computadora. Vaya a https://telefonica.webex.com/telefonica/systemdiagnosis.php Inscr?base para disfrutar de la prueba gratuita de WebEx http://www.webex.com/go/mcemfreetrial http://www.webex.com AVISO IMPORTANTE: Este servicio de WebEx incluye una funci?n que permite ver e intercambiar audio, documentos y otros materiales durante la sesi?n que va a grabarse. Al unirse a esta sesi?n, autom?ticamente da permiso para realizar dichas grabaciones. Si no est? de acuerdo con la grabaci?n, no se una a la sesi?n. ________________________________ Este mensaje se dirige exclusivamente a su destinatario. Puede consultar nuestra pol?tica de env?o y recepci?n de correo electr?nico en el enlace situado m?s abajo. This message is intended exclusively for its addressee. We only send and receive email on the basis of the terms set out at http://www.tid.es/ES/PAGINAS/disclaimer.aspx ________________________________ Este mensaje se dirige exclusivamente a su destinatario. Puede consultar nuestra pol?tica de env?o y recepci?n de correo electr?nico en el enlace situado m?s abajo. This message is intended exclusively for its addressee. We only send and receive email on the basis of the terms set out at http://www.tid.es/ES/PAGINAS/disclaimer.aspx ------------------------------------------------------------------ This e-mail and the documents attached are confidential and intended solely for the addressee; it may also be privileged. If you receive this e-mail in error, please notify the sender immediately and destroy it. As its integrity cannot be secured on the Internet, the Atos group liability cannot be triggered for the message content. Although the sender endeavours to maintain a computer virus-free network, the sender does not warrant that this transmission is virus-free and will not be liable for any damages resulting from any virus transmitted. Este mensaje y los ficheros adjuntos pueden contener informacion confidencial destinada solamente a la(s) persona(s) mencionadas anteriormente pueden estar protegidos por secreto profesional. Si usted recibe este correo electronico por error, gracias por informar inmediatamente al remitente y destruir el mensaje. Al no estar asegurada la integridad de este mensaje sobre la red, Atos no se hace responsable por su contenido. Su contenido no constituye ningun compromiso para el grupo Atos, salvo ratificacion escrita por ambas partes. Aunque se esfuerza al maximo por mantener su red libre de virus, el emisor no puede garantizar nada al respecto y no sera responsable de cualesquiera danos que puedan resultar de una transmision de virus. ------------------------------------------------------------------ -------------- next part -------------- An HTML attachment was scrubbed... URL: From pascal.bisson at thalesgroup.com Mon Mar 5 10:42:49 2012 From: pascal.bisson at thalesgroup.com (BISSON Pascal) Date: Mon, 5 Mar 2012 10:42:49 +0100 Subject: [Fiware-security] TR: [Fiware-wpl] Guidelines for the FI-WARE Technical Roadmap deliverable Message-ID: <14838_1330940572_4F548A9C_14838_19741_1_9e68e2ea-2ac7-4f1f-8298-9ac8fc62a3ba@THSONEA01HUB01P.one.grp> FYI. Please notice D2.4 has to be produced by end of the week. So please check instructions and template provided to produce our Security Chapter input. Will organize a conf call tomorrow to have this and other things discussed with you. Details will follow Talk with you soon. Regards, Pascal De : fiware-wpl-bounces at lists.fi-ware.eu [mailto:fiware-wpl-bounces at lists.fi-ware.eu] De la part de Juanjo Hierro Envoy? : jeudi 1 mars 2012 20:03 ? : fiware-wpl at lists.fi-ware.eu; fiware-wpa at lists.fi-ware.eu Objet : [Fiware-wpl] Guidelines for the FI-WARE Technical Roadmap deliverable Hi all, Late but hopefully providing a clear template and guidelines to follow, I have setup the space in the FI-WARE Private Wiki to develop the contents of the D.2.4.a deliverable "FI-WARE Technical Roadmap". You can find the placeholders for your contributions as well as the guidelines to follow at: https://forge.fi-ware.eu/plugins/mediawiki/wiki/fi-ware-private/index.php/FiwareDeliverableD2.4 Given the fact that this template arrived late, and as already announced to our PO, we should plan to have this deliverable ready for submission by Thursday March 8th, next week. So you have one week to develop what will not be longer than two pages. Remember: it's not about producing a long text, but be able to distil a good piece of text. I hope that you will find the guidelines quite clear and unambiguous. Nevertheless, don't hesitate to formulate any question. Best regards, -- Juanjo ------------- Product Development and Innovation (PDI) - Telefonica Digital website: www.tid.es email: jhierro at tid.es twitter: twitter.com/JuanjoHierro FI-WARE (European Future Internet Core Platform) Chief Architect You can follow FI-WARE at: website: http://www.fi-ware.eu facebook: http://www.facebook.com/pages/FI-WARE/251366491587242 twitter: http://twitter.com/FIware linkedIn: http://www.linkedin.com/groups/FIWARE-4239932 ________________________________ Este mensaje se dirige exclusivamente a su destinatario. Puede consultar nuestra pol?tica de env?o y recepci?n de correo electr?nico en el enlace situado m?s abajo. This message is intended exclusively for its addressee. We only send and receive email on the basis of the terms set out at http://www.tid.es/ES/PAGINAS/disclaimer.aspx -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- An embedded and charset-unspecified text was scrubbed... Name: ATT00001.txt URL: From pascal.bisson at thalesgroup.com Mon Mar 5 15:11:39 2012 From: pascal.bisson at thalesgroup.com (BISSON Pascal) Date: Mon, 5 Mar 2012 15:11:39 +0100 Subject: [Fiware-security] FI-WARE Security - Outcomes of today's audio with CA regarding Security AT contrib to D2.3 (some work needed) Message-ID: <6529_1330956706_4F54C9A1_6529_10145_3_2d71c9e2-f740-4c0e-9c7a-bed591c93b94@THSONEA01HUB02P.one.grp> Dear Task leads/GE owners, This just to let you know that this morning I had an audio conference with Juanjo were discussed the readiness of our GEs description for publication in the context of D2.3 and according to latest version available on FI-WARE Private wiki (https://forge.fi-ware.eu/plugins/mediawiki/wiki/fi-ware-private/index.php/FiwareDeliverableD2.3) aka the place where we are supposed to upload our GE description from our FI-WARE Security Private Wiki. Here are what we discussed and agreed: * We will proceed with publishing the contents linked to the Security Monitoring GE because despite some additional comments may come after a second review, it's worth publishing the current contents and we can deal with new comments by end of March (but without the pressure of delivery dates) * We will proceed with publishing the contents linked to the Identity Management GE provided that the owner commits to translate the figures to FMC format by end of this week. As with the previous case, despite some additional comments may come after a second review, it's worth publishing the current contents and we can deal with new comments by end of March (but without the pressure of delivery dates) * We will publish the Privacy GE * We won't publish the rest pending on response regarding how the comments initially provided by Juanjo were addressed (please refer here to email I forwarded you from Juanjo - 21 f?vrier 2012 05:07 - on the topic ). Apparently, comments were not addressed for some of the GEs, if not all, and even the history of the Wiki pages reflect that. In order not to delay any longer the publishing of our Security Chapter contrib. to D2.3 I will ask: o Antonio as to check and address Juanjo's comments on Context-based security and compliance comments this no later than by tomorrow EOB, o Same for Slim or Francesco regarding Data Handling GE although after a quick scan I noticed they had already implemented a number of Juanjo's comments. o Slim/Francesco, Alexandre, Philippe/Lucie to do the same for what concerns Optional Security GEs Please Antonio, Slim/Francesco, Alexandre, Philippe/Lucie please acknowledge receipt of this email and confirm you would be addressing comments according the set deadline (i.e. by tomorrow EOB at the latest - hope earlier - let me know once done) to close our work on D2.3 and have our specifications be published also redirect our effort on our Security contrib. to D2.4. Hearing from you, Best Regards, Pascal PS: Don't forget to stick to suggested table of content if not done already and follow instructions provided at https://forge.fi-ware.eu/plugins/mediawiki/wiki/fi-ware-private/index.php/Instructions_on_how_to_develop_FI-WARE_Chapter_Architecture_Descriptions PS2: As announced will call for an audio conference tomorrow. Will provide you with details in a separate email. -------------- next part -------------- An HTML attachment was scrubbed... URL: From slim.trabelsi at sap.com Mon Mar 5 15:21:19 2012 From: slim.trabelsi at sap.com (TRABELSI, Slim) Date: Mon, 5 Mar 2012 15:21:19 +0100 Subject: [Fiware-security] FI-WARE Security - Outcomes of today's audio with CA regarding Security AT contrib to D2.3 (some work needed) In-Reply-To: <6529_1330956706_4F54C9A1_6529_10145_3_2d71c9e2-f740-4c0e-9c7a-bed591c93b94@THSONEA01HUB02P.one.grp> References: <6529_1330956706_4F54C9A1_6529_10145_3_2d71c9e2-f740-4c0e-9c7a-bed591c93b94@THSONEA01HUB02P.one.grp> Message-ID: Hi Pascal, On the Data Handling GE we made the modifications according to Juanjo's comments. What kind of modifications are expected ? I really do not undestand this decision ! Please can you explain give us more details about this ? thank you best Slim ________________________________ From: BISSON Pascal [pascal.bisson at thalesgroup.com] Sent: Monday, March 05, 2012 3:11 PM To: Seidl, Robert (NSN - DE/Munich); gabor.marton at nsn.com; norbert.goetze at nsn.com; TRABELSI, Slim; DI CERBO, Francesco; GASPARD Lucie; Alexandre Boeglin; osb at zurich.ibm.com; anj at zurich.ibm.com; antonio.garcia at atosorigin.com; Antonio Garcia Vazquez; LELEU Philippe; Wolfgang.Steigerwald at telekom.de Cc: GIDOIN Daniel; BISSON Pascal; Pedro Soria Rodriguez; fiware-security at lists.fi-ware.eu Subject: FI-WARE Security - Outcomes of today's audio with CA regarding Security AT contrib to D2.3 (some work needed) Dear Task leads/GE owners, This just to let you know that this morning I had an audio conference with Juanjo were discussed the readiness of our GEs description for publication in the context of D2.3 and according to latest version available on FI-WARE Private wiki (https://forge.fi-ware.eu/plugins/mediawiki/wiki/fi-ware-private/index.php/FiwareDeliverableD2.3) aka the place where we are supposed to upload our GE description from our FI-WARE Security Private Wiki. Here are what we discussed and agreed: * We will proceed with publishing the contents linked to the Security Monitoring GE because despite some additional comments may come after a second review, it's worth publishing the current contents and we can deal with new comments by end of March (but without the pressure of delivery dates) * We will proceed with publishing the contents linked to the Identity Management GE provided that the owner commits to translate the figures to FMC format by end of this week. As with the previous case, despite some additional comments may come after a second review, it's worth publishing the current contents and we can deal with new comments by end of March (but without the pressure of delivery dates) * We will publish the Privacy GE * We won't publish the rest pending on response regarding how the comments initially provided by Juanjo were addressed (please refer here to email I forwarded you from Juanjo - 21 f?vrier 2012 05:07 - on the topic ). Apparently, comments were not addressed for some of the GEs, if not all, and even the history of the Wiki pages reflect that. In order not to delay any longer the publishing of our Security Chapter contrib. to D2.3 I will ask: o Antonio as to check and address Juanjo?s comments on Context-based security and compliance comments this no later than by tomorrow EOB, o Same for Slim or Francesco regarding Data Handling GE although after a quick scan I noticed they had already implemented a number of Juanjo?s comments. o Slim/Francesco, Alexandre, Philippe/Lucie to do the same for what concerns Optional Security GEs Please Antonio, Slim/Francesco, Alexandre, Philippe/Lucie please acknowledge receipt of this email and confirm you would be addressing comments according the set deadline (i.e. by tomorrow EOB at the latest ? hope earlier - let me know once done) to close our work on D2.3 and have our specifications be published also redirect our effort on our Security contrib. to D2.4. Hearing from you, Best Regards, Pascal PS: Don?t forget to stick to suggested table of content if not done already and follow instructions provided at https://forge.fi-ware.eu/plugins/mediawiki/wiki/fi-ware-private/index.php/Instructions_on_how_to_develop_FI-WARE_Chapter_Architecture_Descriptions PS2: As announced will call for an audio conference tomorrow. Will provide you with details in a separate email. From robert.seidl at nsn.com Mon Mar 5 15:24:14 2012 From: robert.seidl at nsn.com (Seidl, Robert (NSN - DE/Munich)) Date: Mon, 5 Mar 2012 15:24:14 +0100 Subject: [Fiware-security] FI-WARE Security - Outcomes of today's audio with CA regarding Security AT contrib to D2.3 (some work needed) In-Reply-To: <6529_1330956706_4F54C9A1_6529_10145_3_2d71c9e2-f740-4c0e-9c7a-bed591c93b94@THSONEA01HUB02P.one.grp> References: <6529_1330956706_4F54C9A1_6529_10145_3_2d71c9e2-f740-4c0e-9c7a-bed591c93b94@THSONEA01HUB02P.one.grp> Message-ID: <9739B018F0466A4CAB10A9DABBEBF5A6818E84@DEMUEXC027.nsn-intra.net> Hi Pascal, regarding IDM GE enabler there are two diagrams which are not in FMC convention for the following reasons: The first diagram only presents some functional components and has nothing to do with any sw development related stuff. Therefore we agreed (DT and NSN) not to translate it into FMC since 1. Information will get lost and 2. The style as is at the moment is much more readable. The second picture which relates to the eID integration is not in a stage that we can provide a detailed FMC diagram at the moment. This will be done later, when the technical details are clarified (not the case at the moment). Also for that reason we decided not to provide a FMC diagram. What we could do here is to provide a very raw flow how it might work (dependent on the clarification of the technical issues). What do you tink? Greetings Robert From: ext BISSON Pascal [mailto:pascal.bisson at thalesgroup.com] Sent: Monday, March 05, 2012 3:12 PM To: Seidl, Robert (NSN - DE/Munich); Marton, Gabor (NSN - HU/Budapest); Goetze, Norbert (NSN - DE/Munich); slim.trabelsi at sap.com; francesco.di.cerbo at sap.com; GASPARD Lucie; Alexandre Boeglin; osb at zurich.ibm.com; anj at zurich.ibm.com; antonio.garcia at atosorigin.com; Antonio Garcia Vazquez; LELEU Philippe; Wolfgang.Steigerwald at telekom.de Cc: GIDOIN Daniel; BISSON Pascal; Pedro Soria Rodriguez; fiware-security at lists.fi-ware.eu Subject: FI-WARE Security - Outcomes of today's audio with CA regarding Security AT contrib to D2.3 (some work needed) Importance: High Dear Task leads/GE owners, This just to let you know that this morning I had an audio conference with Juanjo were discussed the readiness of our GEs description for publication in the context of D2.3 and according to latest version available on FI-WARE Private wiki (https://forge.fi-ware.eu/plugins/mediawiki/wiki/fi-ware-private/index.php/FiwareDeliverableD2.3) aka the place where we are supposed to upload our GE description from our FI-WARE Security Private Wiki. Here are what we discussed and agreed: * We will proceed with publishing the contents linked to the Security Monitoring GE because despite some additional comments may come after a second review, it's worth publishing the current contents and we can deal with new comments by end of March (but without the pressure of delivery dates) * We will proceed with publishing the contents linked to the Identity Management GE provided that the owner commits to translate the figures to FMC format by end of this week. As with the previous case, despite some additional comments may come after a second review, it's worth publishing the current contents and we can deal with new comments by end of March (but without the pressure of delivery dates) * We will publish the Privacy GE * We won't publish the rest pending on response regarding how the comments initially provided by Juanjo were addressed (please refer here to email I forwarded you from Juanjo - 21 f?vrier 2012 05:07 - on the topic ). Apparently, comments were not addressed for some of the GEs, if not all, and even the history of the Wiki pages reflect that. In order not to delay any longer the publishing of our Security Chapter contrib. to D2.3 I will ask: o Antonio as to check and address Juanjo's comments on Context-based security and compliance comments this no later than by tomorrow EOB, o Same for Slim or Francesco regarding Data Handling GE although after a quick scan I noticed they had already implemented a number of Juanjo's comments. o Slim/Francesco, Alexandre, Philippe/Lucie to do the same for what concerns Optional Security GEs Please Antonio, Slim/Francesco, Alexandre, Philippe/Lucie please acknowledge receipt of this email and confirm you would be addressing comments according the set deadline (i.e. by tomorrow EOB at the latest - hope earlier - let me know once done) to close our work on D2.3 and have our specifications be published also redirect our effort on our Security contrib. to D2.4. Hearing from you, Best Regards, Pascal PS: Don't forget to stick to suggested table of content if not done already and follow instructions provided at https://forge.fi-ware.eu/plugins/mediawiki/wiki/fi-ware-private/index.php/Instructions_on_how_to_develop_FI-WARE_Chapter_Architecture_Descriptions PS2: As announced will call for an audio conference tomorrow. Will provide you with details in a separate email. -------------- next part -------------- An HTML attachment was scrubbed... URL: From antonio.garcia at atosresearch.eu Mon Mar 5 15:25:36 2012 From: antonio.garcia at atosresearch.eu (Antonio Garcia Vazquez) Date: Mon, 5 Mar 2012 15:25:36 +0100 Subject: [Fiware-security] FI-WARE Security - Outcomes of today's audio with CA regarding Security AT contrib to D2.3 (some work needed) In-Reply-To: <6529_1330956706_4F54C9A1_6529_10145_3_2d71c9e2-f740-4c0e-9c7a-bed591c93b94@THSONEA01HUB02P.one.grp> References: <6529_1330956706_4F54C9A1_6529_10145_3_2d71c9e2-f740-4c0e-9c7a-bed591c93b94@THSONEA01HUB02P.one.grp> Message-ID: <8E18929A6C79354FB4BD9BD4636DCB066AB68D@INTMAIL03.es.int.atosorigin.com> Pascal, I've already made some changes following those indications. Can you tell me the points I should still correct. Best Regards ************************************ * Antonio Garc?a-V?zquez * * (+34) 91 214 9384 * * antonio.garcia at atosresearch.eu * ************************************ From: BISSON Pascal [mailto:pascal.bisson at thalesgroup.com] Sent: lunes, 05 de marzo de 2012 15:12 To: Seidl, Robert (NSN - DE/Munich); gabor.marton at nsn.com; norbert.goetze at nsn.com; slim.trabelsi at sap.com; francesco.di.cerbo at sap.com; GASPARD Lucie; Alexandre Boeglin; osb at zurich.ibm.com; anj at zurich.ibm.com; Antonio Garcia Vazquez; Antonio Garcia Vazquez; LELEU Philippe; Wolfgang.Steigerwald at telekom.de Cc: GIDOIN Daniel; BISSON Pascal; Pedro Soria Rodriguez; fiware-security at lists.fi-ware.eu Subject: FI-WARE Security - Outcomes of today's audio with CA regarding Security AT contrib to D2.3 (some work needed) Importance: High Dear Task leads/GE owners, This just to let you know that this morning I had an audio conference with Juanjo were discussed the readiness of our GEs description for publication in the context of D2.3 and according to latest version available on FI-WARE Private wiki (https://forge.fi-ware.eu/plugins/mediawiki/wiki/fi-ware-private/index.php/FiwareDeliverableD2.3) aka the place where we are supposed to upload our GE description from our FI-WARE Security Private Wiki. Here are what we discussed and agreed: * We will proceed with publishing the contents linked to the Security Monitoring GE because despite some additional comments may come after a second review, it's worth publishing the current contents and we can deal with new comments by end of March (but without the pressure of delivery dates) * We will proceed with publishing the contents linked to the Identity Management GE provided that the owner commits to translate the figures to FMC format by end of this week. As with the previous case, despite some additional comments may come after a second review, it's worth publishing the current contents and we can deal with new comments by end of March (but without the pressure of delivery dates) * We will publish the Privacy GE * We won't publish the rest pending on response regarding how the comments initially provided by Juanjo were addressed (please refer here to email I forwarded you from Juanjo - 21 f?vrier 2012 05:07 - on the topic ). Apparently, comments were not addressed for some of the GEs, if not all, and even the history of the Wiki pages reflect that. In order not to delay any longer the publishing of our Security Chapter contrib. to D2.3 I will ask: o Antonio as to check and address Juanjo's comments on Context-based security and compliance comments this no later than by tomorrow EOB, o Same for Slim or Francesco regarding Data Handling GE although after a quick scan I noticed they had already implemented a number of Juanjo's comments. o Slim/Francesco, Alexandre, Philippe/Lucie to do the same for what concerns Optional Security GEs Please Antonio, Slim/Francesco, Alexandre, Philippe/Lucie please acknowledge receipt of this email and confirm you would be addressing comments according the set deadline (i.e. by tomorrow EOB at the latest - hope earlier - let me know once done) to close our work on D2.3 and have our specifications be published also redirect our effort on our Security contrib. to D2.4. Hearing from you, Best Regards, Pascal PS: Don't forget to stick to suggested table of content if not done already and follow instructions provided at https://forge.fi-ware.eu/plugins/mediawiki/wiki/fi-ware-private/index.php/Instructions_on_how_to_develop_FI-WARE_Chapter_Architecture_Descriptions PS2: As announced will call for an audio conference tomorrow. Will provide you with details in a separate email. ------------------------------------------------------------------ This e-mail and the documents attached are confidential and intended solely for the addressee; it may also be privileged. If you receive this e-mail in error, please notify the sender immediately and destroy it. As its integrity cannot be secured on the Internet, the Atos group liability cannot be triggered for the message content. Although the sender endeavours to maintain a computer virus-free network, the sender does not warrant that this transmission is virus-free and will not be liable for any damages resulting from any virus transmitted. Este mensaje y los ficheros adjuntos pueden contener informacion confidencial destinada solamente a la(s) persona(s) mencionadas anteriormente pueden estar protegidos por secreto profesional. Si usted recibe este correo electronico por error, gracias por informar inmediatamente al remitente y destruir el mensaje. Al no estar asegurada la integridad de este mensaje sobre la red, Atos no se hace responsable por su contenido. Su contenido no constituye ningun compromiso para el grupo Atos, salvo ratificacion escrita por ambas partes. Aunque se esfuerza al maximo por mantener su red libre de virus, el emisor no puede garantizar nada al respecto y no sera responsable de cualesquiera danos que puedan resultar de una transmision de virus. ------------------------------------------------------------------ -------------- next part -------------- An HTML attachment was scrubbed... URL: From pascal.bisson at thalesgroup.com Mon Mar 5 16:24:31 2012 From: pascal.bisson at thalesgroup.com (BISSON Pascal) Date: Mon, 5 Mar 2012 16:24:31 +0100 Subject: [Fiware-security] FI-WARE Security - Outcomes of today's audio with CA regarding Security AT contrib to D2.3 (some work needed) In-Reply-To: References: <6529_1330956706_4F54C9A1_6529_10145_3_2d71c9e2-f740-4c0e-9c7a-bed591c93b94@THSONEA01HUB02P.one.grp> Message-ID: <9893_1330961075_4F54DAB3_9893_330_1_740c153d-f6c6-4113-8b71-271d2c9c4367@THSONEA01HUB03P.one.grp> Dear Slim, After a quick scan of the latest version you made available on the FI-WARE Private wiki I'm tempted to say you addressed from your side most of the comments issued by Juanjo on Data Handling GE. In the meantime there might some comments or suggestions that Juanjo would have like to be addressed (e.g. "I would also suggest to elaborate on the following concepts: PPL and PPI, PPL Privacy Tuner tool", "It would be nice to describe what PPL stands for, the first time this acronym is used" ...) So for me the description is good enough to be published and after the review I did perform (apologize I couldn't have it done before since on vacation last week) I will wrote in email to Juanjo in that sense. In the meantime if you could just check/review from your side if there is no remaining comments/suggestions from Juanjo's to be addressed as the above it can help to close the work from your side. As for Optional Security enablers descriptions I do think his claim was that they were not compliant with the Table of content suggested and used by each of our GEs (also some diagrams were not FMC conformant). This is also something which could be improved with support of INRIA and Thales (TAI) who owns those enablers. Hope I have answered and clarified. Thanks in advance for your final check and polish. Hearing from you and best regards, Pascal PS: For your convenience here are the comments got from Juanjo (you mostly addressed). 