From antonio.garcia at atosresearch.eu Tue Sep 4 16:17:45 2012 From: antonio.garcia at atosresearch.eu (Antonio Garcia Vazquez) Date: Tue, 4 Sep 2012 16:17:45 +0200 Subject: [Fiware-security] TR: Review of Architecture and Open Specifications of Security Chapter Message-ID: <8E18929A6C79354FB4BD9BD4636DCB06E32262@INTMAIL03.es.int.atosorigin.com> Daniel About this review and regarding with Context-based security and compliance GE and Service level SIEM component we've taken with the following actions 1) FIWARE.ArchitectureDescription.Security.Context-based security & compliance (pages 4 & 5) We've revised the following points: - Comment 12: Chapter wording has been revised - Comment 13: Disclaimer wording revised - Comment 15: As rule manager was part of our proposed (and not selected) EPICS for the second Open Call their features are still pending - Comment 16: Wording revised - Comment 17: Wording revised - Comment 18: "Chapter" has been used instead of WP3. - Comment 19: No changes at this moment, see answer to comment 15. However we have still pending actions to this one: FIWARE . ArchitectureDescription . Security . Context - based security & compliance Pier Garino General comment to this page: The context-aware capabilities mentioned in the name of this GE call for some explanation about possible interactions (or about impossibility to have interactions) with context/data Management chapter (e.g.: aren't there GEs which might be exploited in the architecture of the Context-based security & compliance GE?). This should help dissipating some doubts which might arise in readers and adopters of FI-WARE architecture. I do not understand this comment. Could be possible that Pierangelo Garino will provide more details about it? 2) Security-Monitoring: OSSIM SIEM Component (PRELIMINARY) (page 12) Page wording has been revised in order to make clear that Atos tasks will be: - Configure OSSIM according with FI-WARE monitoring GE needs - Develop an advance service level SIEM component on top of OSSIM. This advanced SIEM is going to be delivered on future releases of the security monitoring GE Best Regards ************************************ * Antonio Garc?a-V?zquez * * (+34) 91 214 9384 * * antonio.garcia at atosresearch.eu * ************************************ From: fiware-security-bounces at lists.fi-ware.eu [mailto:fiware-security-bounces at lists.fi-ware.eu] On Behalf Of GIDOIN Daniel Sent: martes, 28 de agosto de 2012 17:59 To: fiware-security at lists.fi-ware.eu Subject: [Fiware-security] TR: Review of Architecture and Open Specifications of Security Chapter Dear all, Thank a lot to take into account the attached review on the Secutity GE which concerns you, and to keep me informed. Best regards Daniel De : Garino Pierangelo [mailto:pierangelo.garino at telecomitalia.it] Envoy? : mardi 28 ao?t 2012 16:06 ? : BISSON Pascal; GIDOIN Daniel; fiware-wpl at lists.fi-ware.eu; fiware-wpa at lists.fi-ware.eu Objet : Review of Architecture and Open Specifications of Security Chapter Dear All, Please find attached the document containing the comments for the Security chapter. The document contains two tables concerning Architecture description and Open Specs review respectively. BR Pier ------------------------------------------------------------------ Telecom Italia Pierangelo Garino Innovation & Industry Relations - Research & Prototyping Via G. Reiss Romoli 274, I-10148 TORINO Tel: +39 011 228 7142 Questo messaggio e i suoi allegati sono indirizzati esclusivamente alle persone indicate. La diffusione, copia o qualsiasi altra azione derivante dalla conoscenza di queste informazioni sono rigorosamente vietate. Qualora abbiate ricevuto questo documento per errore siete cortesemente pregati di darne immediata comunicazione al mittente e di provvedere alla sua distruzione, Grazie. This e-mail and any attachments is confidential and may contain privileged information intended for the addressee(s) only. Dissemination, copying, printing or use by anybody else is unauthorised. If you are not the intended recipient, please delete this message and any attachments and advise the sender by return e-mail, Thanks. Rispetta l'ambiente. Non stampare questa mail se non ? necessario. ________________________________ ------------------------------------------------------------------ This e-mail and the documents attached are confidential and intended solely for the addressee; it may also be privileged. If you receive this e-mail in error, please notify the sender immediately and destroy it. As its integrity cannot be secured on the Internet, the Atos group liability cannot be triggered for the message content. Although the sender endeavours to maintain a computer virus-free network, the sender does not warrant that this transmission is virus-free and will not be liable for any damages resulting from any virus transmitted. Este mensaje y los ficheros adjuntos pueden contener informacion confidencial destinada solamente a la(s) persona(s) mencionadas anteriormente pueden estar protegidos por secreto profesional. Si usted recibe este correo electronico por error, gracias por informar inmediatamente al remitente y destruir el mensaje. Al no estar asegurada la integridad de este mensaje sobre la red, Atos no se hace responsable por su contenido. Su contenido no constituye ningun compromiso para el grupo Atos, salvo ratificacion escrita por ambas partes. Aunque se esfuerza al maximo por mantener su red libre de virus, el emisor no puede garantizar nada al respecto y no sera responsable de cualesquiera danos que puedan resultar de una transmision de virus. ------------------------------------------------------------------ -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: image001.gif Type: image/gif Size: 677 bytes Desc: image001.gif URL: From pascal.bisson at thalesgroup.com Wed Sep 5 12:58:23 2012 From: pascal.bisson at thalesgroup.com (BISSON Pascal) Date: Wed, 5 Sep 2012 12:58:23 +0200 Subject: [Fiware-security] FI-WARE - WP8 - Next Audio Message-ID: <1739_1346842708_50473054_1739_9765_1_8b66c48d-81c4-4748-b105-85d454e6c751@THSONEA01HUB03P.one.grp> Dear All, Back from vacation I will resume the weekly audio conference we had so far. Unfortunately I'm forced to cancel the one of this Friday since I would be travelling for a meeting. As such our next audio conference would be next Friday (14/09/12 from 10am to 12am) using the same details as usual. In the meantime I will ask each of you and especially task leads to stay tune since I may pass some important emails requesting action from your side (this as I did already for Task lead to report scope of September Sprint on the Security tracker). Last but not least I will ask: * Lucie (TCS) to address urgently any pending issue regarding delivery of Secure Storage Service on the testbed. * Daniel (TS) to co-ordinate with Antonio (ATOS) and organize the delivery of Security Monitoring GE features. Planned to be delivered on the testbed by end of Sept (at the latest). Keep you posted and talk with you all soon. Best Regards, Pascal -------------- next part -------------- An HTML attachment was scrubbed... URL: From kreshnik.musaraj at thalesgroup.com Wed Sep 5 14:16:42 2012 From: kreshnik.musaraj at thalesgroup.com (MUSARAJ Kreshnik) Date: Wed, 5 Sep 2012 14:16:42 +0200 Subject: [Fiware-security] TR: Review of Architecture and Open Specifications of Security Chapter References: <21539_1346169516_503CEAAC_21539_3002_1_21ae7d8d-aa8d-445a-bda2-52b97a0d45fe@THSONEA01HUB06P.one.grp> Message-ID: <15206_1346847407_504742AF_15206_17628_1_4b48b0e3-f814-40f5-8596-4da4b3ec1334@THSONEA01HUB06P.one.grp> Dear all, We are only two days away from the deadline that we had fixed regarding the improvements following the peer-review of WP8. Until now, only ATOS and DT have reacted and notified progress on the matter. If I have omitted any partner, please signal it to me. You are strongly urged to take into account the review in your respective targets, detailed in my preceding mail below. Also, please notify Pascal, Daniel or myself, as soon as this is done. Thanks to all for the effort. Best regards, Kreshnik ---THALES GROUP RESTRICTED--- De : MUSARAJ Kreshnik Envoy? : jeudi 30 ao?t 2012 18:10 ? : fiware-security at lists.fi-ware.eu Cc : 'xavier.aghina at orange.com'; 'PascalBisson'; 'Antonio Garcia Vazquez'; 'TRABELSI, Slim'; 'Alexandre Boeglin'; EGAN Richard; 'Wolfgang.Steigerwald at telekom.de'; 'Michael Osborne'; 'ext Anja Lehmann'; 'Rodrigo Diaz Rodriguez'; WALLER Adrian; 'DI