Dear all, the meeting details for the conference call are as usual? Regards, Alexandra. Von: fiware-security-bounces at lists.fi-ware.eu [mailto:fiware-security-bounces at lists.fi-ware.eu] Im Auftrag von Antonio Garcia Vazquez Gesendet: Dienstag, 6. März 2012 11:58 An: BISSON Pascal; Seidl, Robert (NSN - DE/Munich); gabor.marton at nsn.com; norbert.goetze at nsn.com; slim.trabelsi at sap.com; francesco.di.cerbo at sap.com; GASPARD Lucie; Alexandre Boeglin; osb at zurich.ibm.com; anj at zurich.ibm.com; LELEU Philippe; Steigerwald, Wolfgang Cc: fiware-security at lists.fi-ware.eu Betreff: Re: [Fiware-security] FI-WARE Security - Outcomes of today's audio with CA regarding Security AT contrib to D2.3 (some work needed) Pascal, I've already updated the GE description by: 1) Adding a "disclaimer" as is also done in SemanticAnnotation GE that will be also delivered on release two (ref: https://forge.fi-ware.eu/plugins/mediawiki/wiki/fiware/index.php/FIWARE.ArchitectureDescription.Data.SemanticAnnotation) 2) Adding a "Basic Design principles" section: Sorry about this, but I thought it wasn't mandatory as some of the GE specifications already published do not include this section. (ref: https://forge.fi-ware.eu/plugins/mediawiki/wiki/fi-ware-private/index.php/FIWARE.OpenSpecification.Data.PubSub#Main_Interactions an many others) Best Regards. ************************************ * Antonio García-Vázquez * * (+34) 91 214 9384 * * antonio.garcia at atosresearch.eu<mailto:antonio.garcia at atosresearch.eu> * ************************************ From: BISSON Pascal [mailto:pascal.bisson at thalesgroup.com] Sent: martes, 06 de marzo de 2012 9:52 To: Antonio Garcia Vazquez; Seidl, Robert (NSN - DE/Munich); gabor.marton at nsn.com<mailto:gabor.marton at nsn.com>; norbert.goetze at nsn.com<mailto:norbert.goetze at nsn.com>; slim.trabelsi at sap.com<mailto:slim.trabelsi at sap.com>; francesco.di.cerbo at sap.com<mailto:francesco.di.cerbo at sap.com>; GASPARD Lucie; Alexandre Boeglin; osb at zurich.ibm.com<mailto:osb at zurich.ibm.com>; anj at zurich.ibm.com<mailto:anj at zurich.ibm.com>; LELEU Philippe; Wolfgang.Steigerwald at telekom.de<mailto:Wolfgang.Steigerwald at telekom.de> Cc: GIDOIN Daniel; Pedro Soria Rodriguez; fiware-security at lists.fi-ware.eu<mailto:fiware-security at lists.fi-ware.eu> Subject: RE: FI-WARE Security - Outcomes of today's audio with CA regarding Security AT contrib to D2.3 (some work needed) Dear Antonio, Thanks for your email and report on changes you introduced. The Table of Content which was suggested to follow was the one provided in the instructions available at: https://forge.fi-ware.eu/plugins/mediawiki/wiki/fi-ware-private/index.php/Instructions_on_how_to_develop_FI-WARE_Chapter_Architecture_Descriptions As such and to make you conformant to other descriptions I would suggest you to refer to it and to follow it. Most important in your case would be to add the section which is missing aka section Basic Design principles following Main interactions section. Hope it helps you. Best Regards, Pascal De : Antonio Garcia Vazquez [mailto:antonio.garcia at atosresearch.eu]<mailto:[mailto:antonio.garcia at atosresearch.eu]> Envoyé : mardi 6 mars 2012 07:54 À : BISSON Pascal; Seidl, Robert (NSN - DE/Munich); gabor.marton at nsn.com<mailto:gabor.marton at nsn.com>; norbert.goetze at nsn.com<mailto:norbert.goetze at nsn.com>; slim.trabelsi at sap.com<mailto:slim.trabelsi at sap.com>; francesco.di.cerbo at sap.com<mailto:francesco.di.cerbo at sap.com>; GASPARD Lucie; Alexandre Boeglin; osb at zurich.ibm.com<mailto:osb at zurich.ibm.com>; anj at zurich.ibm.com<mailto:anj at zurich.ibm.com>; LELEU Philippe; Wolfgang.Steigerwald at telekom.de<mailto:Wolfgang.Steigerwald at telekom.de> Cc : GIDOIN Daniel; Pedro Soria Rodriguez; fiware-security at lists.fi-ware.eu<mailto:fiware-security at lists.fi-ware.eu> Objet : RE: FI-WARE Security - Outcomes of today's audio with CA regarding Security AT contrib to D2.3 (some work needed) Pascal, First of all, please take into account that this GE is planned on 2nd Release, so is not as mature as other GE's and as is been indicated into the "how to" page it is not mandatory to provide description for this GE, nevertheless it is useful to include a description of the chapters already defined. Then I'd like to inform you the work already done after receiving the comments to my first deliverable version (17th Feb.). >From my point of view the changes has been implemented (from 20th till 23th Feb) so I believe that, at this moment, the description provided follows those indications. I'm enclosing a detailed description of this topics, in case you can tell me please where is the mismatch. 1) "The figure on the Architecture should be converted to follow FMC notation" I've updated the diagram as requested. 