1.5. Data Handling GE I would review writing of the example scenario. Some comments (part of them editorial, but I have decided to compile all them together here): ? First bullet, I guess that explaining that the Clique social network has been developed within the PrimeLife project doesn't add any value. ? Also first bullet, we introduce the role of "Data Controller" ... I guess it would be nice to introduce the concept of "Data Controller" someway in the paragraph of the Description section (section previous to the example). Would it match the backend part of the "Data Handling GE" ? ? Third bullet: o you refer to the "PrimeLife Privacy Tuner" ... is that a tool linked to the Data Handling GE ? If so, I would use the term "Data Handling Privacy Tuner" instead. Would "PPL Privacy Tuner" work, given the fact that use the term "PPP Privacy Engine" in the fourth bullet ? o you say: "This tuner is a graphical tool used to edit Privacy preferences in PPL language defined in the deliverable" ... is the usage of the term "deliverable" appropiate here or is it the result of copying&pasting from some document in the PrimeLife project ? o my understanding is that one of the things Alice would be able to configure using the Privacy Tuner would be what domain would be allowed to access data ... (or what rules will determine whether a domain would be allowed to access data). If this is correct, I would mention it to establish a better link with what is being said in the fourth bullet. This would make the example easier to follow. ? Fourth bullet: o where is the PPL Privacy Engine running ? My understanding is that it runs on Alice's machine but if so, please say it explicitly. o simply editorial: should be "Alice's machine" instead of "Alice machine". o you say: "the engine will enforce the access control rules related to the requested data". If I understand it right, these access control rules would refer to rules setup by Alice using the Privacy Tuner ... If this is correct, I would mention it. Something like: " the engine will enforce the access control rules related to the requested data that were programmed by Alice using the PPL Privacy Tuner" o you say: " If the domain is allowed to access this data the engine match the privacy policy of the website with the preferences of Alice" ... where are the preferences of Alice configured ? My understanding is that it is also through the Privacy Tuner. If this is correct, I would mention it. Something like: "If the domain is allowed to access this data the engine match the privacy policy of the website with the preferences of Alice, also configured through the PPL Privacy Tuner" ? Fifth bullet ... It is said: "Alice has the possibility to decide if she accepts or refuses to send her data". If my understanding is correct, it should not only be that. She should also be able to validate the privacy policy of the website (i.e., which data would be sent and what will it be exclusively used for). If so, I would mention it explicitly. ? Sixth bullet ... I believe it would be nice to explain where both the sticky policy and Alice's data will be stored. You refer to "the server" but ... what is that server ? Will it be in the server where the backend of the Data Handling GE is running ? If so, mention it explictly. It would be worth mentioning, btw, maybe not in this bullet but somewhere, where can such Data Handling GE backend be running. Does it necessarely have to be collocated in the backend of the Clique portal ? Could be somewhere else, providing its functionality "as a Service" ? If it may go somewhere else, provided "as a Service", then I would explain this is a possibility. ? Eight bullet ... (just editorial) You say: " The policy engine of clique.primelife.eu will match the privacy policy of travel.example.com with the sticky policy related to the e-mail of Alice (step 8), and will check if the sticky policy allows to forward for the purpose of statistics for example" ... I guess it would be better to say "... (step 8), checking if the sticky policy allows to forward Alice's e-mail address for the purpose of statistics, for example." ? About what we describe in the last bullet ... how it is prevented that the travel agency doesn't make a wrong usage of Alice's data ? Could it be someway ? If so, it would be worth explaining ... There is no section on "Basic Concepts". Probably it would make sense to translate some of the content in the Appendix here (if you decide to move everything, just the reference would be kept at the end). I would also suggest to elaborate on the following concepts: ? PPL and PPI ? PPL Privacy Tuner tool Figure on Architecture should be adapted to follow FMC notation. On the other hand, it would be nice to illustrate there: ? What is the role of the Privacy Tuner ? Please try to illustrate it ? Is the left big grey box a description of the architecture linked to the "PPL Privacy Engine" ? If so, name it accordingly. Otherwise ... what components would be linked to the PPL Privacy Engine ? Main interactions after the Architecture figure: ? You describe interactions in terms of operations described in some sort of description of a RESTful binding. This doesn't follow the reference example provided as guidelines. As a result, it is too austere and doesn't elaborate on who invokes an operation, for example. Sequence diagrams would be useful. ? The suggested structure for the "Main Interactions" section is fine though: o Data subject side: ? Managing PII ? Managing Preference Groups o Data controller side: ? Uploading resource data and policy ? Uploading PII ? PII downstream usage request for a single PII 1.6 Optional Security Enablers: I understand the Architecture Description of these enablers, and particularly adaption to published guidelines, is under way. Therefore, I will wait until they are more elaborated. 2.2 Data Handling GE ? I may be wrong but it seems to me like there is something missing or wrong (from an editorial point of view) in the following sentence: "It supports integrated data handling, in particular through two-sided detailed data handling, that takes into account specific preferences/policies expressed using the PPL language, based on XACML". ? It would be nice to describe what PPL stands for, the first time this acronym is used. Same for PII. -----Message d'origine----- De?: TRABELSI, Slim [mailto:slim.trabelsi at sap.com] Envoy??: lundi 5 mars 2012 15:21 ??: BISSON Pascal; Seidl, Robert (NSN - DE/Munich); gabor.marton at nsn.com; norbert.goetze at nsn.com; DI CERBO, Francesco; GASPARD Lucie; Alexandre Boeglin; osb at zurich.ibm.com; anj at zurich.ibm.com; antonio.garcia at atosorigin.com; Antonio Garcia Vazquez; LELEU Philippe; Wolfgang.Steigerwald at telekom.de Cc?: GIDOIN Daniel; Pedro Soria Rodriguez; fiware-security at lists.fi-ware.eu Objet?: RE: FI-WARE Security - Outcomes of today's audio with CA regarding Security AT contrib to D2.3 (some work needed) Hi Pascal, On the Data Handling GE we made the modifications according to Juanjo's comments. What kind of modifications are expected ? I really do not undestand this decision ! Please can you explain give us more details about this ? thank you best Slim ________________________________ From: BISSON Pascal [pascal.bisson at thalesgroup.com] Sent: Monday, March 05, 2012 3:11 PM To: Seidl, Robert (NSN - DE/Munich); gabor.marton at nsn.com; norbert.goetze at nsn.com; TRABELSI, Slim; DI CERBO, Francesco; GASPARD Lucie; Alexandre Boeglin; osb at zurich.ibm.com; anj at zurich.ibm.com; antonio.garcia at atosorigin.com; Antonio Garcia Vazquez; LELEU Philippe; Wolfgang.Steigerwald at telekom.de Cc: GIDOIN Daniel; BISSON Pascal; Pedro Soria Rodriguez; fiware-security at lists.fi-ware.eu Subject: FI-WARE Security - Outcomes of today's audio with CA regarding Security AT contrib to D2.3 (some work needed) Dear Task leads/GE owners, This just to let you know that this morning I had an audio conference with Juanjo were discussed the readiness of our GEs description for publication in the context of D2.3 and according to latest version available on FI-WARE Private wiki (https://forge.fi-ware.eu/plugins/mediawiki/wiki/fi-ware-private/index.php/FiwareDeliverableD2.3) aka the place where we are supposed to upload our GE description from our FI-WARE Security Private Wiki. Here are what we discussed and agreed: * We will proceed with publishing the contents linked to the Security Monitoring GE because despite some additional comments may come after a second review, it's worth publishing the current contents and we can deal with new comments by end of March (but without the pressure of delivery dates) * We will proceed with publishing the contents linked to the Identity Management GE provided that the owner commits to translate the figures to FMC format by end of this week. As with the previous case, despite some additional comments may come after a second review, it's worth publishing the current contents and we can deal with new comments by end of March (but without the pressure of delivery dates) * We will publish the Privacy GE * We won't publish the rest pending on response regarding how the comments initially provided by Juanjo were addressed (please refer here to email I forwarded you from Juanjo - 21 f?vrier 2012 05:07 - on the topic ). Apparently, comments were not addressed for some of the GEs, if not all, and even the history of the Wiki pages reflect that. In order not to delay any longer the publishing of our Security Chapter contrib. to D2.3 I will ask: o Antonio as to check and address Juanjo?s comments on Context-based security and compliance comments this no later than by tomorrow EOB, o Same for Slim or Francesco regarding Data Handling GE although after a quick scan I noticed they had already implemented a number of Juanjo?s comments. o Slim/Francesco, Alexandre, Philippe/Lucie to do the same for what concerns Optional Security GEs Please Antonio, Slim/Francesco, Alexandre, Philippe/Lucie please acknowledge receipt of this email and confirm you would be addressing comments according the set deadline (i.e. by tomorrow EOB at the latest ? hope earlier - let me know once done) to close our work on D2.3 and have our specifications be published also redirect our effort on our Security contrib. to D2.4. Hearing from you, Best Regards, Pascal PS: Don?t forget to stick to suggested table of content if not done already and follow instructions provided at https://forge.fi-ware.eu/plugins/mediawiki/wiki/fi-ware-private/index.php/Instructions_on_how_to_develop_FI-WARE_Chapter_Architecture_Descriptions PS2: As announced will call for an audio conference tomorrow. Will provide you with details in a separate email. From pascal.bisson at thalesgroup.com Mon Mar 5 16:32:46 2012 From: pascal.bisson at thalesgroup.com (BISSON Pascal) Date: Mon, 5 Mar 2012 16:32:46 +0100 Subject: [Fiware-security] FI-WARE Security - Outcomes of today's audio with CA regarding Security AT contrib to D2.3 (some work needed) In-Reply-To: <8E18929A6C79354FB4BD9BD4636DCB066AB68D@INTMAIL03.es.int.atosorigin.com> References: <6529_1330956706_4F54C9A1_6529_10145_3_2d71c9e2-f740-4c0e-9c7a-bed591c93b94@THSONEA01HUB02P.one.grp> <8E18929A6C79354FB4BD9BD4636DCB066AB68D@INTMAIL03.es.int.atosorigin.com> Message-ID: <6529_1330961570_4F54DCA2_6529_13934_1_7040456d-3ea0-4457-a66b-387e072381ed@THSONEA01HUB05P.one.grp> Dear Antonio, Hereafter you will find the comments Juanjo issued on Context-based security & compliance. For me and after a quick check they are still valid since I don't see them addressed (e.g. mismatch in the Table of content that makes this GE description not conformant to the toc suggested and agreed by others, ...). So please check them and address (also let me once addressed) them asap and by EOB tomorrow at the latest following recommendations provided by Juanjo. Hearing from you. Best Regards Pascal 1.2 Context-based security & compliance It seems like the Architecture Description of this GE follows the guidelines provided but there is a mismatch in the table of contents ... The section titled "Main Interactions" looks like it should be titled "Context-based security & compliance architecture" while the sections under "sequence diagrams" within the "Basic Design Principles" section would actually fit better as contents of the "Main Interactions" section. Contents of the remaining of section "Design Principles" look more like the detailed description of data exchanged in some of the interactions described in the sequence diagrams ... however, the relationship is not so explicit because the text in the descriptions of sequence diagrams does not always include a reference to the request/response being issued. I see to alternatives to deal with this editorially: * Add the names of the specific operation request / responses within the sequence diagram descriptions and then endup the "Main Interactions" sections with a subsection titled "Basic Data Structures", elaborating on the detailed description of arguments linked to operation request/responses being referred in the interactions. * Add the names of the specific operation request / responses within the sequence diagram descriptions and enrich then with text describing the data structures linked to those operation request/responses (e.g., " invokes the request passing the , and as arguments") Probably the first option is easier to implement and I would recommend it. The figure on the Architecture should be converted to follow FMC notation. De : Antonio Garcia Vazquez [mailto:antonio.garcia at atosresearch.eu] Envoy? : lundi 5 mars 2012 15:26 ? : BISSON Pascal; Seidl, Robert (NSN - DE/Munich); gabor.marton at nsn.com; norbert.goetze at nsn.com; slim.trabelsi at sap.com; francesco.di.cerbo at sap.com; GASPARD Lucie; Alexandre Boeglin; osb at zurich.ibm.com; anj at zurich.ibm.com; LELEU Philippe; Wolfgang.Steigerwald at telekom.de Cc : GIDOIN Daniel; Pedro Soria Rodriguez; fiware-security at lists.fi-ware.eu Objet : RE: FI-WARE Security - Outcomes of today's audio with CA regarding Security AT contrib to D2.3 (some work needed) Pascal, I've already made some changes following those indications. Can you tell me the points I should still correct. Best Regards ************************************ * Antonio Garc?a-V?zquez * * (+34) 91 214 9384 * * antonio.garcia at atosresearch.eu * ************************************ From: BISSON Pascal [mailto:pascal.bisson at thalesgroup.com] Sent: lunes, 05 de marzo de 2012 15:12 To: Seidl, Robert (NSN - DE/Munich); gabor.marton at nsn.com; norbert.goetze at nsn.com; slim.trabelsi at sap.com; francesco.di.cerbo at sap.com; GASPARD Lucie; Alexandre Boeglin; osb at zurich.ibm.com; anj at zurich.ibm.com; Antonio Garcia Vazquez; Antonio Garcia Vazquez; LELEU Philippe; Wolfgang.Steigerwald at telekom.de Cc: GIDOIN Daniel; BISSON Pascal; Pedro Soria Rodriguez; fiware-security at lists.fi-ware.eu Subject: FI-WARE Security - Outcomes of today's audio with CA regarding Security AT contrib to D2.3 (some work needed) Importance: High Dear Task leads/GE owners, This just to let you know that this morning I had an audio conference with Juanjo were discussed the readiness of our GEs description for publication in the context of D2.3 and according to latest version available on FI-WARE Private wiki (https://forge.fi-ware.eu/plugins/mediawiki/wiki/fi-ware-private/index.php/FiwareDeliverableD2.3) aka the place where we are supposed to upload our GE description from our FI-WARE Security Private Wiki. Here are what we discussed and agreed: * We will proceed with publishing the contents linked to the Security Monitoring GE because despite some additional comments may come after a second review, it's worth publishing the current contents and we can deal with new comments by end of March (but without the pressure of delivery dates) * We will proceed with publishing the contents linked to the Identity Management GE provided that the owner commits to translate the figures to FMC format by end of this week. As with the previous case, despite some additional comments may come after a second review, it's worth publishing the current contents and we can deal with new comments by end of March (but without the pressure of delivery dates) * We will publish the Privacy GE * We won't publish the rest pending on response regarding how the comments initially provided by Juanjo were addressed (please refer here to email I forwarded you from Juanjo - 21 f?vrier 2012 05:07 - on the topic ). Apparently, comments were not addressed for some of the GEs, if not all, and even the history of the Wiki pages reflect that. In order not to delay any longer the publishing of our Security Chapter contrib. to D2.3 I will ask: o Antonio as to check and address Juanjo's comments on Context-based security and compliance comments this no later than by tomorrow EOB, o Same for Slim or Francesco regarding Data Handling GE although after a quick scan I noticed they had already implemented a number of Juanjo's comments. o Slim/Francesco, Alexandre, Philippe/Lucie to do the same for what concerns Optional Security GEs Please Antonio, Slim/Francesco, Alexandre, Philippe/Lucie please acknowledge receipt of this email and confirm you would be addressing comments according the set deadline (i.e. by tomorrow EOB at the latest - hope earlier - let me know once done) to close our work on D2.3 and have our specifications be published also redirect our effort on our Security contrib. to D2.4. Hearing from you, Best Regards, Pascal PS: Don't forget to stick to suggested table of content if not done already and follow instructions provided at https://forge.fi-ware.eu/plugins/mediawiki/wiki/fi-ware-private/index.php/Instructions_on_how_to_develop_FI-WARE_Chapter_Architecture_Descriptions PS2: As announced will call for an audio conference tomorrow. Will provide you with details in a separate email. ------------------------------------------------------------------ This e-mail and the documents attached are confidential and intended solely for the addressee; it may also be privileged. If you receive this e-mail in error, please notify the sender immediately and destroy it. As its integrity cannot be secured on the Internet, the Atos group liability cannot be triggered for the message content. Although the sender endeavours to maintain a computer virus-free network, the sender does not warrant that this transmission is virus-free and will not be liable for any damages resulting from any virus transmitted. Este mensaje y los ficheros adjuntos pueden contener informacion confidencial destinada solamente a la(s) persona(s) mencionadas anteriormente pueden estar protegidos por secreto profesional. Si usted recibe este correo electronico por error, gracias por informar inmediatamente al remitente y destruir el mensaje. Al no estar asegurada la integridad de este mensaje sobre la red, Atos no se hace responsable por su contenido. Su contenido no constituye ningun compromiso para el grupo Atos, salvo ratificacion escrita por ambas partes. Aunque se esfuerza al maximo por mantener su red libre de virus, el emisor no puede garantizar nada al respecto y no sera responsable de cualesquiera danos que puedan resultar de una transmision de virus. ------------------------------------------------------------------ -------------- next part -------------- An HTML attachment was scrubbed... URL: From pascal.bisson at thalesgroup.com Mon Mar 5 16:54:10 2012 From: pascal.bisson at thalesgroup.com (BISSON Pascal) Date: Mon, 5 Mar 2012 16:54:10 +0100 Subject: [Fiware-security] FI-PPP WP8 Audio conf announcement (06/02/2012 - 11:30am - 1pm) Message-ID: <9893_1330962855_4F54E1A7_9893_920_1_b762b01a-9b44-4ca0-8912-028c2a920ed9@THSONEA01HUB04P.one.grp> Dear All, In order to discuss finalization of our work on D2.3 and to discuss work that would need to be performed by end of this week on D2.4 I will organize an WP8 audio conference tomorrow at 12am till 1pm. Apologize for this short notice but in view of the deadlines of the week D2.3 and D2.4 I found important to have it the sooner the better to discuss things and align. Hope you could join and if not try to find a replacement for your organization to be represented at this audio Best Regards, Pascal PS: Same details as usual: Meeting room number: 391581 Number to dial to join: Australia Australia Toll Free 1800 005 574 Australia Sydney +61 (0) 282 239 767 Austria Vienna +43 (0) 2682 205 6609 Belgium Brussels +32 (0) 2 789 8678 Denmark Copenhagen +45 3271 4340 Finland Helsinki +358 (0) 923 142 830 France Lyon +33 (0) 426 840 285 France Marseille +33 (0) 488 915 385 France Paris +33 (0) 170 994 816 Germany Berlin +49 (0) 3072 616 7342 Germany D?sseldorf +49 (0) 2115 407 3902 Germany Frankfurt +49 (0) 6971 044 5635 Germany Hamburg +49 (0) 4080 902 0684 Germany Munich +49 (0) 8924 443 2893 Germany Stuttgart +49 (0) 7111 856 2130 Hong Kong Hong Kong +852 301 145 59 Hungary Budapest +36 (06) 1-889-3286 Ireland Dublin +353 (0) 14 860 780 Israel Israel Toll Free 1809 245 981 Italy Milan +39 0 230 413 017 Italy Rome +39 0 645 217 056 Italy Turin +39 0 112 179 2159 Japan Japan Toll Free 005 311 212 65 Japan Tokyo +81 (0) 357 675 025 Korea, Republic Of Seoul +82 (0) 234 831 224 Luxembourg Luxemburg City +352 2700 41 42 Malaysia Kuala Lumpur +60 (0) 377 124 640 Netherlands Amsterdam +31 (0) 207 948 529 New Zealand Auckland +64 (0) 9 919 2428 Norway Oslo +47 2153 3919 Poland Poland Toll Free 0080 0121 1304 Portugal Portugal Toll Free 800 814 183 Russia Russia Toll Free 81080 02209 4011 Singapore Singapore +65 6622 1068 Spain Barcelona +34 93 492 3235 Spain Madrid +34 91 788 9908 Sweden Stockholm +46 (0) 850 520 145 Switzerland Geneva +41 (0) 225 927 428 United Kingdom Birmingham +44 (0) 121 260 4686 United Kingdom London +44 (0) 207 153 9902 United Kingdom Manchester +44 (0) 161 250 0679 United States USA & Canada Toll Free 1888 249 0050 United States USA Toll +1 954 334 1559 -------------- next part -------------- An HTML attachment was scrubbed... URL: From robert.seidl at nsn.com Mon Mar 5 16:58:36 2012 From: robert.seidl at nsn.com (Seidl, Robert (NSN - DE/Munich)) Date: Mon, 5 Mar 2012 16:58:36 +0100 Subject: [Fiware-security] FI-PPP WP8 Audio conf announcement (06/02/2012 -11:30am - 1pm) In-Reply-To: A<9893_1330962855_4F54E1A7_9893_920_1_b762b01a-9b44-4ca0-8912-028c2a920ed9@THSONEA01HUB04P.one.grp> References: A<9893_1330962855_4F54E1A7_9893_920_1_b762b01a-9b44-4ca0-8912-028c2a920ed9@THSONEA01HUB04P.one.grp> Message-ID: <9739B018F0466A4CAB10A9DABBEBF5A6818EFD@DEMUEXC027.nsn-intra.net> This does not work for me due to other meetings. For me it is only possible from 4-5pm. From: fiware-security-bounces at lists.fi-ware.eu [mailto:fiware-security-bounces at lists.fi-ware.eu] On Behalf Of ext BISSON Pascal Sent: Monday, March 05, 2012 4:54 PM To: fiware-security at lists.fi-ware.eu; PENNINGTON Sarah; GASPARD Lucie Subject: [Fiware-security] FI-PPP WP8 Audio conf announcement (06/02/2012 -11:30am - 1pm) Importance: High Dear All, In order to discuss finalization of our work on D2.3 and to discuss work that would need to be performed by end of this week on D2.4 I will organize an WP8 audio conference tomorrow at 12am till 1pm. Apologize for this short notice but in view of the deadlines of the week D2.3 and D2.4 I found important to have it the sooner the better to discuss things and align. Hope you could join and if not try to find a replacement for your organization to be represented at this audio Best Regards, Pascal PS: Same details as usual: Meeting room number: 391581 Number to dial to join: Australia Australia Toll Free 1800 005 574 Australia Sydney +61 (0) 282 239 767 Austria Vienna +43 (0) 2682 205 6609 Belgium Brussels +32 (0) 2 789 8678 Denmark Copenhagen +45 3271 4340 Finland Helsinki +358 (0) 923 142 830 France Lyon +33 (0) 426 840 285 France Marseille +33 (0) 488 915 385 France Paris +33 (0) 170 994 816 Germany Berlin +49 (0) 3072 616 7342 Germany D?sseldorf +49 (0) 2115 407 3902 Germany Frankfurt +49 (0) 6971 044 5635 Germany Hamburg +49 (0) 4080 902 0684 Germany Munich +49 (0) 8924 443 2893 Germany Stuttgart +49 (0) 7111 856 2130 Hong Kong Hong Kong +852 301 145 59 Hungary Budapest +36 (06) 1-889-3286 Ireland Dublin +353 (0) 14 860 780 Israel Israel Toll Free 1809 245 981 Italy Milan +39 0 230 413 017 Italy Rome +39 0 645 217 056 Italy Turin +39 0 112 179 2159 Japan Japan Toll Free 005 311 212 65 Japan Tokyo +81 (0) 357 675 025 Korea, Republic Of Seoul +82 (0) 234 831 224 Luxembourg Luxemburg City +352 2700 41 42 Malaysia Kuala Lumpur +60 (0) 377 124 640 Netherlands Amsterdam +31 (0) 207 948 529 New Zealand Auckland +64 (0) 9 919 2428 Norway Oslo +47 2153 3919 Poland Poland Toll Free 0080 0121 1304 Portugal Portugal Toll Free 800 814 183 Russia Russia Toll Free 81080 02209 4011 Singapore Singapore +65 6622 1068 Spain Barcelona +34 93 492 3235 Spain Madrid +34 91 788 9908 Sweden Stockholm +46 (0) 850 520 145 Switzerland Geneva +41 (0) 225 927 428 United Kingdom Birmingham +44 (0) 121 260 4686 United Kingdom London +44 (0) 207 153 9902 United Kingdom Manchester +44 (0) 161 250 0679 United States USA & Canada Toll Free 1888 249 0050 United States USA Toll +1 954 334 1559 -------------- next part -------------- An HTML attachment was scrubbed... URL: From pascal.bisson at thalesgroup.com Mon Mar 5 17:08:48 2012 From: pascal.bisson at thalesgroup.com (BISSON Pascal) Date: Mon, 5 Mar 2012 17:08:48 +0100 Subject: [Fiware-security] FI-PPP WP8 Audio conf announcement (06/02/2012 -11:30am - 1pm) In-Reply-To: <9739B018F0466A4CAB10A9DABBEBF5A6818EFD@DEMUEXC027.nsn-intra.net> References: A<9893_1330962855_4F54E1A7_9893_920_1_b762b01a-9b44-4ca0-8912-028c2a920ed9@THSONEA01HUB04P.one.grp> <9739B018F0466A4CAB10A9DABBEBF5A6818EFD@DEMUEXC027.nsn-intra.net> Message-ID: <4735_1330963736_4F54E518_4735_9300_1_d2acb832-3dd4-4bf8-81b8-ae1ddb8b7c91@THSONEA01HUB05P.one.grp> In that case Robert I would propose you to call me at 4pm to catch up no things. De : Seidl, Robert (NSN - DE/Munich) [mailto:robert.seidl at nsn.com] Envoy? : lundi 5 mars 2012 16:59 ? : BISSON Pascal; fiware-security at lists.fi-ware.eu; PENNINGTON Sarah; GASPARD Lucie Objet : RE: [Fiware-security] FI-PPP WP8 Audio conf announcement (06/02/2012 -11:30am - 1pm) This does not work for me due to other meetings. For me it is only possible from 4-5pm. From: fiware-security-bounces at lists.fi-ware.eu [mailto:fiware-security-bounces at lists.fi-ware.eu] On Behalf Of ext BISSON Pascal Sent: Monday, March 05, 2012 4:54 PM To: fiware-security at lists.fi-ware.eu; PENNINGTON Sarah; GASPARD Lucie Subject: [Fiware-security] FI-PPP WP8 Audio conf announcement (06/02/2012 -11:30am - 1pm) Importance: High Dear All, In order to discuss finalization of our work on D2.3 and to discuss work that would need to be performed by end of this week on D2.4 I will organize an WP8 audio conference tomorrow at 12am till 1pm. Apologize for this short notice but in view of the deadlines of the week D2.3 and D2.4 I found important to have it the sooner the better to discuss things and align. Hope you could join and if not try to find a replacement for your organization to be represented at this audio Best Regards, Pascal PS: Same details as usual: Meeting room number: 391581 Number to dial to