CERBO, Francesco'; GIDOIN Daniel; 'Seidl, Robert (NSN - DE/Munich)'; BISSON Pascal; LELEU Philippe; GASPARD Lucie Objet : RE: [Fiware-security] TR: Review of Architecture and Open Specifications of Security Chapter Dear all, This is a kind reminder, following the request from Daniel, regarding the review on the Security GE that we all need to address. Most importantly, please provide the necessary answers/comments/modifications of your corresponding sections for Friday next week, September 7. More specifically, below are the targets and the corresponding partners that need to address the given target review: Architecture: Fuzzer --> INRIA Countermeasures --> TCS Visualization --> TRT-UK Context-based security & compliance --> ATOS USDL-SEC --> SAP Identity Management --> NSN + DT Privacy --> IBM + SAP Data handling --> SAP Optional security enablers (altogether) --> TCS+INRIA+SAP+ORANGE Open Specifications: OSSIM-SIEM --> ATOS SSS --> TCS Identity Management --> MSN + DT DB Anonymizer --> SAP Data handling --> SAP Moreover, Daniel just gave to all of us the permission to modify and update the pages as administrators, so everyone of you can personally make the necessary changes while accounting for the reviews. We will confirm and discuss about this during tomorrow's callconf. Best regards, Kreshnik Von: fiware-security-bounces at lists.fi-ware.eu [mailto:fiware-security-bounces at lists.fi-ware.eu] Im Auftrag von GIDOIN Daniel Gesendet: Dienstag, 28. August 2012 17:59 An: fiware-security at lists.fi-ware.eu Betreff: [Fiware-security] TR: Review of Architecture and Open Specifications of Security Chapter Dear all, Thank a lot to take into account the attached review on the Secutity GE which concerns you, and to keep me informed. Best regards Daniel De : Garino Pierangelo [mailto:pierangelo.garino at telecomitalia.it] Envoy? : mardi 28 ao?t 2012 16:06 ? : BISSON Pascal; GIDOIN Daniel; fiware-wpl at lists.fi-ware.eu; fiware-wpa at lists.fi-ware.eu Objet : Review of Architecture and Open Specifications of Security Chapter Dear All, Please find attached the document containing the comments for the Security chapter. The document contains two tables concerning Architecture description and Open Specs review respectively. BR Pier ------------------------------------------------------------------ Telecom Italia Pierangelo Garino Innovation & Industry Relations - Research & Prototyping Via G. Reiss Romoli 274, I-10148 TORINO Tel: +39 011 228 7142 Questo messaggio e i suoi allegati sono indirizzati esclusivamente alle persone indicate. La diffusione, copia o qualsiasi altra azione derivante dalla conoscenza di queste informazioni sono rigorosamente vietate. Qualora abbiate ricevuto questo documento per errore siete cortesemente pregati di darne immediata comunicazione al mittente e di provvedere alla sua distruzione, Grazie. This e-mail and any attachments is confidential and may contain privileged information intended for the addressee(s) only. Dissemination, copying, printing or use by anybody else is unauthorised. If you are not the intended recipient, please delete this message and any attachments and advise the sender by return e-mail, Thanks. [cid:image001.gif at 01CD8B70.45F19270]Rispetta l'ambiente. Non stampare questa mail se non ? necessario. -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: image001.gif Type: image/gif Size: 677 bytes Desc: image001.gif URL: From Richard.Egan at uk.thalesgroup.com Wed Sep 5 18:53:42 2012 From: Richard.Egan at uk.thalesgroup.com (EGAN Richard) Date: Wed, 5 Sep 2012 17:53:42 +0100 Subject: [Fiware-security] TR: Review of Architecture and Open Specifications of Security Chapter In-Reply-To: <5EB8ADB6498522479C5E7381A2C8CF354A47FC89F4@THSONEA01CMS10P.one.grp> References: <21539_1346169516_503CEAAC_21539_3002_1_21ae7d8d-aa8d-445a-bda2-52b97a0d45fe@THSONEA01HUB06P.one.grp> <5EB8ADB6498522479C5E7381A2C8CF354A47FC89F4@THSONEA01CMS10P.one.grp> Message-ID: <886451fd-57fe-482f-bdc7-dfbe6e6926b8@THSONEP02MSG03P.one-02-priv.grp> Kreshnik, Pascal I have fixed the TRT UK review comment (it was simple). As we may not have a conference call for a while, I will repeat the point I made in the conference call on last Friday. This peer review by I2ND is addressing the Security