2) " It seems like the Architecture Description of this GE follows the guidelines provided but there is a mismatch in the table of contents...." - "Main Interactions" has been renamed into Context-based security & compliance architecture as requested - "Design Principles" first option has somehow implemented. Instead of adding the name of the request to the sequence diagram and rename last section into Basic Data Structures I've included the interface description of arguments following the description of each related step on the sequence diagram 3) About current Table of contents: The template provided says that we can take as a reference "The Publish/Subscribe Broker GE" witch has nearly the same main point as "Context-based security & compliance GE": 1.-Overview 2.-Basic Concepts 3.-GE Architecture 4.-Main Iterations 5.-References So I'm renaming "Context-based security & compliance GE" 4 & 4.1 points (4.-Basic Design Principles & 4.1.-Main Interactions) into 4.-Main Iterations On the other hand as References subsection seems not to be necessary I'll try to include it later 4) Detailed description of interface with Market Place: This interface is provided by WP3; a reference is being included 5) Detailed description of internal interfaces with rules repository and monitoring systems: I haven't, at this moment, any deliverable version of these interfaces and will be described by 2nd release as is indicated in their sections. A note clearly indicating the expecting delivery release of the GE could be helpful about this and other related topics. I'm working on it Any way we can discuss these point in our conference at 12:00 Best Regards. ************************************ * Antonio García-Vázquez * * (+34) 91 214 9384 * * antonio.garcia at atosresearch.eu<mailto:antonio.garcia at atosresearch.eu> * ************************************ From: BISSON Pascal [mailto:pascal.bisson at thalesgroup.com]<mailto:[mailto:pascal.bisson at thalesgroup.com]> Sent: lunes, 05 de marzo de 2012 16:33 To: Antonio Garcia Vazquez; Seidl, Robert (NSN - DE/Munich); gabor.marton at nsn.com<mailto:gabor.marton at nsn.com>; norbert.goetze at nsn.com<mailto:norbert.goetze at nsn.com>; slim.trabelsi at sap.com<mailto:slim.trabelsi at sap.com>; francesco.di.cerbo at sap.com<mailto:francesco.di.cerbo at sap.com>; GASPARD Lucie; Alexandre Boeglin; osb at zurich.ibm.com<mailto:osb at zurich.ibm.com>; anj at zurich.ibm.com<mailto:anj at zurich.ibm.com>; LELEU Philippe; Wolfgang.Steigerwald at telekom.de<mailto:Wolfgang.Steigerwald at telekom.de> Cc: GIDOIN Daniel; Pedro Soria Rodriguez; fiware-security at lists.fi-ware.eu<mailto:fiware-security at lists.fi-ware.eu> Subject: RE: FI-WARE Security - Outcomes of today's audio with CA regarding Security AT contrib to D2.3 (some work needed) Dear Antonio, Hereafter you will find the comments Juanjo issued on Context-based security & compliance. For me and after a quick check they are still valid since I don't see them addressed (e.g. mismatch in the Table of content that makes this GE description not conformant to the toc suggested and agreed by others, ...). So please check them and address (also let me once addressed) them asap and by EOB tomorrow at the latest following recommendations provided by Juanjo. Hearing from you. Best Regards Pascal 1.2 Context-based security & compliance It seems like the Architecture Description of this GE follows the guidelines provided but there is a mismatch in the table of contents ... The section titled "Main Interactions" looks like it should be titled "Context-based security & compliance architecture" while the sections under "sequence diagrams" within the "Basic Design Principles" section would actually fit better as contents of the "Main Interactions" section. Contents of the remaining of section "Design Principles" look more like the detailed description of data exchanged in some of the interactions described in the sequence diagrams ... however, the relationship is not so explicit because the text in the descriptions of sequence diagrams does not always include a reference to the request/response being issued. I see to alternatives to deal with this editorially: · Add the names of the specific operation request / responses within the sequence diagram descriptions and then endup the "Main Interactions" sections with a subsection titled "Basic Data Structures", elaborating on the detailed description of arguments linked to operation request/responses being referred in the interactions. · Add the names of the specific operation request / responses within the sequence diagram descriptions and enrich then with text describing the data structures linked to those operation request/responses (e.g., "<entity-x> invokes the <op-name> request passing the <description-of-argument-1>, <description-of-argument-2> and <description-of-argument-n> as arguments") Probably the first option is easier to implement and I would recommend