join: Australia Australia Toll Free 1800 005 574 Australia Sydney +61 (0) 282 239 767 Austria Vienna +43 (0) 2682 205 6609 Belgium Brussels +32 (0) 2 789 8678 Denmark Copenhagen +45 3271 4340 Finland Helsinki +358 (0) 923 142 830 France Lyon +33 (0) 426 840 285 France Marseille +33 (0) 488 915 385 France Paris +33 (0) 170 994 816 Germany Berlin +49 (0) 3072 616 7342 Germany D?sseldorf +49 (0) 2115 407 3902 Germany Frankfurt +49 (0) 6971 044 5635 Germany Hamburg +49 (0) 4080 902 0684 Germany Munich +49 (0) 8924 443 2893 Germany Stuttgart +49 (0) 7111 856 2130 Hong Kong Hong Kong +852 301 145 59 Hungary Budapest +36 (06) 1-889-3286 Ireland Dublin +353 (0) 14 860 780 Israel Israel Toll Free 1809 245 981 Italy Milan +39 0 230 413 017 Italy Rome +39 0 645 217 056 Italy Turin +39 0 112 179 2159 Japan Japan Toll Free 005 311 212 65 Japan Tokyo +81 (0) 357 675 025 Korea, Republic Of Seoul +82 (0) 234 831 224 Luxembourg Luxemburg City +352 2700 41 42 Malaysia Kuala Lumpur +60 (0) 377 124 640 Netherlands Amsterdam +31 (0) 207 948 529 New Zealand Auckland +64 (0) 9 919 2428 Norway Oslo +47 2153 3919 Poland Poland Toll Free 0080 0121 1304 Portugal Portugal Toll Free 800 814 183 Russia Russia Toll Free 81080 02209 4011 Singapore Singapore +65 6622 1068 Spain Barcelona +34 93 492 3235 Spain Madrid +34 91 788 9908 Sweden Stockholm +46 (0) 850 520 145 Switzerland Geneva +41 (0) 225 927 428 United Kingdom Birmingham +44 (0) 121 260 4686 United Kingdom London +44 (0) 207 153 9902 United Kingdom Manchester +44 (0) 161 250 0679 United States USA & Canada Toll Free 1888 249 0050 United States USA Toll +1 954 334 1559 -------------- next part -------------- An HTML attachment was scrubbed... URL: From francesco.di.cerbo at sap.com Mon Mar 5 17:19:43 2012 From: francesco.di.cerbo at sap.com (DI CERBO, Francesco) Date: Mon, 5 Mar 2012 17:19:43 +0100 Subject: [Fiware-security] FI-WARE Security - Outcomes of today's audio with CA regarding Security AT contrib to D2.3 (some work needed) In-Reply-To: <9893_1330961075_4F54DAB3_9893_330_1_740c153d-f6c6-4113-8b71-271d2c9c4367@THSONEA01HUB03P.one.grp> References: <6529_1330956706_4F54C9A1_6529_10145_3_2d71c9e2-f740-4c0e-9c7a-bed591c93b94@THSONEA01HUB02P.one.grp> <9893_1330961075_4F54DAB3_9893_330_1_740c153d-f6c6-4113-8b71-271d2c9c4367@THSONEA01HUB03P.one.grp> Message-ID: <71C0C7C7A712EE4CA636EDFD663B4E270399C00C9D@DEWDFECCR09.wdf.sap.corp> Hello Pascal, Thanks for your comments. As you remarked, many points were already addressed, nevertheless I went through all of them again, and you can find in the text of the previous email a log of all old and new modifications. Now at least for the Data Handling GE we should be absolutely aligned with whatever was requested. With respect to the Optional Security Services, I think that Morphus part is aligned with what was requested, but I hope that Philippe/Lucie are still working on this (for instance, on the Glossary, on the FMC block diagram...) Kind regards, Francesco > -----Original Message----- > From: BISSON Pascal [mailto:pascal.bisson at thalesgroup.com] > Sent: lundi 5 mars 2012 16:25 > some comments or suggestions that Juanjo would have like to be addressed > (e.g. "I would also suggest to elaborate on the following concepts: PPL and > PPI, PPL Privacy Tuner tool", "It would be nice to describe what PPL stands for, > the first time this acronym is used" ...) > > As for Optional Security enablers descriptions I do think his claim was that > they were not compliant with the Table of content suggested and used by > each of our GEs (also some diagrams were not FMC conformant). This is also > something which could be improved with support of INRIA and Thales (TAI) > who owns those enablers. > > Hope I have answered and clarified. > > Thanks in advance for your final check and polish. > > Hearing from you and best regards, > > Pascal > > PS: For your convenience here are the comments got from Juanjo (you mostly > addressed). > > > 1.5. Data Handling GE > > I would review writing of the example scenario. Some comments (part of > them editorial, but I have decided to compile all them together here): Scenario was rewritten-modified to be compliant with all comments. > > There is no section on "Basic Concepts". Probably it would make sense to > translate some of the content in the Appendix here (if you decide to move > everything, just the reference would be kept at the end). I would also suggest > to elaborate on the following concepts: > ? PPL and PPI Added a subsection in basic concepts > ? PPL Privacy Tuner tool Removed any reference to the Privacy Tuner, as it will be not part of the 1st release, and should be replaced by the integration with other GEs > Figure on Architecture should be adapted to follow FMC notation. On the > other hand, it would be nice to illustrate there: > ? What is the role of the Privacy Tuner ? Please try to illustrate it > ? Is the left big grey box a description of the architecture linked to the > "PPL Privacy Engine" ? If so, name it accordingly. Otherwise ... what > components would be linked to the PPL Privacy Engine ? Picture has been updated, indicating explicitly the Data Handling GE, that is composed by 3 high-level components > Main interactions after the Architecture figure: > ? You describe interactions in terms of operations described in some > sort of description of a RESTful binding. This doesn't follow the reference > example provided as guidelines. As a result, it is too austere and doesn't > elaborate on who invokes an operation, for example. Sequence diagrams > would be useful. A sequence diagram is provided, together with its linking with the use case scenario, and the following API. > ? The suggested structure for the "Main Interactions" section is fine > though: Outline adjusted as requested > > 1.6 Optional Security Enablers: > > I understand the Architecture Description of these enablers, and particularly > adaption to published guidelines, is under way. Therefore, I will wait until > they are more elaborated. > > > 2.2 Data Handling GE > ? I may be wrong but it seems to me like there is something missing or > wrong (from an editorial point of view) in the following sentence: "It supports > integrated data handling, in particular through two-sided detailed data > handling, that takes into account specific preferences/policies expressed using > the PPL language, based on XACML". Sentence modified. > ? It would be nice to describe what PPL stands for, the first time this > acronym is used. Same for PII. Addressed From pascal.bisson at thalesgroup.com Mon Mar 5 17:27:11 2012 From: pascal.bisson at thalesgroup.com (BISSON Pascal) Date: Mon, 5 Mar 2012 17:27:11 +0100 Subject: [Fiware-security] FI-PPP WP8 Audio conf announcement (06/02/2012 - 11:30am - 1pm) In-Reply-To: References: Message-ID: <9895_1330964835_4F54E963_9895_4001_1_ef3e43b4-ad5c-497b-a343-b626993ffa5b@THSONEA01HUB02P.one.grp> Correction our WP8 audio conference tomorrow will start at 12am (for 1hour duration). Regards, Pascal De : BISSON Pascal Envoy? : lundi 5 mars 2012 16:54 ? : fiware-security at lists.fi-ware.eu; PENNINGTON Sarah; GASPARD Lucie Cc : BISSON Pascal; GIDOIN Daniel Objet : FI-PPP WP8 Audio conf announcement (06/02/2012 - 11:30am - 1pm) Importance : Haute Dear All, In order to discuss finalization of our work on D2.3 and to discuss work that would need to be performed by end of this week on D2.4 I will organize an WP8 audio conference tomorrow at 12am till 1pm. Apologize for this short notice but in view of the deadlines of the week D2.3 and D2.4 I found important to have it the sooner the better to discuss things and align. Hope you could join and if not try to find a replacement for your organization to be represented at this audio Best Regards, Pascal PS: Same details as usual: Meeting room number: 391581 Number to dial to join: Australia Australia Toll Free 1800 005 574 Australia Sydney +61 (0) 282 239 767 Austria Vienna +43 (0) 2682 205 6609 Belgium Brussels +32 (0) 2 789 8678 Denmark Copenhagen +45 3271 4340 Finland Helsinki +358 (0) 923 142 830 France Lyon +33 (0) 426 840 285 France Marseille +33 (0) 488 915 385 France Paris +33 (0) 170 994 816 Germany Berlin +49 (0) 3072 616 7342 Germany D?sseldorf +49 (0) 2115 407 3902 Germany Frankfurt +49 (0) 6971 044 5635 Germany Hamburg +49 (0) 4080 902 0684 Germany Munich +49 (0) 8924 443 2893 Germany Stuttgart +49 (0) 7111 856 2130 Hong Kong Hong Kong +852 301 145 59 Hungary Budapest +36 (06) 1-889-3286 Ireland Dublin +353 (0) 14 860 780 Israel Israel Toll Free 1809 245 981 Italy Milan +39 0 230 413 017 Italy Rome +39 0 645 217 056 Italy Turin +39 0 112 179 2159 Japan Japan Toll Free 005 311 212 65 Japan Tokyo +81 (0) 357 675 025 Korea, Republic Of Seoul +82 (0) 234 831 224 Luxembourg Luxemburg City +352 2700 41 42 Malaysia Kuala Lumpur +60 (0) 377 124 640 Netherlands Amsterdam +31 (0) 207 948 529 New Zealand Auckland +64 (0) 9 919 2428 Norway Oslo +47 2153 3919 Poland Poland Toll Free 0080 0121 1304 Portugal Portugal Toll Free 800 814 183 Russia Russia Toll Free 81080 02209 4011 Singapore Singapore +65 6622 1068 Spain Barcelona +34 93 492 3235 Spain Madrid +34 91 788 9908 Sweden Stockholm +46 (0) 850 520 145 Switzerland Geneva +41 (0) 225 927 428 United Kingdom Birmingham +44 (0) 121 260 4686 United Kingdom London +44 (0) 207 153 9902 United Kingdom Manchester +44 (0) 161 250 0679 United States USA & Canada Toll Free 1888 249 0050 United States USA Toll +1 954 334 1559 -------------- next part -------------- An HTML attachment was scrubbed... URL: From alexandre.boeglin at inria.fr Mon Mar 5 17:27:57 2012 From: alexandre.boeglin at inria.fr (Alexandre Boeglin) Date: Mon, 5 Mar 2012 17:27:57 +0100 Subject: [Fiware-security] FI-WARE Security - Outcomes of today's audio with CA regarding Security AT contrib to D2.3 (some work needed) In-Reply-To: <6529_1330956706_4F54C9A1_6529_10145_3_2d71c9e2-f740-4c0e-9c7a-bed591c93b94@THSONEA01HUB02P.one.grp> References: <6529_1330956706_4F54C9A1_6529_10145_3_2d71c9e2-f740-4c0e-9c7a-bed591c93b94@THSONEA01HUB02P.one.grp> Message-ID: <20120305162757.GH4390@inria.fr> Hello Pascal, everybody, I have to say I don't exactly understand what we are asked to do here. The original comment from Juanjo was quite generic ("adaption to published guidelines"), and on February 21, our document already contained the "Overview", "Basic Concepts" and "Main Interactions" sections. Daniel later asked us to add a "Basic Design Principles" section, which was also done? So, could you please elaborate on what we have to do to get the document accepted ? Thanks in advance. Best regards, Alexandre Le lundi 05 mars 2012 ? 15:11, BISSON Pascal a ?crit: > Dear Task leads/GE owners, > > This just to let you know that this morning I had an audio conference with Juanjo were discussed the readiness of our GEs description for publication in the context of D2.3 and according to latest version available on FI-WARE Private wiki (https://forge.fi-ware.eu/plugins/mediawiki/wiki/fi-ware-private/index.php/FiwareDeliverableD2.3) aka the place where we are supposed to upload our GE description from our FI-WARE Security Private Wiki. > > Here are what we discussed and agreed: > > * We will proceed with publishing the contents linked to the Security Monitoring GE because despite some additional comments may come after a second review, it's worth publishing the current contents and we can deal with new comments by end of March (but without the pressure of delivery dates) > * We will proceed with publishing the contents linked to the Identity Management GE provided that the owner commits to translate the figures to FMC format by end of this week. As with the previous case, despite some additional comments may come after a second review, it's worth publishing the current contents and we can deal with new comments by end of March (but without the pressure of delivery dates) > * We will publish the Privacy GE > * We won't publish the rest pending on response regarding how the comments initially provided by Juanjo were addressed (please refer here to email I forwarded you from Juanjo - 21 f?vrier 2012 05:07 - on the topic ). Apparently, comments were not addressed for some of the GEs, if not all, and even the history of the Wiki pages reflect that. In order not to delay any longer the publishing of our Security Chapter contrib. to D2.3 I will ask: > o Antonio as to check and address Juanjo's comments on Context-based security and compliance comments this no later than by tomorrow EOB, > o Same for Slim or Francesco regarding Data Handling GE although after a quick scan I noticed they had already implemented a number of Juanjo's comments. > o Slim/Francesco, Alexandre, Philippe/Lucie to do the same for what concerns Optional Security GEs > > Please Antonio, Slim/Francesco, Alexandre, Philippe/Lucie please acknowledge receipt of this email and confirm you would be addressing comments according the set deadline (i.e. by tomorrow EOB at the latest - hope earlier - let me know once done) to close our work on D2.3 and have our specifications be published also redirect our effort on our Security contrib. to D2.4. > > Hearing from you, > > Best Regards, > > Pascal > > PS: Don't forget to stick to suggested table of content if not done already and follow instructions provided at https://forge.fi-ware.eu/plugins/mediawiki/wiki/fi-ware-private/index.php/Instructions_on_how_to_develop_FI-WARE_Chapter_Architecture_Descriptions > PS2: As announced will call for an audio conference tomorrow. Will provide you with details in a separate email. -- Alexandre Boeglin ?quipe-Projet Madynes INRIA -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/x-pkcs7-signature Size: 3058 bytes Desc: not available URL: From pascal.bisson at thalesgroup.com Mon Mar 5 17:35:10 2012 From: pascal.bisson at thalesgroup.com (BISSON Pascal) Date: Mon, 5 Mar 2012 17:35:10 +0100 Subject: [Fiware-security] FI-WARE Security - Outcomes of today's audio with CA regarding Security AT contrib to D2.3 (some work needed) In-Reply-To: <20120305162757.GH4390@inria.fr> References: <6529_1330956706_4F54C9A1_6529_10145_3_2d71c9e2-f740-4c0e-9c7a-bed591c93b94@THSONEA01HUB02P.one.grp> <20120305162757.GH4390@inria.fr> Message-ID: <9895_1330965313_4F54EB41_9895_4422_1_d0c81369-2f6c-4417-b1ce-c60abeb8c53f@THSONEA01HUB02P.one.grp> Dear Alexandre, In view of what you did already it should be fine from your side since compliant with ToC suggested and agreed. Will let you know in case Juanjo's would need more. Regards, Pascal -----Message d'origine----- De?: Alexandre Boeglin [mailto:alexandre.boeglin at inria.fr] Envoy??: lundi 5 mars 2012 17:28 ??: BISSON Pascal Cc?: Seidl, Robert (NSN - DE/Munich); gabor.marton at nsn.com; norbert.goetze at nsn.com; slim.trabelsi at sap.com; francesco.di.cerbo at sap.com; GASPARD Lucie; osb at zurich.ibm.com; anj at zurich.ibm.com; antonio.garcia at atosorigin.com; Antonio Garcia Vazquez; LELEU Philippe; Wolfgang.Steigerwald at telekom.de; GIDOIN Daniel; Pedro Soria Rodriguez; fiware-security at lists.fi-ware.eu Objet?: Re: FI-WARE Security - Outcomes of today's audio with CA regarding Security AT contrib to D2.3 (some work needed) Hello Pascal, everybody, I have to say I don't exactly understand what we are asked to do here. The original comment from Juanjo was quite generic ("adaption to published guidelines"), and on February 21, our document already contained the "Overview", "Basic Concepts" and "Main Interactions" sections. Daniel later asked us to add a "Basic Design Principles" section, which was also done? So, could you please elaborate on what we have to do to get the document accepted ? Thanks in advance. Best regards, Alexandre Le lundi 05 mars 2012 ? 15:11, BISSON Pascal a ?crit: > Dear Task leads/GE owners, > > This just to let you know that this morning I had an audio conference with Juanjo were discussed the readiness of our GEs description for publication in the context of D2.3 and according to latest version available on FI-WARE Private wiki (https://forge.fi-ware.eu/plugins/mediawiki/wiki/fi-ware-private/index.php/FiwareDeliverableD2.3) aka the place where we are supposed to upload our GE description from our FI-WARE Security Private Wiki. > > Here are what we discussed and agreed: > > * We will proceed with publishing the contents linked to the Security Monitoring GE because despite some additional comments may come after a second review, it's worth publishing the current contents and we can deal with new comments by end of March (but without the pressure of delivery dates) > * We will proceed with publishing the contents linked to the Identity Management GE provided that the owner commits to translate the figures to FMC format by end of this week. As with the previous case, despite some additional comments may come after a second review, it's worth publishing the current contents and we can deal with new comments by end of March (but without the pressure of delivery dates) > * We will publish the Privacy GE > * We won't publish the rest pending on response regarding how the comments initially provided by Juanjo were addressed (please refer here to email I forwarded you from Juanjo - 21 f?vrier 2012 05:07 - on the topic ). Apparently, comments were not addressed for some of the GEs, if not all, and even the history of the Wiki pages reflect that. In order not to delay any longer the publishing of our Security Chapter contrib. to D2.3 I will ask: > o Antonio as to check and address Juanjo's comments on Context-based security and compliance comments this no later than by tomorrow EOB, > o Same for Slim or Francesco regarding Data Handling GE although after a quick scan I noticed they had already implemented a number of Juanjo's comments. > o Slim/Francesco, Alexandre, Philippe/Lucie to do the same for what concerns Optional Security GEs > > Please Antonio, Slim/Francesco, Alexandre, Philippe/Lucie please acknowledge receipt of this email and confirm you would be addressing comments according the set deadline (i.e. by tomorrow EOB at the latest - hope earlier - let me know once done) to close our work on D2.3 and have our specifications be published also redirect our effort on our Security contrib. to D2.4. > > Hearing from you, > > Best Regards, > > Pascal > > PS: Don't forget to stick to suggested table of content if not done already and follow instructions provided at https://forge.fi-ware.eu/plugins/mediawiki/wiki/fi-ware-private/index.php/Instructions_on_how_to_develop_FI-WARE_Chapter_Architecture_Descriptions > PS2: As announced will call for an audio conference tomorrow. Will provide you with details in a separate email. -- Alexandre Boeglin ?quipe-Projet Madynes INRIA From pascal.bisson at thalesgroup.com Mon Mar 5 17:51:26 2012 From: pascal.bisson at thalesgroup.com (BISSON Pascal) Date: Mon, 5 Mar 2012 17:51:26 +0100 Subject: [Fiware-security] FI-WARE Security - Outcomes of today's audio with CA regarding Security AT contrib to D2.3 (some work needed) In-Reply-To: <71C0C7C7A712EE4CA636EDFD663B4E270399C00C9D@DEWDFECCR09.wdf.sap.corp> References: <6529_1330956706_4F54C9A1_6529_10145_3_2d71c9e2-f740-4c0e-9c7a-bed591c93b94@THSONEA01HUB02P.one.grp> <9893_1330961075_4F54DAB3_9893_330_1_740c153d-f6c6-4113-8b71-271d2c9c4367@THSONEA01HUB03P.one.grp> <71C0C7C7A712EE4CA636EDFD663B4E270399C00C9D@DEWDFECCR09.wdf.sap.corp> Message-ID: <4735_1330966291_4F54EF13_4735_9807_1_4b70ef4b-0e2d-4a5f-889a-bc83066677af@THSONEA01HUB01P.one.grp> Excellent many thanks for this final check/polish regarding Data Handling GE that for me is now perfectly fine and so ready to be published. As for Optional Security enablers I know that Lucie is working hard completing the description. Last remark, regarding DBAnomyzer I see "Basic concepts" section missing. May be worth to add one for the sake of conformance to the Table of Content. Regards, Pascal -----Message d'origine----- De?: DI CERBO, Francesco [mailto:francesco.di.cerbo at sap.com] Envoy??: lundi 5 mars 2012 17:20 ??: BISSON Pascal; GASPARD Lucie; Alexandre Boeglin; LELEU Philippe Cc?: GIDOIN Daniel; Pedro Soria Rodriguez; fiware-security at lists.fi-ware.eu; TRABELSI, Slim; Seidl, Robert (NSN - DE/Munich); gabor.marton at nsn.com; norbert.goetze at nsn.com; osb at zurich.ibm.com; anj at zurich.ibm.com; antonio.garcia at atosorigin.com; Antonio Garcia Vazquez; Wolfgang.Steigerwald at telekom.de Objet?: RE: FI-WARE Security - Outcomes of today's audio with CA regarding Security AT contrib to D2.3 (some work needed) Hello Pascal, Thanks for your comments. As you remarked, many points were already addressed, nevertheless I went through all of them again, and you can find in the text of the previous email a log of all old and new modifications. Now at least for the Data Handling GE we should be absolutely aligned with whatever was requested. With respect to the Optional Security Services, I think that Morphus part is aligned with what was requested, but I hope that Philippe/Lucie are still working on this (for instance, on the Glossary, on the FMC block diagram...) Kind regards, Francesco > -----Original Message----- > From: BISSON Pascal [mailto:pascal.bisson at thalesgroup.com] > Sent: lundi 5 mars 2012 16:25 > some comments or suggestions that Juanjo would have like to be addressed > (e.g. "I would also suggest to elaborate on the following concepts: PPL and > PPI, PPL Privacy Tuner tool", "It would be nice to describe what PPL stands for, > the first time this acronym is used" ...) > > As for Optional Security enablers descriptions I do think his claim was that > they were not compliant with the Table of content suggested and used by > each of our GEs (also some diagrams were not FMC conformant). This is also > something which could be improved with support of INRIA and Thales (TAI) > who owns those enablers. > > Hope I have answered and clarified. > > Thanks in advance for your final check and polish. > > Hearing from you and best regards, > > Pascal > > PS: For your convenience here are the comments got from Juanjo (you mostly > addressed). > > > 1.5. Data Handling GE > > I would review writing of the example scenario. Some comments (part of > them editorial, but I have decided to compile all them together here): Scenario was rewritten-modified to be compliant with all comments. > > There is no section on "Basic Concepts". Probably it would make sense to > translate some of the content in the Appendix here (if you decide to move > everything, just the reference would be kept at the end). I would also suggest > to elaborate on the following concepts: > ? PPL and PPI Added a subsection in basic concepts > ? PPL Privacy Tuner tool Removed any reference to the Privacy Tuner, as it will be not part of the 1st release, and should be replaced by the integration with other GEs > Figure on Architecture should be adapted to follow FMC notation. On the > other hand, it would be nice to illustrate there: > ? What is the role of the Privacy Tuner ? Please try to illustrate it > ? Is the left big grey box a description of the architecture linked to the > "PPL Privacy Engine" ? If so, name it accordingly. Otherwise ... what > components would be linked to the PPL Privacy Engine ? Picture has been updated, indicating explicitly the Data Handling GE, that is composed by 3 high-level components > Main interactions after the Architecture figure: > ? You describe interactions in terms of operations described in some > sort of description of a RESTful binding. This doesn't follow the reference > example provided as guidelines. As a result, it is too austere and doesn't > elaborate on who invokes an operation, for example. Sequence diagrams > would be useful. A sequence diagram is provided, together with its linking with the use case scenario, and the following API. > ? The suggested structure for the "Main Interactions" section is fine > though: Outline adjusted as requested > > 1.6 Optional Security Enablers: > > I understand the Architecture Description of these enablers, and particularly > adaption to published guidelines, is under way. Therefore, I will wait until > they are more elaborated. > > > 2.2 Data Handling GE > ? I may be wrong but it seems to me like there is something missing or > wrong (from an editorial point of view) in the following sentence: "It supports > integrated data handling, in particular through two-sided detailed data > handling, that takes into account specific preferences/policies expressed using > the PPL language, based on XACML". Sentence modified. > ? It would be nice to describe what PPL stands for, the first time this > acronym is used. Same for PII. Addressed From francesco.di.cerbo at sap.com Mon Mar 5 18:23:43 2012 From: francesco.di.cerbo at sap.com (DI CERBO, Francesco) Date: Mon, 5 Mar 2012 18:23:43 +0100 Subject: [Fiware-security] FI-WARE Security - Outcomes of today's audio with CA regarding Security AT contrib to D2.3 (some work needed) In-Reply-To: <4735_1330966291_4F54EF13_4735_9807_1_4b70ef4b-0e2d-4a5f-889a-bc83066677af@THSONEA01HUB01P.one.grp> References: <6529_1330956706_4F54C9A1_6529_10145_3_2d71c9e2-f740-4c0e-9c7a-bed591c93b94@THSONEA01HUB02P.one.grp> <9893_1330961075_4F54DAB3_9893_330_1_740c153d-f6c6-4113-8b71-271d2c9c4367@THSONEA01HUB03P.one.grp> <71C0C7C7A712EE4CA636EDFD663B4E270399C00C9D@DEWDFECCR09.wdf.sap.corp> <4735_1330966291_4F54EF13_4735_9807_1_4b70ef4b-0e2d-4a5f-889a-bc83066677af@THSONEA01HUB01P.one.grp> Message-ID: <71C0C7C7A712EE4CA636EDFD663B4E270399C00DCA@DEWDFECCR09.wdf.sap.corp> Ok Pascal, I also addressed the last remark on the DB Anonymizer. Best, Francesco > -----Original Message----- > From: BISSON Pascal [mailto:pascal.bisson at thalesgroup.com] > Sent: lundi 5 mars 2012 17:51 > To: DI CERBO, Francesco; GASPARD Lucie; Alexandre Boeglin; LELEU Philippe > Cc: GIDOIN Daniel; Pedro Soria Rodriguez; fiware-security at lists.fi-ware.eu; > TRABELSI, Slim; Seidl, Robert (NSN - DE/Munich); gabor.marton at nsn.com; > norbert.goetze at nsn.com; osb at zurich.ibm.com; anj at zurich.ibm.com; > antonio.garcia at atosorigin.com; Antonio Garcia Vazquez; > Wolfgang.Steigerwald at telekom.de > Subject: RE: FI-WARE Security - Outcomes of today's audio with CA regarding > Security AT contrib to D2.3 (some work needed) > > Excellent many thanks for this final check/polish regarding Data Handling GE > that for me is now perfectly fine and so ready to be published. > > As for Optional Security enablers I know that Lucie is working hard completing > the description. > > Last remark, regarding DBAnomyzer I see "Basic concepts" section missing. > May be worth to add one for the sake of conformance to the Table of Content. > > Regards, > Pascal > > -----Message