Architecture and Open Specification wiki text (and the partners are addressing the review comments). The Annual Review recently arrived from the Project Officer rejected deliverable D8.1.1 (GE Open Specification) and it has to be resubmitted in M18. Is WP8 proposing to use the material that has been peer reviewed by I2ND for this re-submission? The reasons for the EC reviewers' rejection of D8.1.1 seem more fundamental than those raised in the peer review, so I am concerned that we have not begun to address the PO/Reviewers' concerns. RIchard ________________________________ From: MUSARAJ Kreshnik [mailto:kreshnik.musaraj at thalesgroup.com] Sent: 05 September 2012 13:17 To: fiware-security at lists.fi-ware.eu Cc: xavier.aghina at orange.com; PascalBisson; Antonio Garcia Vazquez; TRABELSI, Slim; Alexandre Boeglin; EGAN Richard; Wolfgang.Steigerwald at telekom.de; Michael Osborne; ext Anja Lehmann; Rodrigo Diaz Rodriguez; WALLER Adrian; DI CERBO, Francesco; GIDOIN Daniel; Seidl, Robert (NSN - DE/Munich); BISSON Pascal; LELEU Philippe; GASPARD Lucie Subject: RE: [Fiware-security] TR: Review of Architecture and Open Specifications of Security Chapter Importance: High Dear all, We are only two days away from the deadline that we had fixed regarding the improvements following the peer-review of WP8. Until now, only ATOS and DT have reacted and notified progress on the matter. If I have omitted any partner, please signal it to me. You are strongly urged to take into account the review in your respective targets, detailed in my preceding mail below. Also, please notify Pascal, Daniel or myself, as soon as this is done. Thanks to all for the effort. Best regards, Kreshnik ---THALES GROUP RESTRICTED--- De : MUSARAJ Kreshnik Envoy? : jeudi 30 ao?t 2012 18:10 ? : fiware-security at lists.fi-ware.eu Cc : 'xavier.aghina at orange.com'; 'PascalBisson'; 'Antonio Garcia Vazquez'; 'TRABELSI, Slim'; 'Alexandre Boeglin'; EGAN Richard; 'Wolfgang.Steigerwald at telekom.de'; 'Michael Osborne'; 'ext Anja Lehmann'; 'Rodrigo Diaz Rodriguez'; WALLER Adrian; 'DI CERBO, Francesco'; GIDOIN Daniel; 'Seidl, Robert (NSN - DE/Munich)'; BISSON Pascal; LELEU Philippe; GASPARD Lucie Objet : RE: [Fiware-security] TR: Review of Architecture and Open Specifications of Security Chapter Dear all, This is a kind reminder, following the request from Daniel, regarding the review on the Security GE that we all need to address. Most importantly, please provide the necessary answers/comments/modifications of your corresponding sections for Friday next week, September 7. More specifically, below are the targets and the corresponding partners that need to address the given target review: Architecture: Fuzzer --> INRIA Countermeasures --> TCS Visualization --> TRT-UK Context-based security & compliance --> ATOS USDL-SEC --> SAP Identity Management --> NSN + DT Privacy --> IBM + SAP Data handling --> SAP Optional security enablers (altogether) --> TCS+INRIA+SAP+ORANGE Open Specifications: OSSIM-SIEM --> ATOS SSS --> TCS Identity Management --> MSN + DT DB Anonymizer --> SAP Data handling --> SAP Moreover, Daniel just gave to all of us the permission to modify and update the pages as administrators, so everyone of you can personally make the necessary changes while accounting for the reviews. We will confirm and discuss about this during tomorrow's callconf. Best regards, Kreshnik Von: fiware-security-bounces at lists.fi-ware.eu [mailto:fiware-security-bounces at lists.fi-ware.eu] Im Auftrag von GIDOIN Daniel Gesendet: Dienstag, 28. August 2012 17:59 An: fiware-security at lists.fi-ware.eu Betreff: [Fiware-security] TR: Review of Architecture and Open Specifications of Security Chapter Dear all, Thank a lot to take into account the attached review on the Secutity GE which concerns you, and to keep me informed. Best regards Daniel De : Garino Pierangelo [mailto:pierangelo.garino at telecomitalia.it] Envoy? : mardi 28 ao?t 2012 16:06 ? : BISSON Pascal; GIDOIN Daniel; fiware-wpl at lists.fi-ware.eu; fiware-wpa at lists.fi-ware.eu Objet : Review of Architecture and Open Specifications of Security Chapter Dear All, Please find attached the document containing the comments for the Security chapter. The document contains two tables concerning