it. The figure on the Architecture should be converted to follow FMC notation. De : Antonio Garcia Vazquez [mailto:antonio.garcia at atosresearch.eu]<mailto:[mailto:antonio.garcia at atosresearch.eu]> Envoyé : lundi 5 mars 2012 15:26 À : BISSON Pascal; Seidl, Robert (NSN - DE/Munich); gabor.marton at nsn.com<mailto:gabor.marton at nsn.com>; norbert.goetze at nsn.com<mailto:norbert.goetze at nsn.com>; slim.trabelsi at sap.com<mailto:slim.trabelsi at sap.com>; francesco.di.cerbo at sap.com<mailto:francesco.di.cerbo at sap.com>; GASPARD Lucie; Alexandre Boeglin; osb at zurich.ibm.com<mailto:osb at zurich.ibm.com>; anj at zurich.ibm.com<mailto:anj at zurich.ibm.com>; LELEU Philippe; Wolfgang.Steigerwald at telekom.de<mailto:Wolfgang.Steigerwald at telekom.de> Cc : GIDOIN Daniel; Pedro Soria Rodriguez; fiware-security at lists.fi-ware.eu<mailto:fiware-security at lists.fi-ware.eu> Objet : RE: FI-WARE Security - Outcomes of today's audio with CA regarding Security AT contrib to D2.3 (some work needed) Pascal, I've already made some changes following those indications. Can you tell me the points I should still correct. Best Regards ************************************ * Antonio García-Vázquez * * (+34) 91 214 9384 * * antonio.garcia at atosresearch.eu<mailto:antonio.garcia at atosresearch.eu> * ************************************ From: BISSON Pascal [mailto:pascal.bisson at thalesgroup.com]<mailto:[mailto:pascal.bisson at thalesgroup.com]> Sent: lunes, 05 de marzo de 2012 15:12 To: Seidl, Robert (NSN - DE/Munich); gabor.marton at nsn.com<mailto:gabor.marton at nsn.com>; norbert.goetze at nsn.com<mailto:norbert.goetze at nsn.com>; slim.trabelsi at sap.com<mailto:slim.trabelsi at sap.com>; francesco.di.cerbo at sap.com<mailto:francesco.di.cerbo at sap.com>; GASPARD Lucie; Alexandre Boeglin; osb at zurich.ibm.com<mailto:osb at zurich.ibm.com>; anj at zurich.ibm.com<mailto:anj at zurich.ibm.com>; Antonio Garcia Vazquez; Antonio Garcia Vazquez; LELEU Philippe; Wolfgang.Steigerwald at telekom.de<mailto:Wolfgang.Steigerwald at telekom.de> Cc: GIDOIN Daniel; BISSON Pascal; Pedro Soria Rodriguez; fiware-security at lists.fi-ware.eu<mailto:fiware-security at lists.fi-ware.eu> Subject: FI-WARE Security - Outcomes of today's audio with CA regarding Security AT contrib to D2.3 (some work needed) Importance: High Dear Task leads/GE owners, This just to let you know that this morning I had an audio conference with Juanjo were discussed the readiness of our GEs description for publication in the context of D2.3 and according to latest version available on FI-WARE Private wiki (https://forge.fi-ware.eu/plugins/mediawiki/wiki/fi-ware-private/index.php/FiwareDeliverableD2.3) aka the place where we are supposed to upload our GE description from our FI-WARE Security Private Wiki. Here are what we discussed and agreed: · We will proceed with publishing the contents linked to the Security Monitoring GE because despite some additional comments may come after a second review, it's worth publishing the current contents and we can deal with new comments by end of March (but without the pressure of delivery dates) · We will proceed with publishing the contents linked to the Identity Management GE provided that the owner commits to translate the figures to FMC format by end of this week. As with the previous case, despite some additional comments may come after a second review, it's worth publishing the current contents and we can deal with new comments by end of March (but without the pressure of delivery dates) · We will publish the Privacy GE · We won't publish the rest pending on response regarding how the comments initially provided by Juanjo were addressed (please refer here to email I forwarded you from Juanjo - 21 février 2012 05:07 - on the topic ). Apparently, comments were not addressed for some of the GEs, if not all, and even the history of the Wiki pages reflect that. In order not to delay any longer the publishing of our Security Chapter contrib. to D2.3 I will ask: o Antonio as to check and address Juanjo's comments on Context-based security and compliance comments this no later than by tomorrow EOB, o Same for Slim or Francesco regarding Data Handling GE although after a quick scan I noticed they had already implemented a number of Juanjo's comments. o Slim/Francesco, Alexandre, Philippe/Lucie to do the same for what concerns Optional Security GEs Please Antonio, Slim/Francesco, Alexandre, Philippe/Lucie please acknowledge receipt of this email and confirm you would be addressing comments according the set deadline (i.e. by tomorrow EOB at the latest - hope earlier - let me know once done) to close our work on D2.3 and have our specifications be published also redirect our effort on our Security contrib. to D2.4. Hearing from you, Best Regards, Pascal PS: Don't forget to stick to suggested table of content if not done