d'origine----- > De?: DI CERBO, Francesco [mailto:francesco.di.cerbo at sap.com] > Envoy??: lundi 5 mars 2012 17:20 > ??: BISSON Pascal; GASPARD Lucie; Alexandre Boeglin; LELEU Philippe > Cc?: GIDOIN Daniel; Pedro Soria Rodriguez; fiware-security at lists.fi-ware.eu; > TRABELSI, Slim; Seidl, Robert (NSN - DE/Munich); gabor.marton at nsn.com; > norbert.goetze at nsn.com; osb at zurich.ibm.com; anj at zurich.ibm.com; > antonio.garcia at atosorigin.com; Antonio Garcia Vazquez; > Wolfgang.Steigerwald at telekom.de > Objet?: RE: FI-WARE Security - Outcomes of today's audio with CA regarding > Security AT contrib to D2.3 (some work needed) > > Hello Pascal, > Thanks for your comments. As you remarked, many points were already > addressed, nevertheless I went through all of them again, and you can find in > the text of the previous email a log of all old and new modifications. > > Now at least for the Data Handling GE we should be absolutely aligned with > whatever was requested. > > With respect to the Optional Security Services, I think that Morphus part is > aligned with what was requested, but I hope that Philippe/Lucie are still > working on this (for instance, on the Glossary, on the FMC block diagram...) > > Kind regards, > > Francesco > > > -----Original Message----- > > From: BISSON Pascal [mailto:pascal.bisson at thalesgroup.com] > > Sent: lundi 5 mars 2012 16:25 > > > some comments or suggestions that Juanjo would have like to be addressed > > (e.g. "I would also suggest to elaborate on the following concepts: PPL and > > PPI, PPL Privacy Tuner tool", "It would be nice to describe what PPL stands for, > > the first time this acronym is used" ...) > > > > > As for Optional Security enablers descriptions I do think his claim was that > > they were not compliant with the Table of content suggested and used by > > each of our GEs (also some diagrams were not FMC conformant). This is also > > something which could be improved with support of INRIA and Thales (TAI) > > who owns those enablers. > > > > Hope I have answered and clarified. > > > > Thanks in advance for your final check and polish. > > > > Hearing from you and best regards, > > > > Pascal > > > > PS: For your convenience here are the comments got from Juanjo (you mostly > > addressed). > > > > > > 1.5. Data Handling GE > > > > I would review writing of the example scenario. Some comments (part of > > them editorial, but I have decided to compile all them together here): > > Scenario was rewritten-modified to be compliant with all comments. > > > > > There is no section on "Basic Concepts". Probably it would make sense to > > translate some of the content in the Appendix here (if you decide to move > > everything, just the reference would be kept at the end). I would also > suggest > > to elaborate on the following concepts: > > ? PPL and PPI > > Added a subsection in basic concepts > > > ? PPL Privacy Tuner tool > > Removed any reference to the Privacy Tuner, as it will be not part of the 1st > release, and should be replaced by the integration with other GEs > > > Figure on Architecture should be adapted to follow FMC notation. On the > > other hand, it would be nice to illustrate there: > > ? What is the role of the Privacy Tuner ? Please try to illustrate it > > ? Is the left big grey box a description of the architecture linked to the > > "PPL Privacy Engine" ? If so, name it accordingly. Otherwise ... what > > components would be linked to the PPL Privacy Engine ? > > Picture has been updated, indicating explicitly the Data Handling GE, that is > composed by 3 high-level components > > > Main interactions after the Architecture figure: > > ? You describe interactions in terms of operations described in some > > sort of description of a RESTful binding. This doesn't follow the reference > > example provided as guidelines. As a result, it is too austere and doesn't > > elaborate on who invokes an operation, for example. Sequence diagrams > > would be useful. > > A sequence diagram is provided, together with its linking with the use case > scenario, and the following API. > > > ? The suggested structure for the "Main Interactions" section is fine > > though: > > Outline adjusted as requested > > > > > 1.6 Optional Security Enablers: > > > > I understand the Architecture Description of these enablers, and particularly > > adaption to published guidelines, is under way. Therefore, I will wait until > > they are more elaborated. > > > > > > 2.2 Data Handling GE > > ? I may be wrong but it seems to me like there is something missing or > > wrong (from an editorial point of view) in the following sentence: "It supports > > integrated data handling, in particular through two-sided detailed data > > handling, that takes into account specific preferences/policies expressed > using > > the PPL language, based on XACML". > > Sentence modified. > > > ? It would be nice to describe what PPL stands for, the first time this > > acronym is used. Same for PII. > > Addressed From antonio.garcia at atosresearch.eu Tue Mar 6 07:54:22 2012 From: antonio.garcia at atosresearch.eu (Antonio Garcia Vazquez) Date: Tue, 6 Mar 2012 07:54:22 +0100 Subject: [Fiware-security] FI-WARE Security - Outcomes of today's audio with CA regarding Security AT contrib to D2.3 (some work needed) In-Reply-To: <6529_1330961570_4F54DCA2_6529_13934_1_7040456d-3ea0-4457-a66b-387e072381ed@THSONEA01HUB05P.one.grp> References: <6529_1330956706_4F54C9A1_6529_10145_3_2d71c9e2-f740-4c0e-9c7a-bed591c93b94@THSONEA01HUB02P.one.grp> <8E18929A6C79354FB4BD9BD4636DCB066AB68D@INTMAIL03.es.int.atosorigin.com> <6529_1330961570_4F54DCA2_6529_13934_1_7040456d-3ea0-4457-a66b-387e072381ed@THSONEA01HUB05P.one.grp> Message-ID: <8E18929A6C79354FB4BD9BD4636DCB066AB86C@INTMAIL03.es.int.atosorigin.com> Pascal, First of all, please take into account that this GE is planned on 2nd Release, so is not as mature as other GE's and as is been indicated into the "how to" page it is not mandatory to provide description for this GE, nevertheless it is useful to include a description of the chapters already defined. Then I'd like to inform you the work already done after receiving the comments to my first deliverable version (17th Feb.). >From my point of view the changes has been implemented (from 20th till 23th Feb) so I believe that, at this moment, the description provided follows those indications. I'm enclosing a detailed description of this topics, in case you can tell me please where is the mismatch. 1) "The figure on the Architecture should be converted to follow FMC notation" I've updated the diagram as requested. 2) " It seems like the Architecture Description of this GE follows the guidelines provided but there is a mismatch in the table of contents...." - "Main Interactions" has been renamed into Context-based security & compliance architecture as requested - "Design Principles" first option has somehow implemented. Instead of adding the name of the request to the sequence diagram and rename last section into Basic Data Structures I've included the interface description of arguments following the description of each related step on the sequence diagram 3) About current Table of contents: The template provided says that we can take as a reference "The Publish/Subscribe Broker GE" witch has nearly the same main point as "Context-based security & compliance GE": 1.-Overview 2.-Basic Concepts 3.-GE Architecture 4.-Main Iterations 5.-References So I'm renaming "Context-based security & compliance GE" 4 & 4.1 points (4.-Basic Design Principles & 4.1.-Main Interactions) into 4.-Main Iterations On the other hand as References subsection seems not to be necessary I'll try to include it later 4) Detailed description of interface with Market Place: This interface is provided by WP3; a reference is being included 5) Detailed description of internal interfaces with rules repository and monitoring systems: I haven't, at this moment, any deliverable version of these interfaces and will be described by 2nd release as is indicated in their sections. A note clearly indicating the expecting delivery release of the GE could be helpful about this and other related topics. I'm working on it Any way we can discuss these point in our conference at 12:00 Best Regards. ************************************ * Antonio Garc?a-V?zquez * * (+34) 91 214 9384 * * antonio.garcia at atosresearch.eu * ************************************ From: BISSON Pascal [mailto:pascal.bisson at thalesgroup.com] Sent: lunes, 05 de marzo de 2012 16:33 To: Antonio Garcia Vazquez; Seidl, Robert (NSN - DE/Munich); gabor.marton at nsn.com; norbert.goetze at nsn.com; slim.trabelsi at sap.com; francesco.di.cerbo at sap.com; GASPARD Lucie; Alexandre Boeglin; osb at zurich.ibm.com; anj at zurich.ibm.com; LELEU Philippe; Wolfgang.Steigerwald at telekom.de Cc: GIDOIN Daniel; Pedro Soria Rodriguez; fiware-security at lists.fi-ware.eu Subject: RE: FI-WARE Security - Outcomes of today's audio with CA regarding Security AT contrib to D2.3 (some work needed) Dear Antonio, Hereafter you will find the comments Juanjo issued on Context-based security & compliance. For me and after a quick check they are still valid since I don't see them addressed (e.g. mismatch in the Table of content that makes this GE description not conformant to the toc suggested and agreed by others, ...). So please check them and address (also let me once addressed) them asap and by EOB tomorrow at the latest following recommendations provided by Juanjo. Hearing from you. Best Regards Pascal 1.2 Context-based security & compliance It seems like the Architecture Description of this GE follows the guidelines provided but there is a mismatch in the table of contents ... The section titled "Main Interactions" looks like it should be titled "Context-based security & compliance architecture" while the sections under "sequence diagrams" within the "Basic Design Principles" section would actually fit better as contents of the "Main Interactions" section. Contents of the remaining of section "Design Principles" look more like the detailed description of data exchanged in some of the interactions described in the sequence diagrams ... however, the relationship is not so explicit because the text in the descriptions of sequence diagrams does not always include a reference to the request/response being issued. I see to alternatives to deal with this editorially: * Add the names of the specific operation request / responses within the sequence diagram descriptions and then endup the "Main Interactions" sections with a subsection titled "Basic Data Structures", elaborating on the detailed description of arguments linked to operation request/responses being referred in the interactions. * Add the names of the specific operation request / responses within the sequence diagram descriptions and enrich then with text describing the data structures linked to those operation request/responses (e.g., " invokes the request passing the , and as arguments") Probably the first option is easier to implement and I would recommend it. The figure on the Architecture should be converted to follow FMC notation. De : Antonio Garcia Vazquez [mailto:antonio.garcia at atosresearch.eu] Envoy? : lundi 5 mars 2012 15:26 ? : BISSON Pascal; Seidl, Robert (NSN - DE/Munich); gabor.marton at nsn.com ; norbert.goetze at nsn.com ; slim.trabelsi at sap.com ; francesco.di.cerbo at sap.com ; GASPARD Lucie; Alexandre Boeglin; osb at zurich.ibm.com ; anj at zurich.ibm.com ; LELEU Philippe; Wolfgang.Steigerwald at telekom.de Cc : GIDOIN Daniel; Pedro Soria Rodriguez; fiware-security at lists.fi-ware.eu Objet : RE: FI-WARE Security - Outcomes of today's audio with CA regarding Security AT contrib to D2.3 (some work needed) Pascal, I've already made some changes following those indications. Can you tell me the points I should still correct. Best Regards ************************************ * Antonio Garc?a-V?zquez * * (+34) 91 214 9384 * * antonio.garcia at atosresearch.eu * ************************************ From: BISSON Pascal [mailto:pascal.bisson at thalesgroup.com] Sent: lunes, 05 de marzo de 2012 15:12 To: Seidl, Robert (NSN - DE/Munich); gabor.marton at nsn.com ; norbert.goetze at nsn.com ; slim.trabelsi at sap.com ; francesco.di.cerbo at sap.com ; GASPARD Lucie; Alexandre Boeglin; osb at zurich.ibm.com ; anj at zurich.ibm.com ; Antonio Garcia Vazquez; Antonio Garcia Vazquez; LELEU Philippe; Wolfgang.Steigerwald at telekom.de Cc: GIDOIN Daniel; BISSON Pascal; Pedro Soria Rodriguez; fiware-security at lists.fi-ware.eu Subject: FI-WARE Security - Outcomes of today's audio with CA regarding Security AT contrib to D2.3 (some work needed) Importance: High Dear Task leads/GE owners, This just to let you know that this morning I had an audio conference with Juanjo were discussed the readiness of our GEs description for publication in the context of D2.3 and according to latest version available on FI-WARE Private wiki (https://forge.fi-ware.eu/plugins/mediawiki/wiki/fi-ware-private/index.php/FiwareDeliverableD2.3 ) aka the place where we are supposed to upload our GE description from our FI-WARE Security Private Wiki. Here are what we discussed and agreed: * We will proceed with publishing the contents linked to the Security Monitoring GE because despite some additional comments may come after a second review, it's worth publishing the current contents and we can deal with new comments by end of March (but without the pressure of delivery dates) * We will proceed with publishing the contents linked to the Identity Management GE provided that the owner commits to translate the figures to FMC format by end of this week. As with the previous case, despite some additional comments may come after a second review, it's worth publishing the current contents and we can deal with new comments by end of March (but without the pressure of delivery dates) * We will publish the Privacy GE * We won't publish the rest pending on response regarding how the comments initially provided by Juanjo were addressed (please refer here to email I forwarded you from Juanjo - 21 f?vrier 2012 05:07 - on the topic ). Apparently, comments were not addressed for some of the GEs, if not all, and even the history of the Wiki pages reflect that. In order not to delay any longer the publishing of our Security Chapter contrib. to D2.3 I will ask: o Antonio as to check and address Juanjo's comments on Context-based security and compliance comments this no later than by tomorrow EOB, o Same for Slim or Francesco regarding Data Handling GE although after a quick scan I noticed they had already implemented a number of Juanjo's comments. o Slim/Francesco, Alexandre, Philippe/Lucie to do the same for what concerns Optional Security GEs Please Antonio, Slim/Francesco, Alexandre, Philippe/Lucie please acknowledge receipt of this email and confirm you would be addressing comments according the set deadline (i.e. by tomorrow EOB at the latest - hope earlier - let me know once done) to close our work on D2.3 and have our specifications be published also redirect our effort on our Security contrib. to D2.4. Hearing from you, Best Regards, Pascal PS: Don't forget to stick to suggested table of content if not done already and follow instructions provided at https://forge.fi-ware.eu/plugins/mediawiki/wiki/fi-ware-private/index.php/Instructions_on_how_to_develop_FI-WARE_Chapter_Architecture_Descriptions PS2: As announced will call for an audio conference tomorrow. Will provide you with details in a separate email. ------------------------------------------------------------------ This e-mail and the documents attached are confidential and intended solely for the addressee; it may also be privileged. If you receive this e-mail in error, please notify the sender immediately and destroy it. As its integrity cannot be secured on the Internet, the Atos group liability cannot be triggered for the message content. Although the sender endeavours to maintain a computer virus-free network, the sender does not warrant that this transmission is virus-free and will not be liable for any damages resulting from any virus transmitted. Este mensaje y los ficheros adjuntos pueden contener informacion confidencial destinada solamente a la(s) persona(s) mencionadas anteriormente pueden estar protegidos por secreto profesional. Si usted recibe este correo electronico por error, gracias por informar inmediatamente al remitente y destruir el mensaje. Al no estar asegurada la integridad de este mensaje sobre la red, Atos no se hace responsable por su contenido. Su contenido no constituye ningun compromiso para el grupo Atos, salvo ratificacion escrita por ambas partes. Aunque se esfuerza al maximo por mantener su red libre de virus, el emisor no puede garantizar nada al respecto y no sera responsable de cualesquiera danos que puedan resultar de una transmision de virus. ------------------------------------------------------------------ -------------- next part -------------- An HTML attachment was scrubbed... URL: From pascal.bisson at thalesgroup.com Tue Mar 6 09:52:14 2012 From: pascal.bisson at thalesgroup.com (BISSON Pascal) Date: Tue, 6 Mar 2012 09:52:14 +0100 Subject: [Fiware-security] FI-WARE Security - Outcomes of today's audio with CA regarding Security AT contrib to D2.3 (some work needed) In-Reply-To: <8E18929A6C79354FB4BD9BD4636DCB066AB86C@INTMAIL03.es.int.atosorigin.com> References: <6529_1330956706_4F54C9A1_6529_10145_3_2d71c9e2-f740-4c0e-9c7a-bed591c93b94@THSONEA01HUB02P.one.grp> <8E18929A6C79354FB4BD9BD4636DCB066AB68D@INTMAIL03.es.int.atosorigin.com> <6529_1330961570_4F54DCA2_6529_13934_1_7040456d-3ea0-4457-a66b-387e072381ed@THSONEA01HUB05P.one.grp> <8E18929A6C79354FB4BD9BD4636DCB066AB86C@INTMAIL03.es.int.atosorigin.com> Message-ID: <32676_1331023939_4F55D043_32676_458_1_36fa450d-2dbd-4d13-9c31-c94901540c00@THSONEA01HUB01P.one.grp> Dear Antonio, Thanks for your email and report on changes you introduced. The Table of Content which was suggested to follow was the one provided in the instructions available at: https://forge.fi-ware.eu/plugins/mediawiki/wiki/fi-ware-private/index.php/Instructions_on_how_to_develop_FI-WARE_Chapter_Architecture_Descriptions As such and to make you conformant to other descriptions I would suggest you to refer to it and to follow it. Most important in your case would be to add the section which is missing aka section Basic Design principles following Main interactions section. Hope it helps you. Best Regards, Pascal De : Antonio Garcia Vazquez [mailto:antonio.garcia at atosresearch.eu] Envoy? : mardi 6 mars 2012 07:54 ? : BISSON Pascal; Seidl, Robert (NSN - DE/Munich); gabor.marton at nsn.com; norbert.goetze at nsn.com; slim.trabelsi at sap.com; francesco.di.cerbo at sap.com; GASPARD Lucie; Alexandre Boeglin; osb at zurich.ibm.com; anj at zurich.ibm.com; LELEU Philippe; Wolfgang.Steigerwald at telekom.de Cc : GIDOIN Daniel; Pedro Soria Rodriguez; fiware-security at lists.fi-ware.eu Objet : RE: FI-WARE Security - Outcomes of today's audio with CA regarding Security AT contrib to D2.3 (some work needed) Pascal, First of all, please take into account that this GE is planned on 2nd Release, so is not as mature as other GE's and as is been indicated into the "how to" page it is not mandatory to provide description for this GE, nevertheless it is useful to include a description of the chapters already defined. Then I'd like to inform you the work already done after receiving the comments to my first deliverable version (17th Feb.). >From my point of view the changes has been implemented (from 20th till 23th Feb) so I believe that, at this moment, the description provided follows those indications. I'm enclosing a detailed description of this topics, in case you can tell me please where is the mismatch. 1) "The figure on the Architecture should be converted to follow FMC notation" I've updated the diagram as requested. 2) " It seems like the Architecture Description of this GE follows the guidelines provided but there is a mismatch in the table of contents...." - "Main Interactions" has been renamed into Context-based security & compliance architecture as requested - "Design Principles" first option has somehow implemented. Instead of adding the name of the request to the sequence diagram and rename last section into Basic Data Structures I've included the interface description of arguments following the description of each related step on the sequence diagram 3) About current Table of contents: The template provided says that we can take as a reference "The Publish/Subscribe Broker GE" witch has nearly the same main point as "Context-based security & compliance GE": 1.-Overview 2.-Basic Concepts 3.-GE Architecture 4.-Main Iterations 5.-References So I'm renaming "Context-based security & compliance GE" 4 & 4.1 points (4.-Basic Design Principles & 4.1.-Main Interactions) into 4.-Main Iterations On the other hand as References subsection seems not to be necessary I'll try to include it later 4) Detailed description of interface with Market Place: This interface is provided by WP3; a reference is being included 5) Detailed description of internal interfaces with rules repository and monitoring systems: I haven't, at this moment, any deliverable version of these interfaces and will be described by 2nd release as is indicated in their sections. A note clearly indicating the expecting delivery release of the GE could be helpful about this and other related topics. I'm working on it Any way we can discuss these point in our conference at 12:00 Best Regards. ************************************ * Antonio Garc?a-V?zquez * * (+34) 91 214 9384 * * antonio.garcia at atosresearch.eu * ************************************ From: BISSON Pascal [mailto:pascal.bisson at thalesgroup.com] Sent: lunes, 05 de marzo de 2012 16:33 To: Antonio Garcia Vazquez; Seidl, Robert (NSN - DE/Munich); gabor.marton at nsn.com; norbert.goetze at nsn.com; slim.trabelsi at sap.com; francesco.di.cerbo at sap.com; GASPARD Lucie; Alexandre Boeglin; osb at zurich.ibm.com; anj at zurich.ibm.com; LELEU Philippe; Wolfgang.Steigerwald at telekom.de Cc: GIDOIN Daniel; Pedro Soria Rodriguez; fiware-security at lists.fi-ware.eu Subject: RE: FI-WARE Security - Outcomes of today's audio with CA regarding Security AT contrib to D2.3 (some work needed) Dear Antonio, Hereafter you will find the comments Juanjo issued on Context-based security & compliance. For me and after a quick check they are still valid since I don't see them addressed (e.g. mismatch in the Table of content that makes this GE description not conformant to the toc suggested and agreed by others, ...). So please check them and address (also let me once addressed) them asap and by EOB tomorrow at the latest following recommendations provided by Juanjo. Hearing from you. Best Regards Pascal 1.2 Context-based security & compliance It seems like the Architecture Description of this GE follows the guidelines provided but there is a mismatch in the table of contents ... The section titled "Main Interactions" looks like it should be titled "Context-based security & compliance architecture" while the sections under "sequence diagrams" within the "Basic Design Principles" section would actually fit better as contents of the "Main Interactions" section. Contents of the remaining of section "Design Principles" look more like the detailed description of data exchanged in some of the interactions described in the sequence diagrams ... however, the relationship is not so explicit because the text in the descriptions of sequence diagrams does not always include a reference to the request/response being issued. I see to alternatives to deal with this editorially: * Add the names of the specific operation request / responses within the sequence diagram descriptions and then endup the "Main Interactions" sections with a subsection titled "Basic Data Structures", elaborating on the detailed description of arguments linked to operation request/responses being referred in the interactions. * Add the names of the specific operation request / responses within the sequence diagram descriptions and enrich then with text describing the data structures linked to those operation request/responses (e.g., " invokes the request passing the , and as arguments") Probably the first option is easier to implement and I would recommend it. The figure on the Architecture should be converted to follow FMC notation. De : Antonio Garcia Vazquez [mailto:antonio.garcia at atosresearch.eu] Envoy? : lundi 5 mars 2012 15:26 ? : BISSON Pascal; Seidl, Robert (NSN - DE/Munich); gabor.marton at nsn.com; norbert.goetze at nsn.com; slim.trabelsi at sap.com; francesco.di.cerbo at sap.com; GASPARD Lucie; Alexandre Boeglin; osb at zurich.ibm.com; anj at zurich.ibm.com; LELEU Philippe; Wolfgang.Steigerwald at telekom.de Cc : GIDOIN Daniel; Pedro Soria Rodriguez; fiware-security at lists.fi-ware.eu Objet : RE: FI-WARE Security - Outcomes of today's audio with CA regarding Security AT contrib to D2.3 (some work needed) Pascal, I've already made some changes following those indications. Can you tell me the points I should still correct. Best Regards ************************************ * Antonio Garc?a-V?zquez * * (+34) 91 214 9384 * * antonio.garcia at atosresearch.eu * ************************************ From: BISSON Pascal [mailto:pascal.bisson at thalesgroup.com] Sent: lunes, 05 de marzo de 2012 15:12 To: Seidl, Robert (NSN - DE/Munich); gabor.marton at nsn.com; norbert.goetze at nsn.com; slim.trabelsi at sap.com; francesco.di.cerbo at sap.com; GASPARD Lucie; Alexandre Boeglin; osb at zurich.ibm.com; anj at zurich.ibm.com; Antonio Garcia Vazquez; Antonio Garcia Vazquez; LELEU Philippe; Wolfgang.Steigerwald at telekom.de Cc: GIDOIN Daniel; BISSON Pascal; Pedro Soria Rodriguez; fiware-security at lists.fi-ware.eu Subject: FI-WARE Security - Outcomes of today's audio with CA regarding Security AT contrib to D2.3 (some work needed) Importance: High Dear Task leads/GE owners, This just to let you know that this morning I had an audio conference with Juanjo were discussed the readiness of our GEs description for publication in the context of D2.3 and according to latest version available on FI-WARE Private wiki (https://forge.fi-ware.eu/plugins/mediawiki/wiki/fi-ware-private/index.php/FiwareDeliverableD2.3) aka the place where we are supposed to upload our GE description from our FI-WARE Security Private Wiki. Here are what we discussed and agreed: * We will proceed with publishing the contents linked to the Security Monitoring GE because despite some additional comments may come after