Architecture description and Open Specs review respectively. BR Pier ------------------------------------------------------------------ Telecom Italia Pierangelo Garino Innovation & Industry Relations - Research & Prototyping Via G. Reiss Romoli 274, I-10148 TORINO Tel: +39 011 228 7142 Questo messaggio e i suoi allegati sono indirizzati esclusivamente alle persone indicate. La diffusione, copia o qualsiasi altra azione derivante dalla conoscenza di queste informazioni sono rigorosamente vietate. Qualora abbiate ricevuto questo documento per errore siete cortesemente pregati di darne immediata comunicazione al mittente e di provvedere alla sua distruzione, Grazie. This e-mail and any attachments is confidential and may contain privileged information intended for the addressee(s) only. Dissemination, copying, printing or use by anybody else is unauthorised. If you are not the intended recipient, please delete this message and any attachments and advise the sender by return e-mail, Thanks. [cid:788434016 at 05092012-17D3]Rispetta l'ambiente. Non stampare questa mail se non ? necessario. -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: image001.gif Type: image/gif Size: 677 bytes Desc: image001.gif URL: From francesco.di.cerbo at sap.com Thu Sep 6 11:38:48 2012 From: francesco.di.cerbo at sap.com (DI CERBO, Francesco) Date: Thu, 6 Sep 2012 11:38:48 +0200 Subject: [Fiware-security] TR: Review of Architecture and Open Specifications of Security Chapter In-Reply-To: <15206_1346847407_504742AF_15206_17628_1_4b48b0e3-f814-40f5-8596-4da4b3ec1334@THSONEA01HUB06P.one.grp> References: <21539_1346169516_503CEAAC_21539_3002_1_21ae7d8d-aa8d-445a-bda2-52b97a0d45fe@THSONEA01HUB06P.one.grp> <15206_1346847407_504742AF_15206_17628_1_4b48b0e3-f814-40f5-8596-4da4b3ec1334@THSONEA01HUB06P.one.grp> Message-ID: <71C0C7C7A712EE4CA636EDFD663B4E27048DF2A5B4@DEWDFECCR09.wdf.sap.corp> Hello Kreshnik, On our side (SAP), all comments have been addressed. However, some comments on USDL-SEC specification are probably incorrect, as Juanjo in one of his past emails wrote that no Open Specification template was provided for non-software products, which is the case. Best regards, Francesco From: MUSARAJ Kreshnik [mailto:kreshnik.musaraj at thalesgroup.com] Sent: mercredi 5 septembre 2012 14:17 To: fiware-security at lists.fi-ware.eu Cc: xavier.aghina at orange.com; PascalBisson; Antonio Garcia Vazquez; TRABELSI, Slim; Alexandre Boeglin; EGAN Richard; Wolfgang.Steigerwald at telekom.de; Michael Osborne; ext Anja Lehmann; Rodrigo Diaz Rodriguez; WALLER Adrian; DI CERBO, Francesco; GIDOIN Daniel; Seidl, Robert (NSN - DE/Munich); BISSON Pascal; LELEU Philippe; GASPARD Lucie Subject: RE: [Fiware-security] TR: Review of Architecture and Open Specifications of Security Chapter Importance: High Dear all, We are only two days away from the deadline that we had fixed regarding the improvements following the peer-review of WP8. Until now, only ATOS and DT have reacted and notified progress on the matter. If I have omitted any partner, please signal it to me. You are strongly urged to take into account the review in your respective targets, detailed in my preceding mail below. Also, please notify Pascal, Daniel or myself, as soon as this is done. Thanks to all for the effort. Best regards, Kreshnik ---THALES GROUP RESTRICTED--- De : MUSARAJ Kreshnik Envoy? : jeudi 30 ao?t 2012 18:10 ? : fiware-security at lists.fi-ware.eu Cc : 'xavier.aghina at orange.com'; 'PascalBisson'; 'Antonio Garcia Vazquez'; 'TRABELSI, Slim'; 'Alexandre Boeglin'; EGAN Richard; 'Wolfgang.Steigerwald at telekom.de'; 'Michael Osborne'; 'ext Anja Lehmann'; 'Rodrigo Diaz Rodriguez'; WALLER Adrian; 'DI CERBO, Francesco'; GIDOIN Daniel; 'Seidl, Robert (NSN - DE/Munich)'; BISSON Pascal; LELEU Philippe; GASPARD Lucie Objet : RE: [Fiware-security] TR: Review of Architecture and Open Specifications of Security Chapter Dear all, This is a kind reminder, following the request from Daniel, regarding the review on the Security GE that we all need to address. Most importantly, please provide the necessary answers/comments/modifications of your corresponding sections for Friday next week, September 7. More specifically, below are the targets and the corresponding partners that need