already and follow instructions provided at https://forge.fi-ware.eu/plugins/mediawiki/wiki/fi-ware-private/index.php/Instructions_on_how_to_develop_FI-WARE_Chapter_Architecture_Descriptions PS2: As announced will call for an audio conference tomorrow. Will provide you with details in a separate email. ------------------------------------------------------------------ This e-mail and the documents attached are confidential and intended solely for the addressee; it may also be privileged. If you receive this e-mail in error, please notify the sender immediately and destroy it. As its integrity cannot be secured on the Internet, the Atos group liability cannot be triggered for the message content. Although the sender endeavours to maintain a computer virus-free network, the sender does not warrant that this transmission is virus-free and will not be liable for any damages resulting from any virus transmitted. Este mensaje y los ficheros adjuntos pueden contener informacion confidencial destinada solamente a la(s) persona(s) mencionadas anteriormente pueden estar protegidos por secreto profesional. Si usted recibe este correo electronico por error, gracias por informar inmediatamente al remitente y destruir el mensaje. Al no estar asegurada la integridad de este mensaje sobre la red, Atos no se hace responsable por su contenido. Su contenido no constituye ningun compromiso para el grupo Atos, salvo ratificacion escrita por ambas partes. Aunque se esfuerza al maximo por mantener su red libre de virus, el emisor no puede garantizar nada al respecto y no sera responsable de cualesquiera danos que puedan resultar de una transmision de virus. ------------------------------------------------------------------ ------------------------------------------------------------------ This e-mail and the documents attached are confidential and intended solely for the addressee; it may also be privileged. If you receive this e-mail in error, please notify the sender immediately and destroy it. As its integrity cannot be secured on the Internet, the Atos group liability cannot be triggered for the message content. Although the sender endeavours to maintain a computer virus-free network, the sender does not warrant that this transmission is virus-free and will not be liable for any damages resulting from any virus transmitted. Este mensaje y los ficheros adjuntos pueden contener informacion confidencial destinada solamente a la(s) persona(s) mencionadas anteriormente pueden estar protegidos por secreto profesional. Si usted recibe este correo electronico por error, gracias por informar inmediatamente al remitente y destruir el mensaje. Al no estar asegurada la integridad de este mensaje sobre la red, Atos no se hace responsable por su contenido. Su contenido no constituye ningun compromiso para el grupo Atos, salvo ratificacion escrita por ambas partes. Aunque se esfuerza al maximo por mantener su red libre de virus, el emisor no puede garantizar nada al respecto y no sera responsable de cualesquiera danos que puedan resultar de una transmision de virus. ------------------------------------------------------------------ ------------------------------------------------------------------ This e-mail and the documents attached are confidential and intended solely for the addressee; it may also be privileged. If you receive this e-mail in error, please notify the sender immediately and destroy it. As its integrity cannot be secured on the Internet, the Atos group liability cannot be triggered for the message content. Although the sender endeavours to maintain a computer virus-free network, the sender does not warrant that this transmission is virus-free and will not be liable for any damages resulting from any virus transmitted. Este mensaje y los ficheros adjuntos pueden contener informacion confidencial destinada solamente a la(s) persona(s) mencionadas anteriormente pueden estar protegidos por secreto profesional. Si usted recibe este correo electronico por error, gracias por informar inmediatamente al remitente y destruir el mensaje. Al no estar asegurada la integridad de este mensaje sobre la red, Atos no se hace responsable por su contenido. Su contenido no constituye ningun compromiso para el grupo Atos, salvo ratificacion escrita por ambas partes. Aunque se esfuerza al maximo por mantener su red libre de virus, el emisor no puede garantizar nada al respecto y no sera responsable de cualesquiera danos que puedan resultar de una transmision de virus. ------------------------------------------------------------------ -------------- next part -------------- An HTML attachment was scrubbed... URL: <https://lists.fiware.org/private/old-fiware-security/attachments/20120306/338c129d/attachment.html>
You can get more information about our cookies and privacy policies clicking on the following links: Privacy policy Cookies policy