a second review, it's worth publishing the current contents and we can deal with new comments by end of March (but without the pressure of delivery dates) * We will proceed with publishing the contents linked to the Identity Management GE provided that the owner commits to translate the figures to FMC format by end of this week. As with the previous case, despite some additional comments may come after a second review, it's worth publishing the current contents and we can deal with new comments by end of March (but without the pressure of delivery dates) * We will publish the Privacy GE * We won't publish the rest pending on response regarding how the comments initially provided by Juanjo were addressed (please refer here to email I forwarded you from Juanjo - 21 f?vrier 2012 05:07 - on the topic ). Apparently, comments were not addressed for some of the GEs, if not all, and even the history of the Wiki pages reflect that. In order not to delay any longer the publishing of our Security Chapter contrib. to D2.3 I will ask: o Antonio as to check and address Juanjo's comments on Context-based security and compliance comments this no later than by tomorrow EOB, o Same for Slim or Francesco regarding Data Handling GE although after a quick scan I noticed they had already implemented a number of Juanjo's comments. o Slim/Francesco, Alexandre, Philippe/Lucie to do the same for what concerns Optional Security GEs Please Antonio, Slim/Francesco, Alexandre, Philippe/Lucie please acknowledge receipt of this email and confirm you would be addressing comments according the set deadline (i.e. by tomorrow EOB at the latest - hope earlier - let me know once done) to close our work on D2.3 and have our specifications be published also redirect our effort on our Security contrib. to D2.4. Hearing from you, Best Regards, Pascal PS: Don't forget to stick to suggested table of content if not done already and follow instructions provided at https://forge.fi-ware.eu/plugins/mediawiki/wiki/fi-ware-private/index.php/Instructions_on_how_to_develop_FI-WARE_Chapter_Architecture_Descriptions PS2: As announced will call for an audio conference tomorrow. Will provide you with details in a separate email. ------------------------------------------------------------------ This e-mail and the documents attached are confidential and intended solely for the addressee; it may also be privileged. If you receive this e-mail in error, please notify the sender immediately and destroy it. As its integrity cannot be secured on the Internet, the Atos group liability cannot be triggered for the message content. Although the sender endeavours to maintain a computer virus-free network, the sender does not warrant that this transmission is virus-free and will not be liable for any damages resulting from any virus transmitted. Este mensaje y los ficheros adjuntos pueden contener informacion confidencial destinada solamente a la(s) persona(s) mencionadas anteriormente pueden estar protegidos por secreto profesional. Si usted recibe este correo electronico por error, gracias por informar inmediatamente al remitente y destruir el mensaje. Al no estar asegurada la integridad de este mensaje sobre la red, Atos no se hace responsable por su contenido. Su contenido no constituye ningun compromiso para el grupo Atos, salvo ratificacion escrita por ambas partes. Aunque se esfuerza al maximo por mantener su red libre de virus, el emisor no puede garantizar nada al respecto y no sera responsable de cualesquiera danos que puedan resultar de una transmision de virus. ------------------------------------------------------------------ ------------------------------------------------------------------ This e-mail and the documents attached are confidential and intended solely for the addressee; it may also be privileged. If you receive this e-mail in error, please notify the sender immediately and destroy it. As its integrity cannot be secured on the Internet, the Atos group liability cannot be triggered for the message content. Although the sender endeavours to maintain a computer virus-free network, the sender does not warrant that this transmission is virus-free and will not be liable for any damages resulting from any virus transmitted. Este mensaje y los ficheros adjuntos pueden contener informacion confidencial destinada solamente a la(s) persona(s) mencionadas anteriormente pueden estar protegidos por secreto profesional. Si usted recibe este correo electronico por error, gracias por informar inmediatamente al remitente y destruir el mensaje. Al no estar asegurada la integridad de este mensaje sobre la red, Atos no se hace responsable por su contenido. Su contenido no constituye ningun compromiso para el grupo Atos, salvo ratificacion escrita por ambas partes. Aunque se esfuerza al maximo por mantener su red libre de virus, el emisor no puede garantizar nada al respecto y no sera responsable de cualesquiera danos que puedan resultar de una transmision de virus. ------------------------------------------------------------------ -------------- next part -------------- An HTML attachment was scrubbed... URL: From antonio.garcia at atosresearch.eu Tue Mar 6 11:57:38 2012 From: antonio.garcia at atosresearch.eu (Antonio Garcia Vazquez) Date: Tue, 6 Mar 2012 11:57:38 +0100 Subject: [Fiware-security] FI-WARE Security - Outcomes of today's audio with CA regarding Security AT contrib to D2.3 (some work needed) In-Reply-To: <32676_1331023939_4F55D043_32676_458_1_36fa450d-2dbd-4d13-9c31-c94901540c00@THSONEA01HUB01P.one.grp> References: <6529_1330956706_4F54C9A1_6529_10145_3_2d71c9e2-f740-4c0e-9c7a-bed591c93b94@THSONEA01HUB02P.one.grp> <8E18929A6C79354FB4BD9BD4636DCB066AB68D@INTMAIL03.es.int.atosorigin.com> <6529_1330961570_4F54DCA2_6529_13934_1_7040456d-3ea0-4457-a66b-387e072381ed@THSONEA01HUB05P.one.grp> <8E18929A6C79354FB4BD9BD4636DCB066AB86C@INTMAIL03.es.int.atosorigin.com> <32676_1331023939_4F55D043_32676_458_1_36fa450d-2dbd-4d13-9c31-c94901540c00@THSONEA01HUB01P.one.grp> Message-ID: <8E18929A6C79354FB4BD9BD4636DCB066AB98A@INTMAIL03.es.int.atosorigin.com> Pascal, I've already updated the GE description by: 1) Adding a "disclaimer" as is also done in SemanticAnnotation GE that will be also delivered on release two (ref: https://forge.fi-ware.eu/plugins/mediawiki/wiki/fiware/index.php/FIWARE.ArchitectureDescription.Data.SemanticAnnotation) 2) Adding a "Basic Design principles" section: Sorry about this, but I thought it wasn't mandatory as some of the GE specifications already published do not include this section. (ref: https://forge.fi-ware.eu/plugins/mediawiki/wiki/fi-ware-private/index.php/FIWARE.OpenSpecification.Data.PubSub#Main_Interactions an many others) Best Regards. ************************************ * Antonio Garc?a-V?zquez * * (+34) 91 214 9384 * * antonio.garcia at atosresearch.eu * ************************************ From: BISSON Pascal [mailto:pascal.bisson at thalesgroup.com] Sent: martes, 06 de marzo de 2012 9:52 To: Antonio Garcia Vazquez; Seidl, Robert (NSN - DE/Munich); gabor.marton at nsn.com; norbert.goetze at nsn.com; slim.trabelsi at sap.com; francesco.di.cerbo at sap.com; GASPARD Lucie; Alexandre Boeglin; osb at zurich.ibm.com; anj at zurich.ibm.com; LELEU Philippe; Wolfgang.Steigerwald at telekom.de Cc: GIDOIN Daniel; Pedro Soria Rodriguez; fiware-security at lists.fi-ware.eu Subject: RE: FI-WARE Security - Outcomes of today's audio with CA regarding Security AT contrib to D2.3 (some work needed) Dear Antonio, Thanks for your email and report on changes you introduced. The Table of Content which was suggested to follow was the one provided in the instructions available at: https://forge.fi-ware.eu/plugins/mediawiki/wiki/fi-ware-private/index.php/Instructions_on_how_to_develop_FI-WARE_Chapter_Architecture_Descriptions As such and to make you conformant to other descriptions I would suggest you to refer to it and to follow it. Most important in your case would be to add the section which is missing aka section Basic Design principles following Main interactions section. Hope it helps you. Best Regards, Pascal De : Antonio Garcia Vazquez [mailto:antonio.garcia at atosresearch.eu] Envoy? : mardi 6 mars 2012 07:54 ? : BISSON Pascal; Seidl, Robert (NSN - DE/Munich); gabor.marton at nsn.com; norbert.goetze at nsn.com; slim.trabelsi at sap.com; francesco.di.cerbo at sap.com; GASPARD Lucie; Alexandre Boeglin; osb at zurich.ibm.com; anj at zurich.ibm.com; LELEU Philippe; Wolfgang.Steigerwald at telekom.de Cc : GIDOIN Daniel; Pedro Soria Rodriguez; fiware-security at lists.fi-ware.eu Objet : RE: FI-WARE Security - Outcomes of today's audio with CA regarding Security AT contrib to D2.3 (some work needed) Pascal, First of all, please take into account that this GE is planned on 2nd Release, so is not as mature as other GE's and as is been indicated into the "how to" page it is not mandatory to provide description for this GE, nevertheless it is useful to include a description of the chapters already defined. Then I'd like to inform you the work already done after receiving the comments to my first deliverable version (17th Feb.). >From my point of view the changes has been implemented (from 20th till 23th Feb) so I believe that, at this moment, the description provided follows those indications. I'm enclosing a detailed description of this topics, in case you can tell me please where is the mismatch. 1) "The figure on the Architecture should be converted to follow FMC notation" I've updated the diagram as requested. 2) " It seems like the Architecture Description of this GE follows the guidelines provided but there is a mismatch in the table of contents...." - "Main Interactions" has been renamed into Context-based security & compliance architecture as requested - "Design Principles" first option has somehow implemented. Instead of adding the name of the request to the sequence diagram and rename last section into Basic Data Structures I've included the interface description of arguments following the description of each related step on the sequence diagram 3) About current Table of contents: The template provided says that we can take as a reference "The Publish/Subscribe Broker GE" witch has nearly the same main point as "Context-based security & compliance GE": 1.-Overview 2.-Basic Concepts 3.-GE Architecture 4.-Main Iterations 5.-References So I'm renaming "Context-based security & compliance GE" 4 & 4.1 points (4.-Basic Design Principles & 4.1.-Main Interactions) into 4.-Main Iterations On the other hand as References subsection seems not to be necessary I'll try to include it later 4) Detailed description of interface with Market Place: This interface is provided by WP3; a reference is being included 5) Detailed description of internal interfaces with rules repository and monitoring systems: I haven't, at this moment, any deliverable version of these interfaces and will be described by 2nd release as is indicated in their sections. A note clearly indicating the expecting delivery release of the GE could be helpful about this and other related topics. I'm working on it Any way we can discuss these point in our conference at 12:00 Best Regards. ************************************ * Antonio Garc?a-V?zquez * * (+34) 91 214 9384 * * antonio.garcia at atosresearch.eu * ************************************ From: BISSON Pascal [mailto:pascal.bisson at thalesgroup.com] Sent: lunes, 05 de marzo de 2012 16:33 To: Antonio Garcia Vazquez; Seidl, Robert (NSN - DE/Munich); gabor.marton at nsn.com; norbert.goetze at nsn.com; slim.trabelsi at sap.com; francesco.di.cerbo at sap.com; GASPARD Lucie; Alexandre Boeglin; osb at zurich.ibm.com; anj at zurich.ibm.com; LELEU Philippe; Wolfgang.Steigerwald at telekom.de Cc: GIDOIN Daniel; Pedro Soria Rodriguez; fiware-security at lists.fi-ware.eu Subject: RE: FI-WARE Security - Outcomes of today's audio with CA regarding Security AT contrib to D2.3 (some work needed) Dear Antonio, Hereafter you will find the comments Juanjo issued on Context-based security & compliance. For me and after a quick check they are still valid since I don't see them addressed (e.g. mismatch in the Table of content that makes this GE description not conformant to the toc suggested and agreed by others, ...). So please check them and address (also let me once addressed) them asap and by EOB tomorrow at the latest following recommendations provided by Juanjo. Hearing from you. Best Regards Pascal 1.2 Context-based security & compliance It seems like the Architecture Description of this GE follows the guidelines provided but there is a mismatch in the table of contents ... The section titled "Main Interactions" looks like it should be titled "Context-based security & compliance architecture" while the sections under "sequence diagrams" within the "Basic Design Principles" section would actually fit better as contents of the "Main Interactions" section. Contents of the remaining of section "Design Principles" look more like the detailed description of data exchanged in some of the interactions described in the sequence diagrams ... however, the relationship is not so explicit because the text in the descriptions of sequence diagrams does not always include a reference to the request/response being issued. I see to alternatives to deal with this editorially: * Add the names of the specific operation request / responses within the sequence diagram descriptions and then endup the "Main Interactions" sections with a subsection titled "Basic Data Structures", elaborating on the detailed description of arguments linked to operation request/responses being referred in the interactions. * Add the names of the specific operation request / responses within the sequence diagram descriptions and enrich then with text describing the data structures linked to those operation request/responses (e.g., " invokes the request passing the , and as arguments") Probably the first option is easier to implement and I would recommend it. The figure on the Architecture should be converted to follow FMC notation. De : Antonio Garcia Vazquez [mailto:antonio.garcia at atosresearch.eu] Envoy? : lundi 5 mars 2012 15:26 ? : BISSON Pascal; Seidl, Robert (NSN - DE/Munich); gabor.marton at nsn.com ; norbert.goetze at nsn.com ; slim.trabelsi at sap.com ; francesco.di.cerbo at sap.com ; GASPARD Lucie; Alexandre Boeglin; osb at zurich.ibm.com ; anj at zurich.ibm.com ; LELEU Philippe; Wolfgang.Steigerwald at telekom.de Cc : GIDOIN Daniel; Pedro Soria Rodriguez; fiware-security at lists.fi-ware.eu Objet : RE: FI-WARE Security - Outcomes of today's audio with CA regarding Security AT contrib to D2.3 (some work needed) Pascal, I've already made some changes following those indications. Can you tell me the points I should still correct. Best Regards ************************************ * Antonio Garc?a-V?zquez * * (+34) 91 214 9384 * * antonio.garcia at atosresearch.eu * ************************************ From: BISSON Pascal [mailto:pascal.bisson at thalesgroup.com] Sent: lunes, 05 de marzo de 2012 15:12 To: Seidl, Robert (NSN - DE/Munich); gabor.marton at nsn.com ; norbert.goetze at nsn.com ; slim.trabelsi at sap.com ; francesco.di.cerbo at sap.com ; GASPARD Lucie; Alexandre Boeglin; osb at zurich.ibm.com ; anj at zurich.ibm.com ; Antonio Garcia Vazquez; Antonio Garcia Vazquez; LELEU Philippe; Wolfgang.Steigerwald at telekom.de Cc: GIDOIN Daniel; BISSON Pascal; Pedro Soria Rodriguez; fiware-security at lists.fi-ware.eu Subject: FI-WARE Security - Outcomes of today's audio with CA regarding Security AT contrib to D2.3 (some work needed) Importance: High Dear Task leads/GE owners, This just to let you know that this morning I had an audio conference with Juanjo were discussed the readiness of our GEs description for publication in the context of D2.3 and according to latest version available on FI-WARE Private wiki (https://forge.fi-ware.eu/plugins/mediawiki/wiki/fi-ware-private/index.php/FiwareDeliverableD2.3 ) aka the place where we are supposed to upload our GE description from our FI-WARE Security Private Wiki. Here are what we discussed and agreed: * We will proceed with publishing the contents linked to the Security Monitoring GE because despite some additional comments may come after a second review, it's worth publishing the current contents and we can deal with new comments by end of March (but without the pressure of delivery dates) * We will proceed with publishing the contents linked to the Identity Management GE provided that the owner commits to translate the figures to FMC format by end of this week. As with the previous case, despite some additional comments may come after a second review, it's worth publishing the current contents and we can deal with new comments by end of March (but without the pressure of delivery dates) * We will publish the Privacy GE * We won't publish the rest pending on response regarding how the comments initially provided by Juanjo were addressed (please refer here to email I forwarded you from Juanjo - 21 f?vrier 2012 05:07 - on the topic ). Apparently, comments were not addressed for some of the GEs, if not all, and even the history of the Wiki pages reflect that. In order not to delay any longer the publishing of our Security Chapter contrib. to D2.3 I will ask: o Antonio as to check and address Juanjo's comments on Context-based security and compliance comments this no later than by tomorrow EOB, o Same for Slim or Francesco regarding Data Handling GE although after a quick scan I noticed they had already implemented a number of Juanjo's comments. o Slim/Francesco, Alexandre, Philippe/Lucie to do the same for what concerns Optional Security GEs Please Antonio, Slim/Francesco, Alexandre, Philippe/Lucie please acknowledge receipt of this email and confirm you would be addressing comments according the set deadline (i.e. by tomorrow EOB at the latest - hope earlier - let me know once done) to close our work on D2.3 and have our specifications be published also redirect our effort on our Security contrib. to D2.4. Hearing from you, Best Regards, Pascal PS: Don't forget to stick to suggested table of content if not done already and follow instructions provided at https://forge.fi-ware.eu/plugins/mediawiki/wiki/fi-ware-private/index.php/Instructions_on_how_to_develop_FI-WARE_Chapter_Architecture_Descriptions PS2: As announced will call for an audio conference tomorrow. Will provide you with details in a separate email. ------------------------------------------------------------------ This e-mail and the documents attached are confidential and intended solely for the addressee; it may also be privileged. If you receive this e-mail in error, please notify the sender immediately and destroy it. As its integrity cannot be secured on the Internet, the Atos group liability cannot be triggered for the message content. Although the sender endeavours to maintain a computer virus-free network, the sender does not warrant that this transmission is virus-free and will not be liable for any damages resulting from any virus transmitted. Este mensaje y los ficheros adjuntos pueden contener informacion confidencial destinada solamente a la(s) persona(s) mencionadas anteriormente pueden estar protegidos por secreto profesional. Si usted recibe este correo electronico por error, gracias por informar inmediatamente al remitente y destruir el mensaje. Al no estar asegurada la integridad de este mensaje sobre la red, Atos no se hace responsable por su contenido. Su contenido no constituye ningun compromiso para el grupo Atos, salvo ratificacion escrita por ambas partes. Aunque se esfuerza al maximo por mantener su red libre de virus, el emisor no puede garantizar nada al respecto y no sera responsable de cualesquiera danos que puedan resultar de una transmision de virus. ------------------------------------------------------------------ ------------------------------------------------------------------ This e-mail and the documents attached are confidential and intended solely for the addressee; it may also be privileged. If you receive this e-mail in error, please notify the sender immediately and destroy it. As its integrity cannot be secured on the Internet, the Atos group liability cannot be triggered for the message content. Although the sender endeavours to maintain a computer virus-free network, the sender does not warrant that this transmission is virus-free and will not be liable for any damages resulting from any virus transmitted. Este mensaje y los ficheros adjuntos pueden contener informacion confidencial destinada solamente a la(s) persona(s) mencionadas anteriormente pueden estar protegidos por secreto profesional. Si usted recibe este correo electronico por error, gracias por informar inmediatamente al remitente y destruir el mensaje. Al no estar asegurada la integridad de este mensaje sobre la red, Atos no se hace responsable por su contenido. Su contenido no constituye ningun compromiso para el grupo Atos, salvo ratificacion escrita por ambas partes. Aunque se esfuerza al maximo por mantener su red libre de virus, el emisor no puede garantizar nada al respecto y no sera responsable de cualesquiera danos que puedan resultar de una transmision de virus. ------------------------------------------------------------------ -------------- next part -------------- An HTML attachment was scrubbed... URL: From Alexandra.Mikityuk at t-systems.com Tue Mar 6 12:02:26 2012 From: Alexandra.Mikityuk at t-systems.com (Alexandra.Mikityuk at t-systems.com) Date: Tue, 6 Mar 2012 12:02:26 +0100 Subject: [Fiware-security] FI-WARE Security - Outcomes of today's audio with CA regarding Security AT contrib to D2.3 (some work needed) In-Reply-To: <8E18929A6C79354FB4BD9BD4636DCB066AB98A@INTMAIL03.es.int.atosorigin.com> References: <6529_1330956706_4F54C9A1_6529_10145_3_2d71c9e2-f740-4c0e-9c7a-bed591c93b94@THSONEA01HUB02P.one.grp> <8E18929A6C79354FB4BD9BD4636DCB066AB68D@INTMAIL03.es.int.atosorigin.com> <6529_1330961570_4F54DCA2_6529_13934_1_7040456d-3ea0-4457-a66b-387e072381ed@THSONEA01HUB05P.one.grp> <8E18929A6C79354FB4BD9BD4636DCB066AB86C@INTMAIL03.es.int.atosorigin.com> <32676_1331023939_4F55D043_32676_458_1_36fa450d-2dbd-4d13-9c31-c94901540c00@THSONEA01HUB01P.one.grp> <8E18929A6C79354FB4BD9BD4636DCB066AB98A@INTMAIL03.es.int.atosorigin.com> Message-ID: <901586CA8F92D543BFFFD6E1122F5A3602736F23F285@HE101453.emea1.cds.t-internal.com> Dear all, the meeting details for the conference call are as usual? Regards, Alexandra. Von: fiware-security-bounces at lists.fi-ware.eu [mailto:fiware-security-bounces at lists.fi-ware.eu] Im Auftrag von Antonio Garcia Vazquez Gesendet: Dienstag, 6. M?rz 2012 11:58 An: BISSON Pascal; Seidl, Robert (NSN - DE/Munich); gabor.marton at nsn.com; norbert.goetze at nsn.com; slim.trabelsi at sap.com; francesco.di.cerbo at sap.com; GASPARD Lucie; Alexandre Boeglin; osb at zurich.ibm.com; anj at zurich.ibm.com; LELEU Philippe; Steigerwald, Wolfgang Cc: fiware-security at lists.fi-ware.eu Betreff: Re: [Fiware-security] FI-WARE Security - Outcomes of today's audio with CA regarding Security AT contrib to D2.3 (some work needed) Pascal, I've already updated the GE description by: 1) Adding a "disclaimer" as is also done in SemanticAnnotation GE that will be also delivered on release two (ref: https://forge.fi-ware.eu/plugins/mediawiki/wiki/fiware/index.php/FIWARE.ArchitectureDescription.Data.SemanticAnnotation) 2) Adding a "Basic Design principles" section: Sorry about this, but I thought it wasn't mandatory as some of the GE specifications already published do not include this section. (ref: https://forge.fi-ware.eu/plugins/mediawiki/wiki/fi-ware-private/index.php/FIWARE.OpenSpecification.Data.PubSub#Main_Interactions an many others) Best Regards. ************************************ * Antonio Garc?a-V?zquez * * (+34) 91 214 9384 * * antonio.garcia at atosresearch.eu * ************************************ From: BISSON Pascal [mailto:pascal.bisson at thalesgroup.com] Sent: martes, 06 de marzo de 2012 9:52 To: Antonio Garcia Vazquez; Seidl, Robert (NSN - DE/Munich); gabor.marton at nsn.com; norbert.goetze at nsn.com; slim.trabelsi at sap.com; francesco.di.cerbo at sap.com; GASPARD Lucie; Alexandre Boeglin; osb at zurich.ibm.com; anj at zurich.ibm.com; LELEU Philippe; Wolfgang.Steigerwald at telekom.de Cc: GIDOIN Daniel; Pedro Soria Rodriguez; fiware-security at lists.fi-ware.eu Subject: RE: FI-WARE Security - Outcomes of today's audio with CA regarding Security AT contrib to D2.3 (some work needed) Dear Antonio, Thanks for your email and report on changes you introduced. The Table of Content which was suggested to follow was the one provided in the instructions available at: https://forge.fi-ware.eu/plugins/mediawiki/wiki/fi-ware-private/index.php/Instructions_on_how_to_develop_FI-WARE_Chapter_Architecture_Descriptions As such and to make you conformant to other descriptions I would suggest you to refer to it and to follow it. Most important in your case would be to add the section which is missing aka section Basic Design principles following Main interactions section. Hope it helps you. Best Regards, Pascal De : Antonio Garcia Vazquez [mailto:antonio.garcia at atosresearch.eu] Envoy? : mardi 6 mars 2012 07:54 ? : BISSON Pascal; Seidl, Robert (NSN - DE/Munich); gabor.marton at nsn.com; norbert.goetze at nsn.com; slim.trabelsi at sap.com; francesco.di.cerbo at sap.com; GASPARD Lucie; Alexandre Boeglin; osb at zurich.ibm.com; anj at zurich.ibm.com; LELEU Philippe; Wolfgang.Steigerwald at telekom.de Cc : GIDOIN Daniel; Pedro Soria Rodriguez; fiware-security at lists.fi-ware.eu Objet : RE: FI-WARE Security - Outcomes of today's audio with CA regarding Security AT contrib to D2.3 (some work needed) Pascal, First of all, please take into account that this GE is planned on 2nd Release, so is not as mature as other GE's and as is been indicated into the "how to" page it is not mandatory to provide description for this GE, nevertheless it is useful to include a description of the chapters already defined. Then I'd like to inform you the work already done after receiving the comments to my first deliverable version (17th Feb.). >From my point of view the changes has been implemented (from 20th till 23th Feb) so I believe that, at this moment, the description provided follows those indications. I'm enclosing a detailed description of this topics, in case you can tell me please where is the mismatch. 1) "The figure on the Architecture should be converted to follow FMC notation" I've updated the diagram as requested. 2) " It seems like the Architecture Description of this GE follows the guidelines provided but there is a mismatch in the table of contents...." - "Main Interactions" has been renamed into Context-based security & compliance architecture as requested - "Design Principles" first option has somehow implemented. Instead of adding the name of the request to the sequence diagram and rename last section into Basic Data Structures I've included the interface description of arguments following the description of each related step on the sequence diagram 3) About current Table of contents: The template provided says that we can take as a reference "The Publish/Subscribe Broker GE" witch has nearly the same main point as "Context-based security & compliance GE": 1.-Overview 2.-Basic Concepts 3.-GE Architecture 4.-Main Iterations 5.-References So I'm renaming "Context-based security & compliance GE" 4 & 4.1 points (4.-Basic Design Principles & 4.1.-Main Interactions) into 4.-Main Iterations On the other hand as References subsection seems not to be necessary I'll try to include it later 4) Detailed description of interface with Market Place: This interface is provided by WP3; a reference is being included 5) Detailed description of internal interfaces with rules repository and monitoring systems: I haven't, at this moment, any deliverable version of these interfaces and will be described by 2nd release as is indicated in their sections. A note clearly indicating the expecting delivery release of the GE could be helpful about this and other related topics. I'm working on it Any way we can discuss these point in our conference at 12:00 Best Regards. ************************************ * Antonio Garc?a-V?zquez * * (+34) 91 214 9384 * * antonio.garcia at atosresearch.eu * ************************************ From: BISSON Pascal [mailto:pascal.bisson at thalesgroup.com] Sent: lunes, 05 de marzo de 2012 16:33 To: Antonio Garcia Vazquez; Seidl, Robert (NSN - DE/Munich); gabor.marton at nsn.com; norbert.goetze at nsn.com; slim.trabelsi at sap.com; francesco.di.cerbo at sap.com; GASPARD Lucie; Alexandre Boeglin; osb at zurich.ibm.com; anj at zurich.ibm.com; LELEU Philippe; Wolfgang.Steigerwald at telekom.de Cc: GIDOIN Daniel; Pedro Soria Rodriguez; fiware-security at lists.fi-ware.eu Subject: RE: FI-WARE Security - Outcomes of today's audio with CA regarding Security AT contrib to D2.3 (some work needed) Dear Antonio, Hereafter you will find the comments Juanjo issued on Context-based security & compliance. For me and after a quick check they are still valid since I don't see them addressed (e.g. mismatch in the Table of content that makes this GE description not conformant to the toc suggested and agreed by others, ...). So please check them and address (also let me once addressed) them asap and by EOB tomorrow at the latest following recommendations provided by Juanjo. Hearing from you. Best Regards Pascal 1.2 Context-based security & compliance It seems like the Architecture Description of this GE follows the guidelines provided but there is a mismatch in the table of contents ... The section titled "Main Interactions" looks like it should be titled "Context-based security & compliance architecture" while the sections under "sequence diagrams" within the "Basic Design Principles" section would actually fit better as contents of the "Main Interactions" section. Contents of the remaining of section "Design Principles" look more like the detailed description of data exchanged in some of the interactions described in the sequence diagrams ... however, the relationship is not so explicit because the text in the descriptions of sequence diagrams does not always include a reference to the request/response being issued. I see to alternatives to deal with this editorially: ? Add the names of the specific operation request / responses within the sequence diagram descriptions and then endup the "Main Interactions" sections with a subsection titled "Basic Data Structures", elaborating on the detailed description of arguments linked to operation request/responses being referred in the interactions. ? Add the names of the specific operation request / responses within the sequence diagram descriptions and enrich then with text describing the data structures linked to those operation request/responses (e.g., " invokes the request passing the , and as arguments") Probably the first option is easier to implement and I would recommend it. The figure on the Architecture should be converted to follow FMC notation. De : Antonio Garcia Vazquez [mailto:antonio.garcia at atosresearch.eu] Envoy? : lundi 5 mars 2012 15:26 ? : BISSON Pascal; Seidl, Robert (NSN - DE/Munich); gabor.marton at nsn.com; norbert.goetze at nsn.com; slim.trabelsi at sap.com; francesco.di.cerbo at sap.com; GASPARD Lucie; Alexandre Boeglin; osb at zurich.ibm.com; anj at zurich.ibm.com; LELEU Philippe; Wolfgang.Steigerwald at telekom.de Cc : GIDOIN Daniel; Pedro Soria Rodriguez; fiware-security at lists.fi-ware.eu Objet : RE: FI-WARE Security - Outcomes of today's audio with CA regarding Security AT contrib to D2.3 (some work needed) Pascal, I've already made some changes following those indications. Can you tell me the points I should still correct. Best Regards ************************************ * Antonio Garc?a-V?zquez * * (+34) 91 214 9384 * * antonio.garcia at atosresearch.eu * ************************************ From: BISSON Pascal [mailto:pascal.bisson at thalesgroup.com] Sent: lunes, 05 de marzo de 2012 15:12 To: Seidl, Robert (NSN - DE/Munich); gabor.marton at nsn.com; norbert.goetze at nsn.com; slim.trabelsi at sap.com; francesco.di.cerbo at sap.com; GASPARD Lucie; Alexandre Boeglin; osb at zurich.ibm.com; anj at zurich.ibm.com; Antonio Garcia Vazquez; Antonio Garcia Vazquez; LELEU Philippe; Wolfgang.Steigerwald at telekom.de Cc: GIDOIN Daniel; BISSON Pascal; Pedro Soria Rodriguez; fiware-security at lists.fi-ware.eu Subject: FI-WARE Security - Outcomes of today's audio with CA regarding Security AT contrib to D2.3 (some work needed) Importance: High Dear Task leads/GE owners, This just to let you know that this morning I had an audio conference with Juanjo were discussed the readiness of our GEs description for publication in the context of D2.3 and according to latest version available on FI-WARE Private wiki (https://forge.fi-ware.eu/plugins/mediawiki/wiki/fi-ware-private/index.php/FiwareDeliverableD2.3) aka the place where we are supposed to upload our GE description from our FI-WARE Security Private Wiki. Here are what we discussed and agreed: ? We will proceed with publishing the contents linked to the Security Monitoring GE because despite some additional comments may come after a second review, it's worth publishing the current contents and we can deal with new comments by end of March (but without the pressure of delivery dates) ? We will proceed with publishing the contents linked to the Identity Management GE provided that the owner commits to translate the figures to FMC format by end of this week. As with the previous case, despite some additional comments may come after a second review, it's worth publishing the current contents and we can deal with new comments by end of March (but without the pressure of delivery dates) ? We will publish the Privacy GE ? We won't publish the rest pending on response regarding how the comments initially provided by Juanjo were addressed (please refer here to email I forwarded you from Juanjo - 21 f?vrier 2012 05:07 - on the topic ). Apparently, comments were not addressed for some of the GEs, if not all, and even the history of the Wiki pages reflect that. In order not to delay any longer the publishing of our Security Chapter contrib. to D2.3 I will ask: o Antonio as to check and address Juanjo's comments on Context-based security and compliance comments this no later than by tomorrow EOB, o Same for Slim or Francesco regarding Data Handling GE although after a quick scan I noticed they had already implemented a number of Juanjo's comments. o Slim/Francesco, Alexandre, Philippe/Lucie to do the same for what concerns Optional Security GEs Please Antonio, Slim/Francesco, Alexandre, Philippe/Lucie please acknowledge receipt of this email and confirm you would be addressing comments according the set deadline (i.e. by tomorrow EOB at the latest - hope earlier - let me know once done) to close our work on D2.3 and have our specifications be published also redirect our effort on our Security contrib. to D2.4. Hearing from you, Best Regards, Pascal PS: Don't forget to stick to suggested table of content if not done already and follow instructions provided at https://forge.fi-ware.eu/plugins/mediawiki/wiki/fi-ware-private/index.php/Instructions_on_how_to_develop_FI-WARE_Chapter_Architecture_Descriptions PS2: As announced will call for an audio conference tomorrow. Will provide you with details in a separate email. ------------------------------------------------------------------ This e-mail and the documents attached are confidential and intended solely for the addressee; it may also be privileged. If you receive this e-mail in error, please notify the sender immediately and destroy it. As its integrity cannot be secured on the Internet, the Atos group liability cannot be triggered for the message content. Although the sender endeavours to maintain a computer virus-free network, the sender does not warrant that this transmission is virus-free and will not be liable for any damages resulting from any virus transmitted. Este mensaje y los ficheros adjuntos pueden contener informacion confidencial destinada solamente a la(s) persona(s) mencionadas anteriormente pueden estar protegidos por secreto profesional. Si usted recibe este correo electronico por error, gracias por informar inmediatamente al remitente y destruir el mensaje. Al no estar asegurada la integridad de este mensaje sobre la red, Atos no se hace responsable por su contenido. Su contenido no constituye ningun compromiso para el grupo Atos, salvo ratificacion escrita por ambas partes. Aunque se esfuerza al maximo por mantener su red libre de virus, el emisor no puede garantizar nada al respecto y no sera responsable de cualesquiera danos que puedan resultar de una transmision de virus. ------------------------------------------------------------------ ------------------------------------------------------------------ This e-mail and the documents attached are confidential and intended solely for the addressee; it may also be privileged. If you receive this e-mail in error, please notify the sender immediately and destroy it. As its integrity cannot be secured on the Internet, the Atos group liability cannot be triggered for the message content. Although the sender endeavours to maintain a computer virus-free network, the sender does not warrant that this transmission is virus-free and will not be liable for any damages resulting from any virus transmitted. Este mensaje y los ficheros adjuntos pueden contener informacion confidencial destinada solamente a la(s) persona(s) mencionadas anteriormente pueden estar protegidos por secreto profesional. Si usted recibe este correo electronico por error, gracias por informar inmediatamente al remitente y destruir el mensaje. Al no estar asegurada la integridad de este mensaje sobre la red, Atos no se hace responsable por su contenido. Su contenido no constituye ningun compromiso para el grupo Atos, salvo ratificacion escrita por ambas partes. Aunque se esfuerza al maximo por mantener su red libre de virus, el emisor no puede garantizar nada al respecto y no sera responsable de cualesquiera danos que puedan resultar de una transmision de virus. ------------------------------------------------------------------ ------------------------------------------------------------------ This e-mail and the documents attached are confidential and intended solely for the addressee; it may also be privileged. If you receive this e-mail in error, please notify the sender immediately and destroy it. As its integrity cannot be secured on the Internet, the Atos group liability cannot be triggered for the message content. Although the sender endeavours to maintain a computer virus-free network, the sender does not warrant that this transmission is virus-free and will not be liable for any damages resulting from any virus transmitted. Este mensaje y los ficheros adjuntos pueden contener informacion confidencial destinada solamente a la(s) persona(s) mencionadas anteriormente pueden estar protegidos por secreto profesional. Si usted recibe este correo electronico por error, gracias por informar inmediatamente al remitente y destruir el mensaje. Al no estar asegurada la integridad de este mensaje sobre la red, Atos no se hace responsable por su contenido. Su contenido no constituye ningun compromiso para el grupo Atos, salvo ratificacion escrita por ambas partes. Aunque se esfuerza al maximo por mantener su red libre de virus, el emisor no puede garantizar nada al respecto y no sera responsable de cualesquiera danos que puedan resultar de una transmision de virus. ------------------------------------------------------------------ -------------- next part -------------- An HTML attachment was scrubbed... URL: From pascal.bisson at thalesgroup.com Tue Mar 6 15:20:50 2012 From: pascal.bisson at thalesgroup.com (BISSON Pascal) Date: Tue, 6 Mar 2012 15:20:50 +0100 Subject: [Fiware-security] FI-WARE WP8 - Audio-conf of today (12am-1pm) - Short minutes Message-ID: <32676_1331043652_4F561D44_32676_17751_1_442aebc5-b6ed-4683-b1cc-dc660d233b3e@THSONEA01HUB05P.one.grp> Dear All, Find hereafter short minutes of audio conf of today. Participants: Alexandre Boeglin (INRIA) Antonio Garcia Vazquez (ATOS) Slim Trabelsi (SAP) Pascal Bisson & Daniel Gidoin (Thales) Alexandra Mikityuk (DT/t-systems) Non participants: Xavier Aghina (FT-Orange) Robert Seidl, Gabor Marton, Norbet Goetze (NSN) Richard Egan (TRT-UK) Philippe Leleu, Lucie Gaspard (Thales - TAI) Agenda D2.3 D2.4 1. D2.3 closure Remaining comments have been addressed by each of the GE owners. As such it is considered that Security contrib. to D2.3 on FI-WARE Private Wiki is good enough to be published according to deadline set by TID (aka today EOB). 2. D2.4 discussion Contribution to D2.4 has been initiated and can be accessed at https://forge.fi-ware.eu/plugins/mediawiki/wiki/fi-ware-private/index.php/FiwareDeliverableD2.4Security. Action Point: It is demanded to each of the GE owners (NSN+DT/Idm, Privacy /IBM, Data Handling/SAP, Context-based security & compliance/ATOS, Optional Security services SAP+Thales(TAI)+INRIA) to contribute their inputs as requested (see placeholders) the sooner the better and no later than by EOB this Thursday. This is with full support of their team members and asset owners. This also in order to review D2.4 and agree on it (especially commitments taken) at Friday 09/02 audio (10am-12am confirmed). When expressing each of the functionalities offered by GE through successive releases it is demanded to phrase it in way it is not only in-line with what has been announced through previous deliverables (Product Vision, Architecture Specifications - D2.3) but also easy to understand (intelligible) by UC Projects (also appealing in the sense they address useful needs/needs they already expressed through trackers). 3. AP: DT/T-Systems (Alexandra) to send its proposal of content for D2.4 (focus on IdM DT GE). To be discussed at second audio conf with T8.2 lead and other participants. 4. Second audio conference planned this afternoon at 4pm for people who couldn't be on the call at 10am (NSN, FT-orange, ...). Same details as usual to join. 5. Audio conference Friday 09/02 audio (10am-12am) confirmed. BR Pascal -------------- next part -------------- An HTML attachment was scrubbed... URL: From pascal.bisson at thalesgroup.com Tue Mar 6 18:40:20 2012 From: pascal.bisson at thalesgroup.com (BISSON Pascal) Date: Tue, 6 Mar 2012 18:40:20 +0100 Subject: [Fiware-security] FI-WARE - Security - Thales Contact person on RBAC asset Message-ID: <15750_1331055623_4F564C07_15750_1592_1_3b70fe71-5283-4fa3-b41c-ca708045e78a@THSONEA01HUB05P.one.grp> Hi Robert, As direct follow-up of the audio conference we had this afternoon please let me remind you that the contact person to interact with on RBAC Thales asset attached to Task 8.2 and that you are leading is Benoit Bruy?re (benoit.bruyere at thalesgroup.com) in cc of this email. Please interact with him with respect to D2.4a reporting we are working on as well as any T8.2 discussion you may have in the future. Best Regards, Pascal -------------- next part -------------- An HTML attachment was scrubbed... URL: From pascal.bisson at thalesgroup.com Tue Mar 6 19:06:11 2012 From: pascal.bisson at thalesgroup.com (BISSON Pascal) Date: Tue, 6 Mar 2012 19:06:11 +0100 Subject: [Fiware-security] FI-WARE Security - Minutes of today's audios. Message-ID: <9704_1331057173_4F565215_9704_5669_1_CBBCD6C304123F4AB23FAAE3055C8C0E020645DCC484@THSONEA01CMS04P.one.grp> Available there under the format expected. https://forge.fi-ware.eu/docman/view.php/19/869/FI-WARE_WP8_Minutes_06-03-12.doc. FYI and check. Regards, Pascal -------------- next part -------------- An HTML attachment was scrubbed... URL: From pascal.bisson at thalesgroup.com Thu Mar 8 14:33:23 2012 From: pascal.bisson at thalesgroup.com (BISSON Pascal) Date: Thu, 8 Mar 2012 14:33:23 +0100 Subject: [Fiware-security] TR: FI-WARE Security Chapter contrib. ready for publication Message-ID: <8301_1331213606_4F58B526_8301_12875_1_33418a1b-ef71-4aab-99bb-a88383f49fb0@THSONEA01HUB03P.one.grp> Dear GE Task leads/GE owners, I'm forwarding you this email with the green light from Juanjo to publish the following GEs ? FIWARE.OpenSpecification.Security.Security Monitoring (Thales/Daniel to publish) * FIWARE.OpenSpecification.Security.Context-based security & compliance (ATOS/Antonio to publish) * FIWARE.OpenSpecification.Security.Identity Management Generic Enabler (NSN/Robert to publish) * FIWARE.OpenSpecification.Security.Privacy Generic Enabler (IBM/Anja to publish) * FIWARE.OpenSpecification.Security.Data Handling Generic Enabler (SAP/Slim or Francesco to publish) Counting on each of you as GE owner to have them published following the guidelines/instructions provided to upload documents on the public Wiki: https://forge.fi-ware.eu/plugins/mediawiki/wiki/fi-ware-private/index.php/Instructions_on_how_to_publish_contents_in_the_FI-WARE_public_wiki Regarding Optional GEs please notice that we don't have yet received the green light from Juanjo. Difficult for me to figure why despite what Juanjo says in his email. I propose to have this further analysed/discussed with you and especially SAP leading this work at tomorrow's audio. Counting on you to have the contents agreed uploaded on the public wiki by tomorrow and prior to our audio conference (planned at 10am). Best Regards, Pascal De : Juanjo Hierro [mailto:jhierro at tid.es] Envoy? : jeudi 8 mars 2012 10:54 ? : BISSON Pascal Cc : GIDOIN Daniel; jhierro >> "Juan J. Hierro" Objet : Re: FI-WARE Security Chapter contrib. ready for publication Hi Pascal, Please upload the following contents to the dedicated space linked to the Security Architecture Description on the public Wiki of FI-WARE: * FIWARE.OpenSpecification.Security.Security Monitoring * FIWARE.OpenSpecification.Security.Context-based security & compliance * FIWARE.OpenSpecification.Security.Identity Management Generic Enabler * FIWARE.OpenSpecification.Security.Privacy Generic Enabler * FIWARE.OpenSpecification.Security.Data Handling Generic Enabler I REMIND YOU that you should read the guidelines you should follow when uploading the documents on the public Wiki: https://forge.fi-ware.eu/plugins/mediawiki/wiki/fi-ware-private/index.php/Instructions_on_how_to_publish_contents_in_the_FI-WARE_public_wiki As an example, the sections above should not include "OpenSpecification" in their title but "ArchitectureDescription", for example. I took the liberty of changing a bit the structure of the section dealing with Identity Management. I remind you that you committed to update the figures to adapt to FMC format by end of this week. Regarding the optional Security GEs, I believe that description is a bit poor and, furthermore, there are some ingredients there I would like to carefully analyze, in particular usage of SOAP. As this optional GEs are not something truly required in the first FI-WARE Release, I believe we do not need to include a description of them in the current FI-WARE Architecture Deliverable. There may be some comments that may come to you during March, but we will plan the necessary updates they will imply in due course. Cheers, -- Juanjo ------------- Product Development and Innovation (PDI) - Telefonica Digital website: www.tid.es email: jhierro at tid.es twitter: twitter.com/JuanjoHierro FI-WARE (European Future Internet Core Platform) Chief Architect You can follow FI-WARE at: website: http://www.fi-ware.eu facebook: http://www.facebook.com/pages/FI-WARE/251366491587242 twitter: http://twitter.com/FIware linkedIn: http://www.linkedin.com/groups/FIWARE-4239932 On 06/03/12 18:50, BISSON Pascal wrote: Hi Juanjo, As promised, this just to inform you that Security chapter contrib. to D2.3 on FI-WARE Private wiki is now complete and so ready to be published. Hope we can share and agree. Best Regards, Pascal ________________________________ Este mensaje se dirige exclusivamente a su destinatario. Puede consultar nuestra pol?tica de env?o y recepci?n de correo electr?nico en el enlace situado m?s abajo. This message is intended exclusively for its addressee. We only send and receive email on the basis of the terms set out at http://www.tid.es/ES/PAGINAS/disclaimer.aspx -------------- next part -------------- An HTML attachment was scrubbed... URL: From xavier.aghina at orange.com Fri Mar 9 08:55:57 2012 From: xavier.aghina at orange.com (xavier.aghina at orange.com) Date: Fri, 9 Mar 2012 08:55:57 +0100 Subject: [Fiware-security] Audio Conf 10am Message-ID: Hello, I'm on a mission all day and could not therefore participate in our meeting this morning, I would sync with DG next Monday, if you have specific questions you can contact me by mail. Good phone call. Xavier Aghina FT/OLNC/RD/MAPS/STT/NDS Ing?nieur de Recherche en S?curit? t?l. 01 45 29 81 59 xavier.aghina at orange.com -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: image001.gif Type: image/gif Size: 1264 bytes Desc: image001.gif URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: image002.gif Type: image/gif Size: 1081 bytes Desc: image002.gif URL: From pascal.bisson at thalesgroup.com Fri Mar 9 09:26:09 2012 From: pascal.bisson at thalesgroup.com (BISSON Pascal) Date: Fri, 9 Mar 2012 09:26:09 +0100 Subject: [Fiware-security] Audio Conf 10am In-Reply-To: References: Message-ID: <4671_1331281572_4F59BEA4_4671_62_1_40a22890-853f-42bc-b087-edc5e8f7a6d1@THSONEA01HUB03P.one.grp> Dear Xavier, There are a number of pending issues from your side on which we need your input (see previous minutes and emails which were sent to you by me and especially Daniel leading T8.1 where you are participant). As already told it is important for you to take necessary steps to attend or find a replacement from your side to have FT-Orange since so far partner in WP8 be represented at our regular audio-conference. Even more it's very short notice to inform me and the rest of the team that you would not be there at today's audio. I remember you that today's audio was important since the place where we will discuss release of our work to D2.3 and agree on commitments to be taken by us (meaning the whole team but also each of us) regarding the FI-WARE releases (D2.4). I'm counting on you to got my shared concern and take necessary steps to address it the way it should be to increase your participation to our audios and joint work engaged with the rest of the team. Btw and since I requested dates for a meeting between Thales as WP8 lead and FT-Orange to discuss the situation do you have dates to propose as it becomes quite urgent facing the situation we are facing and in view of the PCC audio conf approaching. Hearing from you on the dates you can propose to me and Daniel for that. Hearing from you and counting on you. Best Regards, Pascal De : fiware-security-bounces at lists.fi-ware.eu [mailto:fiware-security-bounces at lists.fi-ware.eu] De la part de xavier.aghina at orange.com Envoy? : vendredi 9 mars 2012 08:56 ? : fiware-security at lists.fi-ware.eu Objet : [Fiware-security] Audio Conf 10am Hello, I'm on a mission all day and could not therefore participate in our meeting this morning, I would sync with DG next Monday, if you have specific questions you can contact me by mail. Good phone call. [cid:image001.gif at 01CCFDD4.C1153B70] Xavier Aghina FT/OLNC/RD/MAPS/STT/NDS Ing?nieur de Recherche en S?curit? t?l. 01 45 29 81 59 xavier.aghina at orange.com [cid:image002.gif at 01CCFDD4.C1153B70] -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: image001.gif Type: image/gif Size: 1264 bytes Desc: image001.gif URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: image002.gif Type: image/gif Size: 1081 bytes Desc: image002.gif URL: From pascal.bisson at thalesgroup.com Fri Mar 9 13:58:04 2012 From: pascal.bisson at thalesgroup.com (BISSON Pascal) Date: Fri, 9 Mar 2012 13:58:04 +0100 Subject: [Fiware-security] WP8 - Minutes of today's audio conference Message-ID: <32140_1331297887_4F59FE5F_32140_2159_1_5ce0be94-226f-4c6b-89ec-b1ee70b408b7@THSONEA01HUB05P.one.grp> Available herafter : https://forge.fi-ware.eu/docman/view.php/19/872/FI-WARE_WP8_Minutes_09-03-12.doc BR Pascal -------------- next part -------------- An HTML attachment was scrubbed... URL: From antonio.garcia at atosresearch.eu Fri Mar 9 14:32:27 2012 From: antonio.garcia at atosresearch.eu (Antonio Garcia Vazquez) Date: Fri, 9 Mar 2012 14:32:27 +0100 Subject: [Fiware-security] FI-WARE security D2.4 deliverable Message-ID: <8E18929A6C79354FB4BD9BD4636DCB066AC4D0@INTMAIL03.es.int.atosorigin.com> Pascal, I've already updated D2.4 wiki page by including: - New version of Context-based security & compliance GE features to be delivered on releases 2 & Future - Details for a "Cross-border Authentication GE" to be delivered on future version. Best Regards ************************************ * Antonio Garc?a-V?zquez * * (+34) 91 214 9384 * * antonio.garcia at atosresearch.eu * ************************************ ------------------------------------------------------------------ This e-mail and the documents attached are confidential and intended solely for the addressee; it may also be privileged. If you receive this e-mail in error, please notify the sender immediately and destroy it. As its integrity cannot be secured on the Internet, the Atos group liability cannot be triggered for the message content. Although the sender endeavours to maintain a computer virus-free network, the sender does not warrant that this transmission is virus-free and will not be liable for any damages resulting from any virus transmitted. Este mensaje y los ficheros adjuntos pueden contener informacion confidencial destinada solamente a la(s) persona(s) mencionadas anteriormente pueden estar protegidos por secreto profesional. Si usted recibe este correo electronico por error, gracias por informar inmediatamente al remitente y destruir el mensaje. Al no estar asegurada la integridad de este mensaje sobre la red, Atos no se hace responsable por su contenido. Su contenido no constituye ningun compromiso para el grupo Atos, salvo ratificacion escrita por ambas partes. Aunque se esfuerza al maximo por mantener su red libre de virus, el emisor no puede garantizar nada al respecto y no sera responsable de cualesquiera danos que puedan resultar de una transmision de virus. ------------------------------------------------------------------ -------------- next part -------------- An HTML attachment was scrubbed... URL: From alexandre.boeglin at inria.fr Fri Mar 9 18:43:00 2012 From: alexandre.boeglin at inria.fr (Alexandre Boeglin) Date: Fri, 9 Mar 2012 18:43:00 +0100 Subject: [Fiware-security] WP8 - Minutes of today's audio conference In-Reply-To: <32140_1331297887_4F59FE5F_32140_2159_1_5ce0be94-226f-4c6b-89ec-b1ee70b408b7@THSONEA01HUB05P.one.grp> References: <32140_1331297887_4F59FE5F_32140_2159_1_5ce0be94-226f-4c6b-89ec-b1ee70b408b7@THSONEA01HUB05P.one.grp> Message-ID: <20120309174300.GB22152@inria.fr> Hello, I think I'm done editing our features, I merged them back in the existing T8.4 sections and tried to make them easier to understand. Also, after discussing with the person in charge of the Ovalyzer asset, he told me that he would feel safer with a M33 delivery, instead of M24, so I kept it in "Future Releases". I also forwarded the Morphus D2.3 changes we discussed during the meeting to Fabrice, who should update the document accordingly, and then submit it to the public wiki. Just let me know if more input is required from us. Best regards, Alex Le vendredi 09 mars 2012 ? 13:58, BISSON Pascal a ?crit: > Available herafter : > > https://forge.fi-ware.eu/docman/view.php/19/872/FI-WARE_WP8_Minutes_09-03-12.doc > > > BR > Pascal -- Alexandre Boeglin ?quipe-Projet Madynes INRIA -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/x-pkcs7-signature Size: 3058 bytes Desc: not available URL: From pascal.bisson at thalesgroup.com Mon Mar 12 12:15:38 2012 From: pascal.bisson at thalesgroup.com (BISSON Pascal) Date: Mon, 12 Mar 2012 12:15:38 +0100 Subject: [Fiware-security] FI-WARE Security - Important message to T8.4 Lead to align D2.4 to D2.3 Message-ID: <17295_1331550944_4F5DDAE0_17295_16516_1_d70611a4-e0e5-4481-a2ea-effcd3788ec3@THSONEA01HUB03P.one.grp> Dear Slim, Dear Francesco, I'm now in the process of putting things back into perspective aka D2.4 back into perspective of D2.3. When looking at what is said for what concerns Optional Security Services in 2.3. (check http://forge.fi-ware.eu/plugins/mediawiki/wiki/fiware/index.php/FIWARE.ArchitectureDescription.Security.Optional_Security_Enablers) We added a text (on which I agree) that says: "The descriptions enclosed here are still under development, and services listed here will likely not be planned for the first release but future releases of FI-WARE. Nevertheless, these descriptions are provided in order to give more visibility of our plans and capture early feedback from potential users." And here I found only DB Anonymizer and Morphus (so not SSS) . Please check if you want to add SSS architecture description as well or not. For me being said it has been produced as well it could be added. In case you would see something missing preventing it to be added please contact Philippe and/or Lucie to sort this out. NOW and in scope of D2.4 (Technology roadmap) we should align with what says D2.3. As such I DO THINK WE SHOULD MOVE OPTIONAL SECURITY SERVICES FUNCTIONALITIES FROM FIRST RELEASE TO THE SECOND RELEASE INSTEAD. This to align with D2.3 but also put us on the safe side (only MUST or SHOULD functionalities should go into First Release). Being said this roadmap would be communicated to the Use Case projects they could also react to us saying that some of the announced functionalities for second release would be nice to have before. And here we could react to their demand and have them answered the way we think is appropriate. Please let me know if we can agree with me on this (my hope) and if so I would ask you to implement things the way it has been prescribed (i.e. move Optional security services announced from release 1 to release 2). [The only alternative I can see would be to publish only (aka DB Anonymizer since a priori supported by one of the UC projects) but still I prefer the first solution that would also offer the advantage to OUTSMART project and other UC Projects to call for optional security services announced in Release 2] Hearing from you asap being said this has to be addressed by EOB today. Best regards, Pascal -------------- next part -------------- An HTML attachment was scrubbed... URL: From slim.trabelsi at sap.com Mon Mar 12 14:01:56 2012 From: slim.trabelsi at sap.com (TRABELSI, Slim) Date: Mon, 12 Mar 2012 14:01:56 +0100 Subject: [Fiware-security] FI-WARE Security - Important message to T8.4 Lead to align D2.4 to D2.3 In-Reply-To: <17295_1331550944_4F5DDAE0_17295_16516_1_d70611a4-e0e5-4481-a2ea-effcd3788ec3@THSONEA01HUB03P.one.grp> References: <17295_1331550944_4F5DDAE0_17295_16516_1_d70611a4-e0e5-4481-a2ea-effcd3788ec3@THSONEA01HUB03P.one.grp> Message-ID: Hi Pascal, On Friday we contacted Philippe de ask him to modify their contribution in order to make it compatible with the format imposed by Juanjo, as soon as it is done we will move it to the deliverable .. They didn't make any modification yet .. should we put it anyway ? Thank you Best Slim ===================================== Dr Slim Trabelsi Senior Researcher Security & Trust SAP Labs France 805, Av du Docteur Maurice Donat 06250 Mougins, France T +33 4 92 28 63 45 M +33 6 11 99 85 79 www.sap.com From: BISSON Pascal [mailto:pascal.bisson at thalesgroup.com] Sent: lundi 12 mars 2012 12:16 To: TRABELSI, Slim; DI CERBO, Francesco Cc: BISSON Pascal; GIDOIN Daniel; fiware-security at lists.fi-ware.eu Subject: FI-WARE Security - Important message to T8.4 Lead to align D2.4 to D2.3 Dear Slim, Dear Francesco, I'm now in the process of putting things back into perspective aka D2.4 back into perspective of D2.3. When looking at what is said for what concerns Optional Security Services in 2.3. (check http://forge.fi-ware.eu/plugins/mediawiki/wiki/fiware/index.php/FIWARE.ArchitectureDescription.Security.Optional_Security_Enablers) We added a text (on which I agree) that says: "The descriptions enclosed here are still under development, and services listed here will likely not be planned for the first release but future releases of FI-WARE. Nevertheless, these descriptions are provided in order to give more visibility of our plans and capture early feedback from potential users." And here I found only DB Anonymizer and Morphus (so not SSS) . Please check if you want to add SSS architecture description as well or not. For me being said it has been produced as well it could be added. In case you would see something missing preventing it to be added please contact Philippe and/or Lucie to sort this out. NOW and in scope of D2.4 (Technology roadmap) we should align with what says D2.3. As such I DO THINK WE SHOULD MOVE OPTIONAL SECURITY SERVICES FUNCTIONALITIES FROM FIRST RELEASE TO THE SECOND RELEASE INSTEAD. This to align with D2.3 but also put us on the safe side (only MUST or SHOULD functionalities should go into First Release). Being said this roadmap would be communicated to the Use Case projects they could also react to us saying that some of the announced functionalities for second release would be nice to have before. And here we could react to their demand and have them answered the way we think is appropriate. Please let me know if we can agree with me on this (my hope) and if so I would ask you to implement things the way it has been prescribed (i.e. move Optional security services announced from release 1 to release 2). [The only alternative I can see would be to publish only (aka DB Anonymizer since a priori supported by one of the UC projects) but still I prefer the first solution that would also offer the advantage to OUTSMART project and other UC Projects to call for optional security services announced in Release 2] Hearing from you asap being said this has to be addressed by EOB today. Best regards, Pascal -------------- next part -------------- An HTML attachment was scrubbed... URL: From francesco.di.cerbo at sap.com Mon Mar 12 18:03:27 2012 From: francesco.di.cerbo at sap.com (DI CERBO, Francesco) Date: Mon, 12 Mar 2012 18:03:27 +0100 Subject: [Fiware-security] FIA Book submitted article Message-ID: <71C0C7C7A712EE4CA636EDFD663B4E270399F915F6@DEWDFECCR09.wdf.sap.corp> Dear WP8, Please find the attached draft of a paper submitted for inclusion in FIA Book 2012 Best regards Francesco ___ Francesco Di Cerbo, PhD SAP Labs France 805, avenue Maurice Donat Font de l'Orme BP 1216 06250 Mougins Cedex France Tel. +33 4 92 28 64 45 e-mail: Francesco.Di.Cerbo at sap.com -------------- next part -------------- A non-text attachment was scrubbed... Name: fiabook2012.pdf Type: application/pdf Size: 244042 bytes Desc: fiabook2012.pdf URL: From antonio.garcia at atosresearch.eu Mon Mar 12 18:58:09 2012 From: antonio.garcia at atosresearch.eu (Antonio Garcia Vazquez) Date: Mon, 12 Mar 2012 18:58:09 +0100 Subject: [Fiware-security] FI-WARE Security-Road Map: D2.4 contrib. Message-ID: <8E18929A6C79354FB4BD9BD4636DCB0670835E@INTMAIL03.es.int.atosorigin.com> Hello, I've just uploaded the last changes for Context-based security and compliance GE into D2.4 wiki. I've also notice that this morning, before my changes, the following sections has been duplicated: - Introduction - First release - Future releases Early this afternoon "Future releases" duplication has been corrected and I've done my best to correct the situation on the others, keeping all changes, Anyway I'd advise editors to check it, mainly those who have made any changes today (Daniel, Gidoin, Xavier Aghina and Richard Egan) Best Regards ************************************ * Antonio Garc?a-V?zquez * * (+34) 91 214 9384 * * antonio.garcia at atosresearch.eu * ************************************ ------------------------------------------------------------------ This e-mail and the documents attached are confidential and intended solely for the addressee; it may also be privileged. If you receive this e-mail in error, please notify the sender immediately and destroy it. As its integrity cannot be secured on the Internet, the Atos group liability cannot be triggered for the message content. Although the sender endeavours to maintain a computer virus-free network, the sender does not warrant that this transmission is virus-free and will not be liable for any damages resulting from any virus transmitted. Este mensaje y los ficheros adjuntos pueden contener informacion confidencial destinada solamente a la(s) persona(s) mencionadas anteriormente pueden estar protegidos por secreto profesional. Si usted recibe este correo electronico por error, gracias por informar inmediatamente al remitente y destruir el mensaje. Al no estar asegurada la integridad de este mensaje sobre la red, Atos no se hace responsable por su contenido. Su contenido no constituye ningun compromiso para el grupo Atos, salvo ratificacion escrita por ambas partes. Aunque se esfuerza al maximo por mantener su red libre de virus, el emisor no puede garantizar nada al respecto y no sera responsable de cualesquiera danos que puedan resultar de una transmision de virus. ------------------------------------------------------------------ -------------- next part -------------- An HTML attachment was scrubbed... URL: From Richard.Egan at uk.thalesgroup.com Mon Mar 12 19:04:31 2012 From: Richard.Egan at uk.thalesgroup.com (Egan, Richard) Date: Mon, 12 Mar 2012 18:04:31 -0000 Subject: [Fiware-security] FI-WARE Security-Road Map: D2.4 contrib. Message-ID: Antonio, my changes today seem to have survived Richard _____ From: fiware-security-bounces at lists.fi-ware.eu [mailto:fiware-security-bounces at lists.fi-ware.eu] On Behalf Of Antonio Garcia Vazquez Sent: 12 March 2012 17:58 To: pascal.bisson at thalesgroup.com; daniel.gidoin at thalesgroup.com Cc: fiware-security at lists.fi-ware.eu Subject: [Fiware-security] FI-WARE Security-Road Map: D2.4 contrib. Hello, I've just uploaded the last changes for Context-based security and compliance GE into D2.4 wiki. I've also notice that this morning, before my changes, the following sections has been duplicated: - Introduction - First release - Future releases Early this afternoon "Future releases" duplication has been corrected and I've done my best to correct the situation on the others, keeping all changes, Anyway I'd advise editors to check it, mainly those who have made any changes today (Daniel, Gidoin, Xavier Aghina and Richard Egan) Best Regards ************************************ * Antonio Garc?a-V?zquez * * (+34) 91 214 9384 * * antonio.garcia at atosresearch.eu * ************************************ ------------------------------------------------------------------ This e-mail and the documents attached are confidential and intended solely for the addressee; it may also be privileged. If you receive this e-mail in error, please notify the sender immediately and destroy it. As its integrity cannot be secured on the Internet, the Atos group liability cannot be triggered for the message content. Although the sender endeavours to maintain a computer virus-free network, the sender does not warrant that this transmission is virus-free and will not be liable for any damages resulting from any virus transmitted. Este mensaje y los ficheros adjuntos pueden contener informacion confidencial destinada solamente a la(s) persona(s) mencionadas anteriormente pueden estar protegidos por secreto profesional. Si usted recibe este correo electronico por error, gracias por informar inmediatamente al remitente y destruir el mensaje. Al no estar asegurada la integridad de este mensaje sobre la red, Atos no se hace responsable por su contenido. Su contenido no constituye ningun compromiso para el grupo Atos, salvo ratificacion escrita por ambas partes. Aunque se esfuerza al maximo por mantener su red libre de virus, el emisor no puede garantizar nada al respecto y no sera responsable de cualesquiera danos que puedan resultar de una transmision de virus. ------------------------------------------------------------------ Please consider the environment before printing a hard copy of this e-mail. The information contained in this e-mail is confidential. It is intended only for the stated addressee(s) and access to it by any other person is unauthorised. If you are not an addressee, you must not disclose, copy, circulate or in any other way use or rely on the information contained in this e-mail. Such unauthorised use may be unlawful. If you have received this e-mail in error, please inform us immediately on +44 (0)118 986 8601 and delete it and all copies from your system. Thales Research and Technology (UK) Limited. A company registered in England and Wales. Registered Office: 2 Dashwood Lang Road, The Bourne Business Park, Addlestone, Weybridge, Surrey KT15 2NX. Registered Number: 774298 Thales UK Limited. A company registered in England and Wales. Registered Office: 2 Dashwood Lang Road, The Bourne Business Park, Addlestone, Weybridge, Surrey KT15 2NX. Registered Number: 868273 -------------- next part -------------- An HTML attachment was scrubbed... URL: From pascal.bisson at thalesgroup.com Tue Mar 13 08:54:49 2012 From: pascal.bisson at thalesgroup.com (BISSON Pascal) Date: Tue, 13 Mar 2012 08:54:49 +0100 Subject: [Fiware-security] FIA Book submitted article In-Reply-To: <71C0C7C7A712EE4CA636EDFD663B4E270399F915F6@DEWDFECCR09.wdf.sap.corp> References: <71C0C7C7A712EE4CA636EDFD663B4E270399F915F6@DEWDFECCR09.wdf.sap.corp> Message-ID: <15295_1331625289_4F5EFD49_15295_12662_1_CBBCD6C304123F4AB23FAAE3055C8C0E020645F04CCA@THSONEA01CMS04P.one.grp> Excellent Many thanks Francesco for sharing with us. Regards, Pascal -----Message d'origine----- De?: fiware-security-bounces at lists.fi-ware.eu [mailto:fiware-security-bounces at lists.fi-ware.eu] De la part de DI CERBO, Francesco Envoy??: lundi 12 mars 2012 18:03 ??: fiware-security at lists.fi-ware.eu Objet?: [Fiware-security] FIA Book submitted article Dear WP8, Please find the attached draft of a paper submitted for inclusion in FIA Book 2012 Best regards Francesco ___ Francesco Di Cerbo, PhD SAP Labs France 805, avenue Maurice Donat Font de l'Orme BP 1216 06250 Mougins Cedex France Tel. +33 4 92 28 64 45 e-mail: Francesco.Di.Cerbo at sap.com From pascal.bisson at thalesgroup.com Wed Mar 14 14:34:42 2012 From: pascal.bisson at thalesgroup.com (BISSON Pascal) Date: Wed, 14 Mar 2012 14:34:42 +0100 Subject: [Fiware-security] FI-WARE Security - Agenda for weekly audio conf on Friday (March 16th; 10am-12am) Message-ID: <9407_1331732085_4F609E75_9407_4642_1_77d6b5ac-509e-43e7-8094-476cf67e86d1@THSONEA01HUB06P.one.grp> Dear Agenda, Here is the Agenda for our next WP8 follow up audio conf: 1. Report on deliverables status o D2.3 but more specifically D2.4 o ... 2. Sprint of March o Each Task lead or GE owners to state their plans for March Sprint (to be reviewed and agreed) NB: Bear in mind this Sprint should already include activities dealing with actual software development around GEs. 3. Report on progress with respect to handling the tickets issued on the tracker (focus on UC tickets) o Prior to our audio I would ask each of the Task leads to review progress on tickets in scope of their task and report . 4. Discussion on WP8 deliverables due M12 o Content & layout (TID guidance expected to come at some point but we can't wait so let's start) o Try to come with proposal we could discuss and promote 5. Plenary Meeting o (confirmed: April 2nd & 3rd in Palaiseau) o We will start discussing how we see it organized (focus would be on M12 deliverables review of achievements and organization of the remaining work, also M15 deliverables) 6. Report on events to come o CSP (Pascal and colleagues) o . ? 7. Other topics you may want to discuss (please propose some) -------------- next part -------------- An HTML attachment was scrubbed... URL: From robert.seidl at nsn.com Thu Mar 15 11:55:45 2012 From: robert.seidl at nsn.com (Seidl, Robert (NSN - DE/Munich)) Date: Thu, 15 Mar 2012 11:55:45 +0100 Subject: [Fiware-security] FI-WARE Task8.2 meeting Message-ID: <9739B018F0466A4CAB10A9DABBEBF5A68A31BF@DEMUEXC027.nsn-intra.net> Hi Pascal, as an outcome of today's T8.2 telco please find here some points we would like to address during our WP8 telco on Friday: * Partner contributions o So far we did not get any response from Orange/FT with regard to T8.2 contribution o What is the status of RBAC contribution from Thales UK? * Interworking with use case projects and other FI-WARE WP's o So far there was no response on the requests you sent out to other FI-WARE WP's. How do we progress here? o Sometime ago we summarized in an Excel table the known requests from UC projects and other FI-WARE WP's. We think this was a good approach. What is the status here and how do we proceed here? * Sample / reference application / WP10 o What is the status of WP10? o What will they provide? o Do they provide kind of sample applications to test our enablers? Do we have to do this by our own (Slim did it already)? * Contributions to WP's where partners have no allocation of person months o E.g. IBM has no effort in WP2 and WP11, but there are requests for contributions. How to solve this? Greetings Robert -------------- next part -------------- An HTML attachment was scrubbed... URL: From pascal.bisson at thalesgroup.com Thu Mar 15 12:49:55 2012 From: pascal.bisson at thalesgroup.com (BISSON Pascal) Date: Thu, 15 Mar 2012 12:49:55 +0100 Subject: [Fiware-security] FI-WARE Task8.2 meeting In-Reply-To: <9739B018F0466A4CAB10A9DABBEBF5A68A31BF@DEMUEXC027.nsn-intra.net> References: <9739B018F0466A4CAB10A9DABBEBF5A68A31BF@DEMUEXC027.nsn-intra.net> Message-ID: <10782_1331812195_4F61D763_10782_11074_1_76a0926a-b089-4407-bd39-b5312594ba20@THSONEA01HUB06P.one.grp> Hi Robert, See below my (best) answer to your questions. Regards, Pascal De : Seidl, Robert (NSN - DE/Munich) [mailto:robert.seidl at nsn.com] Envoy? : jeudi 15 mars 2012 11:56 ? : BISSON Pascal Cc : fiware-security at lists.fi-ware.eu Objet : FI-WARE Task8.2 meeting Hi Pascal, as an outcome of today's T8.2 telco please find here some points we would like to address during our WP8 telco on Friday: * Partner contributions ? So far we did not get any response from Orange/FT with regard to T8.2 contribution In that case I would suggest to give Xavier Aghina a call (00 33 1 42 29 81 59). At least this what we did with Daniel to get feedback from FT-Orange on urgent questions we had in the context of D2.4. And it has worked ... As for the rest i have an action to meet FT-Orange to discussion situation faced and improve it. ? What is the status of RBAC contribution from Thales UK? As previously stated RBAC asset is owned by Thales services and so not TRT-UK. Contact is there Benoit Bruy?re (in cc) but you can keep me and Daniel in cc of your correspondence for the sake of awareness. * Interworking with use case projects and other FI-WARE WP's ? So far there was no response on the requests you sent out to other FI-WARE WP's. How do we progress here? That's true and this despite me reviving this demand through WPL/WPA. Do think here WPL where too busy shaping their due contributions to due deliverables (M9 D2.3, D2.4, ...). But here you can count on me to have it revived once more (will address this at next follow-up audio with Juanjo for him to put additional pressure) ? Sometime ago we summarized in an Excel table the known requests from UC projects and other FI-WARE WP's. We think this was a good approach. What is the status here and how do we proceed here? The excel table was my initiative. I'm pleased to hear you saw it has a good one. In the meantime it was set before the tracker was put in place and as such now we should first and foremost rely on the tracker and what it says. That's also why I asked each of the Task lead to keep an eye and report on progress achieved on tickets attached to their GEs (and assign to members of their team). For me this the way we can best proceed with the tracker. * Sample / reference application / WP10 ? What is the status of WP10? Available at https://forge.fi-ware.eu/plugins/mediawiki/wiki/fiware/index.php/Testbed_Design#Testbed_HW_Configuration ? What will they provide? See what they propose (in the meantime do not expect to have answers to questions hereafter) ? Do they provide kind of sample applications to test our enablers? Do we have to do this by our own (Slim did it already)? As already said I do think in my view the best approach would be to have demonstration ouf our GEs be made through one of the scenarios of one of the FI-PPP UC project. Of course we would also need to have a backup solution something to propose from our side but at Project consortium level. * Contributions to WP's where partners have no allocation of person months ? E.g. IBM has no effort in WP2 and WP11, but there are requests for contributions. How to solve this? Not sure there are direct requests for me requests are via Technical WPs aka Chapters so here WP8. In any case this has to be further investigated by IBM even more than at PCC level we are discussing some re-allocation of resources from some of the partners (remember TID leaving WP8 to move its effort elsewhere ). Greetings Robert -------------- next part -------------- An HTML attachment was scrubbed... URL: From pascal.bisson at thalesgroup.com Fri Mar 16 12:50:07 2012 From: pascal.bisson at thalesgroup.com (BISSON Pascal) Date: Fri, 16 Mar 2012 12:50:07 +0100 Subject: [Fiware-security] TR: [Fiware] Please visit the FI-WARE Catalogue: it is available for preliminary testing!!! Message-ID: <17105_1331898609_4F6328F1_17105_2265_1_CBBCD6C304123F4AB23FAAE3055C8C0E02064605396B@THSONEA01CMS04P.one.grp> FYI also further discussions on the topic De : fiware-bounces at lists.fi-ware.eu [mailto:fiware-bounces at lists.fi-ware.eu] De la part de Matteo Melideo Envoy? : jeudi 15 mars 2012 18:21 ? : fiware at lists.fi-ware.eu Cc : Fredrik Pettersson H; John Sandberg; Dalle Carbonare Davide Objet : [Fiware] Please visit the FI-WARE Catalogue: it is available for preliminary testing!!! Dear FI-WARE Partners, In WP9 we are responsible for providing tools and facilities to support the developers of Future Internet Applications and new implementations of Generic Enablers based on their Open Specifications. Our idea is to offer a "Catalogue" for making it easy for developers to find, navigate and understand what is offered by FI-WARE project in terms of Generic Enablers and FI-WARE Instances (think of the "One-Stop-Shop" metaphor). In fact, the FI-WARE Catalogue will contain information about: Generic Enablers Open Specifications, Generic Enablers reference implementations (API, interfaces, source code, executable, etc.), the Generic Enablers reference implementations clients (if any), Generic Enablers reference implementations tutorial and any other information that may be useful for a developer that wants to use these. In addition, the Catalogue will also contain the reference to the FI-WARE Instances (e.g. FI-WARE Testbed at least) where the Generic Enablers implementations have been deployed. In the first release the catalogue will be a stand alone portal but in the coming releases the ambition is to integrate it with Eclipse to make it also possible for developers to browse FI-WARE Generic Enablers (Open Specifications and implementations) directly from the IDE making it even easier to their usage and interaction. This is actually an opportunity to market FI-WARE to the Eclipse community. It may be worth to know that: 1) the catalogue has been inspired by the experience of the Ericsson Labs (https://labs.ericsson.com/) that today provide more than 15,000 developers worldwide access to APIs and other information to support development of services and applications. 2) the catalogue has nothing to do with the Apps Marketplace released by Apps and Service Ecosystem Chapter!!! The catalogue intends to host only outcomes of the FI-WARE project and only based on the Generic Enables Open Specifications. What we are asking from you now is to play with this preliminary version of the catalogue and to provide us as much feedback as you can so that we can be ready at M12 with a version taking into account also your requirements. This simple test (once registered into the Catalogue portal) will only require max 10 minutes of your valuable time. Please note that it is still under development, so you should only add "fake" data. There could also be disturbances since the team is actively developing still. We will communicate to all when you can start to add real data. The steps to follow: - Go to http://fi-ware.cloud.labs.ericsson.net - Register a user and log in to the site - Go to the "Enablers" section - Submit a new enabler by clicking the "Create new enabler" link at the top of the enabler listing and submitting the form - The proposed enabler is now in the validation queue and you will have to wait for an administrator (basically myself) to approve the enabler before you can progress to the next step. - After being approved your enabler will be listed in the enabler listing, but can only be seen by you and is tagged as "unpublished". - You can now edit the documentation, add downloads etc. and when happy with the content you can go to the edit tab on the main page of the enabler and change the status at the bottom to "published". The enabler can now be seen by anyone. - You can also use the "Group" tab at the top of the enabler page to add other people who should be able to help you in creating the enabler content. Please report any bug or comment at https://forge.fi-ware.eu/tracker/index.php?aid=1610&group_id=15. and do not hesitate to contact me or any of the persons reading in copy this e-mail for any further request of clarification. Thank you in advance for the cooperation and regards, Matteo Melideo WP9 Leader -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: matteo_melideo.vcf Type: text/x-vcard Size: 368 bytes Desc: matteo_melideo.vcf URL: -------------- next part -------------- An embedded and charset-unspecified text was scrubbed... Name: ATT00001.txt URL: From francesco.di.cerbo at sap.com Fri Mar 16 13:11:08 2012 From: francesco.di.cerbo at sap.com (DI CERBO, Francesco) Date: Fri, 16 Mar 2012 13:11:08 +0100 Subject: [Fiware-security] TR: [Fiware] Please visit the FI-WARE Catalogue: it is available for preliminary testing!!! In-Reply-To: <17105_1331898609_4F6328F1_17105_2265_1_CBBCD6C304123F4AB23FAAE3055C8C0E02064605396B@THSONEA01CMS04P.one.grp> References: <17105_1331898609_4F6328F1_17105_2265_1_CBBCD6C304123F4AB23FAAE3055C8C0E02064605396B@THSONEA01CMS04P.one.grp> Message-ID: <71C0C7C7A712EE4CA636EDFD663B4E27039A18B915@DEWDFECCR09.wdf.sap.corp> Hello Pascal, I already gave a feedback to Matteo, maybe you were also in CC. Best regards, Francesco From: fiware-security-bounces at lists.fi-ware.eu [mailto:fiware-security-bounces at lists.fi-ware.eu] On Behalf Of BISSON Pascal Sent: vendredi 16 mars 2012 12:50 To: fiware-security at lists.fi-ware.eu Subject: [Fiware-security] TR: [Fiware] Please visit the FI-WARE Catalogue: it is available for preliminary testing!!! FYI also further discussions on the topic De : fiware-bounces at lists.fi-ware.eu [mailto:fiware-bounces at lists.fi-ware.eu] De la part de Matteo Melideo Envoy? : jeudi 15 mars 2012 18:21 ? : fiware at lists.fi-ware.eu Cc : Fredrik Pettersson H; John Sandberg; Dalle Carbonare Davide Objet : [Fiware] Please visit the FI-WARE Catalogue: it is available for preliminary testing!!! Dear FI-WARE Partners, In WP9 we are responsible for providing tools and facilities to support the developers of Future Internet Applications and new implementations of Generic Enablers based on their Open Specifications. Our idea is to offer a "Catalogue" for making it easy for developers to find, navigate and understand what is offered by FI-WARE project in terms of Generic Enablers and FI-WARE Instances (think of the "One-Stop-Shop" metaphor). In fact, the FI-WARE Catalogue will contain information about: Generic Enablers Open Specifications, Generic Enablers reference implementations (API, interfaces, source code, executable, etc.), the Generic Enablers reference implementations clients (if any), Generic Enablers reference implementations tutorial and any other information that may be useful for a developer that wants to use these. In addition, the Catalogue will also contain the reference to the FI-WARE Instances (e.g. FI-WARE Testbed at least) where the Generic Enablers implementations have been deployed. In the first release the catalogue will be a stand alone portal but in the coming releases the ambition is to integrate it with Eclipse to make it also possible for developers to browse FI-WARE Generic Enablers (Open Specifications and implementations) directly from the IDE making it even easier to their usage and interaction. This is actually an opportunity to market FI-WARE to the Eclipse community. It may be worth to know that: 1) the catalogue has been inspired by the experience of the Ericsson Labs (https://labs.ericsson.com/) that today provide more than 15,000 developers worldwide access to APIs and other information to support development of services and applications. 2) the catalogue has nothing to do with the Apps Marketplace released by Apps and Service Ecosystem Chapter!!! The catalogue intends to host only outcomes of the FI-WARE project and only based on the Generic Enables Open Specifications. What we are asking from you now is to play with this preliminary version of the catalogue and to provide us as much feedback as you can so that we can be ready at M12 with a version taking into account also your requirements. This simple test (once registered into the Catalogue portal) will only require max 10 minutes of your valuable time. Please note that it is still under development, so you should only add "fake" data. There could also be disturbances since the team is actively developing still. We will communicate to all when you can start to add real data. The steps to follow: - Go to http://fi-ware.cloud.labs.ericsson.net - Register a user and log in to the site - Go to the "Enablers" section - Submit a new enabler by clicking the "Create new enabler" link at the top of the enabler listing and submitting the form - The proposed enabler is now in the validation queue and you will have to wait for an administrator (basically myself) to approve the enabler before you can progress to the next step. - After being approved your enabler will be listed in the enabler listing, but can only be seen by you and is tagged as "unpublished". - You can now edit the documentation, add downloads etc. and when happy with the content you can go to the edit tab on the main page of the enabler and change the status at the bottom to "published". The enabler can now be seen by anyone. - You can also use the "Group" tab at the top of the enabler page to add other people who should be able to help you in creating the enabler content. Please report any bug or comment at https://forge.fi-ware.eu/tracker/index.php?aid=1610&group_id=15. and do not hesitate to contact me or any of the persons reading in copy this e-mail for any further request of clarification. Thank you in advance for the cooperation and regards, Matteo Melideo WP9 Leader -------------- next part -------------- An HTML attachment was scrubbed... URL: From pascal.bisson at thalesgroup.com Fri Mar 16 18:47:39 2012 From: pascal.bisson at thalesgroup.com (BISSON Pascal) Date: Fri, 16 Mar 2012 18:47:39 +0100 Subject: [Fiware-security] FI-WARE - Security Chapter - Minutes of today's audio Message-ID: <17105_1331920060_4F637CBC_17105_17189_1_CBBCD6C304123F4AB23FAAE3055C8C0E02064605446D@THSONEA01CMS04P.one.grp> Dear All, Minutes of WP8 today's audio are now available at: https://forge.fi-ware.eu/docman/view.php/19/881/FI-WARE_WP8_Minutes_16-03-12.doc BR Pascal -------------- next part -------------- An HTML attachment was scrubbed... URL: From pascal.bisson at thalesgroup.com Mon Mar 19 08:58:05 2012 From: pascal.bisson at thalesgroup.com (BISSON Pascal) Date: Mon, 19 Mar 2012 08:58:05 +0100 Subject: [Fiware-security] TR: FI-WARE - Open questions regarding M12 deliverables Message-ID: <24258_1332143884_4F66E70C_24258_15445_1_CBBCD6C304123F4AB23FAAE3055C8C0E020646054860@THSONEA01CMS04P.one.grp> FYI De : BISSON Pascal Envoy? : vendredi 16 mars 2012 19:14 ? : Juanjo Hierro Cc : fiware-wpl at lists.fi-ware.eu; fiware-wpa at lists.fi-ware.eu; BISSON Pascal Objet : FI-WARE - Open questions regarding M12 deliverables Importance : Haute Dear Juanjo, So far no guidelines have been provided by you as CA regarding M12 deliverables that are common to each and every chapter. In the meantime it becomes quite urgent to gain access to those guidelines to align and harmonize right from the start our M12 deliverables. This even more than M12 is end of April !. So question: Can you already provide us with some guidelines to follow for M12 deliverables (layout & content) or at least provide me/us with a date at which these guidelines (and accompanying templates) could be provided to us. Being said this guidance would be very much appreciated to me and colleagues in order to engage the work the sooner the better on the right direction. Hope you could provide us with such a guidance asap and by end of the month at the latest to stay compatible with the delivery date for M12 that so far remains unchanged (end of April). Facing what we had faced with D2 deliverables I don't want to engage my team in doing work that wouldn't be aligned with what is expected and as such would have to be changed after (requesting some extra work from my people). Of course and in case you would not be able to provide us with such guidance we would have to come up with our own proposal and follow it but this is something I would like to avoid since we loose harmonization. So hearing from you on this important matter to not only Security chapter but all the Chapters (that's why I put my WPL/WPA colleagues in cc of this email). Best Regards, Pascal -------------- next part -------------- An HTML attachment was scrubbed... URL: From robert.seidl at nsn.com Wed Mar 21 10:50:58 2012 From: robert.seidl at nsn.com (Seidl, Robert (NSN - DE/Munich)) Date: Wed, 21 Mar 2012 10:50:58 +0100 Subject: [Fiware-security] T82_tracker_requests_v03.xlsx Message-ID: <9739B018F0466A4CAB10A9DABBEBF5A68E5E7A@DEMUEXC027.nsn-intra.net> Hi, please find attached the Tracker requests received so far from the UC projects, which concerns IDM generic enabler. I provided my comments in the last row of the Excel table (already aligned with DT). Please SAP, Thales and IBM have a look on it, if this reflects as well your view (others as well are welcome to comment). <> Greetings Robert -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: T82_tracker_requests_v03.xlsx Type: application/octet-stream Size: 19796 bytes Desc: T82_tracker_requests_v03.xlsx URL: From antonio.garcia at atosresearch.eu Wed Mar 21 20:39:35 2012 From: antonio.garcia at atosresearch.eu (Antonio Garcia Vazquez) Date: Wed, 21 Mar 2012 20:39:35 +0100 Subject: [Fiware-security] FI-WARE Security T8.3 Use Case Tracker Message-ID: <8E18929A6C79354FB4BD9BD4636DCB06750B35@INTMAIL03.es.int.atosorigin.com> Hello, See attached summary of the tracker requests received from the UC projects concerning Task 8.3. I've used as template the Excel sent by Robert this morning also including both existing and my comments in the last row. @Pascal, It seems that my problems updating the tracker are finally solved (I told Miguel about the problem). Any way I feel that some changes are missing in the meantime. I've found myself assigned to some trackers that I believed have been reassigned to others. Is this Ok? Best Regards ************************************ * Antonio Garc?a-V?zquez * * (+34) 91 214 9384 * * antonio.garcia at atosresearch.eu * ************************************ ------------------------------------------------------------------ This e-mail and the documents attached are confidential and intended solely for the addressee; it may also be privileged. If you receive this e-mail in error, please notify the sender immediately and destroy it. As its integrity cannot be secured on the Internet, the Atos group liability cannot be triggered for the message content. Although the sender endeavours to maintain a computer virus-free network, the sender does not warrant that this transmission is virus-free and will not be liable for any damages resulting from any virus transmitted. Este mensaje y los ficheros adjuntos pueden contener informacion confidencial destinada solamente a la(s) persona(s) mencionadas anteriormente pueden estar protegidos por secreto profesional. Si usted recibe este correo electronico por error, gracias por informar inmediatamente al remitente y destruir el mensaje. Al no estar asegurada la integridad de este mensaje sobre la red, Atos no se hace responsable por su contenido. Su contenido no constituye ningun compromiso para el grupo Atos, salvo ratificacion escrita por ambas partes. Aunque se esfuerza al maximo por mantener su red libre de virus, el emisor no puede garantizar nada al respecto y no sera responsable de cualesquiera danos que puedan resultar de una transmision de virus. ------------------------------------------------------------------ -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: T8.3_tracker_requests_v01.xlsx Type: application/octet-stream Size: 16068 bytes Desc: T8.3_tracker_requests_v01.xlsx URL: From xavier.aghina at orange.com Thu Mar 22 19:47:16 2012 From: xavier.aghina at orange.com (xavier.aghina at orange.com) Date: Thu, 22 Mar 2012 19:47:16 +0100 Subject: [Fiware-security] Phone call 10 pm Message-ID: I am not available at 10am tomorrow for our weekly phone call , I will provide an update with D.GIDOIN beginning of next week. Xavier. -------------- next part -------------- An HTML attachment was scrubbed... URL: From pascal.bisson at thalesgroup.com Fri Mar 23 06:48:49 2012 From: pascal.bisson at thalesgroup.com (BISSON Pascal) Date: Fri, 23 Mar 2012 06:48:49 +0100 Subject: [Fiware-security] FI-Security - WP8 Audio conf of today cancelled (rescheduled next week) Message-ID: <6521_1332481731_4F6C0EC3_6521_1876_1_ff13b9cd-af5b-412e-8bdc-8b16baee12ac@THSONEA01HUB03P.one.grp> Dear colleagues, Due to a number of participants that can't make it today let me inform you that I have decided to cancel WP8 audio conf of today. Apologize for the inconvenience. Audio of today cancelled will be rescheduled early next week. To have it done please fill in the poll by today for me to make the announcement the sooner the better. http://www.doodle.com/qd4xxh3fzxyfrwqv Thanks in advance and once more apologize for the inconvenience. Best Regards, Pascal -------------- next part -------------- An HTML attachment was scrubbed... URL: From pascal.bisson at thalesgroup.com Mon Mar 26 08:59:55 2012 From: pascal.bisson at thalesgroup.com (BISSON Pascal) Date: Mon, 26 Mar 2012 08:59:55 +0200 Subject: [Fiware-security] TR: FI-Security - WP8 Audio conf of today cancelled (rescheduled next week) Message-ID: <31993_1332745190_4F7013E6_31993_1016_1_CBBCD6C304123F4AB23FAAE3055C8C0E020646203A34@THSONEA01CMS04P.one.grp> Dear Colleagues, Could you please urgently fill in the poll. I will close it at 2pm this afternoon and announce our next WP8 audio accordingly. http://www.doodle.com/qd4xxh3fzxyfrwqv Counting on you. Best Regards, Pascal De : BISSON Pascal Envoy? : vendredi 23 mars 2012 06:49 ? : fiware-security at lists.fi-ware.eu Cc : BISSON Pascal; GIDOIN Daniel Objet : FI-Security - WP8 Audio conf of today cancelled (rescheduled next week) Dear colleagues, Due to a number of participants that can't make it today let me inform you that I have decided to cancel WP8 audio conf of today. Apologize for the inconvenience. Audio of today cancelled will be rescheduled early next week. To have it done please fill in the poll by today for me to make the announcement the sooner the better. http://www.doodle.com/qd4xxh3fzxyfrwqv Thanks in advance and once more apologize for the inconvenience. Best Regards, Pascal -------------- next part -------------- An HTML attachment was scrubbed... URL: From pascal.bisson at thalesgroup.com Mon Mar 26 13:31:50 2012 From: pascal.bisson at thalesgroup.com (BISSON Pascal) Date: Mon, 26 Mar 2012 13:31:50 +0200 Subject: [Fiware-security] FI-WARE WP8 - Audio conference announcement (today 5pm-6pm) Message-ID: <19581_1332761515_4F7053AA_19581_389_1_93618502-5685-4850-9f68-6e6e8ff00808@THSONEA01HUB02P.one.grp> Dear Colleagues, Thanks to those of you who have filled in the poll. Being said I don't want to delay too much our discussion let's have an audio conference today at 5pm (from 5pm-6pm) to discuss things we have to. Being said I had to shorten our audio conference to one hour I would appreciate if each of the task leads (so Daniel, Robert, Antonio and Slim) could drop me an email reflecting current status of the handling of the UC projects tickets this just to save time. As for the Agenda I would propose the following: 1. Review of AP as per last Minutes 2. M12 deliverables 3. Status of tickets handling per Task and attached GEs 4. Status of WP8 answer to WP11 demand (per Task and GEs) Talk with you at 5pm. Best Regards, Pascal PS: @Robert knowing you couldn't make it please drop me an email regarding point 3 (tickets handling status at T8.2) and let me know when I could give you a call for us to have a discussion. PS2: details to join remain unchanged. -------------- next part -------------- An HTML attachment was scrubbed... URL: From pascal.bisson at thalesgroup.com Mon Mar 26 20:08:01 2012 From: pascal.bisson at thalesgroup.com (BISSON Pascal) Date: Mon, 26 Mar 2012 20:08:01 +0200 Subject: [Fiware-security] FI-WARE - Plenary Meeting on April 2 & 3 in Palaiseau Message-ID: <6064_1332785289_4F70B089_6064_4350_1_741b9618-1491-4ab8-8a50-9660a03a3abe@THSONEA01HUB03P.one.grp> Dear All, Find attached to this email a map to access our site (same location at TRT-FR) where our FI-WARE Security (WP8) meeting will take place. So venue : Thales Campus Polytechnique 1, Avenue Augustin Fresnel 91767 PALAISEAU cedex As announced we will start (officially at 10am on Day1 and will close around 5pm on Day 2. To ALL of you who are planning to attend please provide me with the following details for me to provide you an access to our site: * First Name * Last Name * Organization * Id Card number or passport number * Nationality Many thanks in advance ! As for Hotels you can either book an hotel In Paris (preferably close to RER B the line to reach our place) or one of the Hotels we have close to our site. For Paris If no particular hotel to recommend (there are so many!) as for hotels close to our place I can recommend one of the two: The Novotel (Palaiseau) http://www.novotel.com/fr/hotel-0386-novotel-massy-palaiseau/index.shtml or Hotel Mercure (Palaiseau) http://www.accorhotels.com/fr/hotel-1176-mercure-paris-massy-gare-tgv/index.shtml Best Regards, Pascal PS: Agenda will follow -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: trt_uk_map.pdf Type: application/pdf Size: 617468 bytes Desc: trt_uk_map.pdf URL: From pascal.bisson at thalesgroup.com Tue Mar 27 16:05:59 2012 From: pascal.bisson at thalesgroup.com (BISSON Pascal) Date: Tue, 27 Mar 2012 16:05:59 +0200 Subject: [Fiware-security] FI-WARE - WP8 Minutes Message-ID: <22821_1332857162_4F71C94A_22821_19442_1_73795573-7be4-49ec-b9bf-16fbc3d90e58@THSONEA01HUB05P.one.grp> Dear Colleagues, This short message just to let you know that the minutes of our yesterday audio have now been uploaded on the Wiki: https://forge.fi-ware.eu/docman/view.php/19/889/FI-WARE_WP8_Minutes_26-03-12.doc Best Regards, Pascal -------------- next part -------------- An HTML attachment was scrubbed... URL: From francesco.di.cerbo at sap.com Tue Mar 27 18:48:30 2012 From: francesco.di.cerbo at sap.com (DI CERBO, Francesco) Date: Tue, 27 Mar 2012 18:48:30 +0200 Subject: [Fiware-security] UC Ticket Maintenance Message-ID: <71C0C7C7A712EE4CA636EDFD663B4E27039B5FFC33@DEWDFECCR09.wdf.sap.corp> Hello all, Please find a resume of tickets associated to T8.4. Strangely enough, Slim and I are not able to modify the status of any ticket. We get every time the following error: "Tracker Item: Workflow error: You are not authorized to change the Status" Do you have the same situation? Anyway, Slim already sent an answer to each of them, in the comments. For the ticket for DB-Anonymizer, as announced, as no answer was received on the forum, Slim sent a direct email. Best regads, Francesco ___ Francesco Di Cerbo, PhD Security & Trust SAP Research SAP Labs France 805, avenue Maurice Donat Font de l'Orme BP 1216 06250 Mougins Cedex France Tel. +33 4 92 28 64 45 e-mail: Francesco.Di.Cerbo at sap.com -------------- next part -------------- A non-text attachment was scrubbed... Name: 20120327-UC_Tickets.xls Type: application/vnd.ms-excel Size: 31232 bytes Desc: 20120327-UC_Tickets.xls URL: From pascal.bisson at thalesgroup.com Thu Mar 29 09:31:48 2012 From: pascal.bisson at thalesgroup.com (BISSON Pascal) Date: Thu, 29 Mar 2012 09:31:48 +0200 Subject: [Fiware-security] FI-WARE WP8 Meeting (April 2 & 3) - Registration Message-ID: <13337_1333006310_4F740FE6_13337_15173_1_94c29397-fc2b-44ec-8bc1-08e4513d06aa@THSONEA01HUB02P.one.grp> Dear All, For those of you who are planning to attend our WP8/Security AT meeting next meeting (April 2 & 3) please provide me asap with the details requested to register you: First name Last name Organization ID Card So far are registered: Robert Seidl (NSN) Antonio Garcia-Vazquez (ATOS) Xavier Aghina (FT-Orange) Richard Egan (TRT-UK) Alexandre Boeglin (INRIA) Wolfgang Steigerwald (DT) Counting on those of you who haven't yet registered and are planning to attend (and especially those in cc IBM, SAP, T-Systems, INRIA Alpes) to provide me by today with the information requested. Best Regards, Pascal -------------- next part -------------- An HTML attachment was scrubbed... URL: From daniel.gidoin at thalesgroup.com Thu Mar 29 11:25:08 2012 From: daniel.gidoin at thalesgroup.com (GIDOIN Daniel) Date: Thu, 29 Mar 2012 11:25:08 +0200 Subject: [Fiware-security] T82_tracker_requests_v03.xlsx In-Reply-To: References: Message-ID: <6681_1333013115_4F742A7A_6681_1544_1_e014eeb3-a409-43b5-9b15-247a4683b1b3@THSONEA01HUB02P.one.grp> Dear all, Please find attached the tracker requests concerning the Security Monitoring GE. Best regards Daniel De : BISSON Pascal Envoy? : mardi 27 mars 2012 11:25 ? : GIDOIN Daniel Objet : TR: T82_tracker_requests_v03.xlsx De : fiware-security-bounces at lists.fi-ware.eu [mailto:fiware-security-bounces at lists.fi-ware.eu] De la part de Seidl, Robert (NSN - DE/Munich) Envoy? : mercredi 21 mars 2012 10:51 ? : fiware-security at lists.fi-ware.eu Objet : [Fiware-security] T82_tracker_requests_v03.xlsx Hi, please find attached the Tracker requests received so far from the UC projects, which concerns IDM generic enabler. I provided my comments in the last row of the Excel table (already aligned with DT). Please SAP, Thales and IBM have a look on it, if this reflects as well your view (others as well are welcome to comment). <> Greetings Robert -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: T81_tracker_requests_v01.xlsx Type: application/vnd.openxmlformats-officedocument.spreadsheetml.sheet Size: 16461 bytes Desc: T81_tracker_requests_v01.xlsx URL: From pascal.bisson at thalesgroup.com Thu Mar 29 17:48:57 2012 From: pascal.bisson at thalesgroup.com (BISSON Pascal) Date: Thu, 29 Mar 2012 17:48:57 +0200 Subject: [Fiware-security] FI-WARE Security AT - April 2 & 3 - Meeting Agenda Message-ID: <13547_1333036139_4F74846B_13547_8121_1_2bb67864-3221-492d-abba-5e5c9d25e28a@THSONEA01HUB03P.one.grp> Dear ALL, Find attached to this email the provisional Agenda for our WP8/Security AT meeting planned next week (April 2 & 3). As you will see we will have a lot of topics to cover. That's also why I provided some instructions regarding what I was expecting for each of e slots. As such I would ask each of the presenters to follow them to best prepare their slot(s) and slideset(s) in order to have an effective and efficient meeting. Regarding the slot devoted to demos, I would ask each of the task leads/GEs owners and/or asset owners to come to this meeting with demos and announced them to me by tomorrow EOB. I'm here especially expecting demos of what is in scope of the first major release (e.g. IdM GE) although not uniquely. Best Regards, Pascal -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: 02030412_FI-WARE_Security-AT_Mtg_Agenda_1.doc Type: application/msword Size: 104448 bytes Desc: 02030412_FI-WARE_Security-AT_Mtg_Agenda_1.doc URL: From pascal.bisson at thalesgroup.com Thu Mar 29 19:28:30 2012 From: pascal.bisson at thalesgroup.com (BISSON Pascal) Date: Thu, 29 Mar 2012 19:28:30 +0200 Subject: [Fiware-security] FI-WARE WP8/Security AT *** No Audio conference on Friday 30, March *** Message-ID: <13547_1333042117_4F749BC5_13547_11279_1_8615a801-e7d8-4824-8c64-422c854c9d0a@THSONEA01HUB03P.one.grp> Dear ALL, Being said we will meet on Monday & Tuesday next week, the WP8 weekly audio conf of tomorrow (30/03 10am-12am) is cancelled. Best Regards, Pascal -------------- next part -------------- An HTML attachment was scrubbed... URL: From francesco.di.cerbo at sap.com Fri Mar 30 18:47:26 2012 From: francesco.di.cerbo at sap.com (DI CERBO, Francesco) Date: Fri, 30 Mar 2012 18:47:26 +0200 Subject: [Fiware-security] SAP GE business descriptions Message-ID: <71C0C7C7A712EE4CA636EDFD663B4E27039BA4EF6A@DEWDFECCR09.wdf.sap.corp> Hello All, I filled out our information with respect to Data Handling GE and DB Anonymizer. However, the Data Handling GE section was not available. I assumed that this was a mistake, therefore I wrote it from scratch. If that was not the case, it will be pretty easy to remove the section, but then I would like to know why. Best regards and see you in Paris. Francesco ___ Francesco Di Cerbo, PhD Security & Trust SAP Research SAP Labs France 805, avenue Maurice Donat Font de l'Orme BP 1216 06250 Mougins Cedex France Tel. +33 4 92 28 64 45 e-mail: Francesco.Di.Cerbo at sap.com