to address the given target review: Architecture: Fuzzer --> INRIA Countermeasures --> TCS Visualization --> TRT-UK Context-based security & compliance --> ATOS USDL-SEC --> SAP Identity Management --> NSN + DT Privacy --> IBM + SAP Data handling --> SAP Optional security enablers (altogether) --> TCS+INRIA+SAP+ORANGE Open Specifications: OSSIM-SIEM --> ATOS SSS --> TCS Identity Management --> MSN + DT DB Anonymizer --> SAP Data handling --> SAP Moreover, Daniel just gave to all of us the permission to modify and update the pages as administrators, so everyone of you can personally make the necessary changes while accounting for the reviews. We will confirm and discuss about this during tomorrow's callconf. Best regards, Kreshnik Von: fiware-security-bounces at lists.fi-ware.eu [mailto:fiware-security-bounces at lists.fi-ware.eu] Im Auftrag von GIDOIN Daniel Gesendet: Dienstag, 28. August 2012 17:59 An: fiware-security at lists.fi-ware.eu Betreff: [Fiware-security] TR: Review of Architecture and Open Specifications of Security Chapter Dear all, Thank a lot to take into account the attached review on the Secutity GE which concerns you, and to keep me informed. Best regards Daniel De : Garino Pierangelo [mailto:pierangelo.garino at telecomitalia.it] Envoy? : mardi 28 ao?t 2012 16:06 ? : BISSON Pascal; GIDOIN Daniel; fiware-wpl at lists.fi-ware.eu; fiware-wpa at lists.fi-ware.eu Objet : Review of Architecture and Open Specifications of Security Chapter Dear All, Please find attached the document containing the comments for the Security chapter. The document contains two tables concerning Architecture description and Open Specs review respectively. BR Pier ------------------------------------------------------------------ Telecom Italia Pierangelo Garino Innovation & Industry Relations - Research & Prototyping Via G. Reiss Romoli 274, I-10148 TORINO Tel: +39 011 228 7142 Questo messaggio e i suoi allegati sono indirizzati esclusivamente alle persone indicate. La diffusione, copia o qualsiasi altra azione derivante dalla conoscenza di queste informazioni sono rigorosamente vietate. Qualora abbiate ricevuto questo documento per errore siete cortesemente pregati di darne immediata comunicazione al mittente e di provvedere alla sua distruzione, Grazie. This e-mail and any attachments is confidential and may contain privileged information intended for the addressee(s) only. Dissemination, copying, printing or use by anybody else is unauthorised. If you are not the intended recipient, please delete this message and any attachments and advise the sender by return e-mail, Thanks. [cid:image001.gif at 01CD8C22.6982AA00]Rispetta l'ambiente. Non stampare questa mail se non ? necessario. -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: image001.gif Type: image/gif Size: 677 bytes Desc: image001.gif URL: From alexandre.boeglin at inria.fr Fri Sep 7 12:13:22 2012 From: alexandre.boeglin at inria.fr (Alexandre Boeglin) Date: Fri, 7 Sep 2012 12:13:22 +0200 Subject: [Fiware-security] TR: Review of Architecture and Open Specifications of Security Chapter In-Reply-To: <15206_1346847407_504742AF_15206_17628_1_4b48b0e3-f814-40f5-8596-4da4b3ec1334@THSONEA01HUB06P.one.grp> References: <21539_1346169516_503CEAAC_21539_3002_1_21ae7d8d-aa8d-445a-bda2-52b97a0d45fe@THSONEA01HUB06P.one.grp> <15206_1346847407_504742AF_15206_17628_1_4b48b0e3-f814-40f5-8596-4da4b3ec1334@THSONEA01HUB06P.one.grp> Message-ID: <20120907101322.GC12902@inria.fr> Hello Kreshnik, Here is our answer to the two comments made by Pierangelo Garino on the IoT Fuzzer: > Is this fuzzer tool integrated with IoT developments, i.e. can it be > used in conjunction with the IoT GEs? It doesn't look like 6LowPAN is > one of the radio technologies adopted by IoT gateway. > Same comment about Fuzzer as above. It really seems there is no > correlation with the IoT chapter activity on the Gateway. The > interaction with the IoT device should be through that GE. Actually, the Protocol Adapter GE from the IoT chapter is supposed to offer an adaptation layer between the Gateway and any IoT device, as long as the device includes an IP stack and suppoorts the CoAP protocol (from the IETF "CoRE" group). https://forge.fi-ware.eu/plugins/mediawiki/wiki/fiware/index.php/FIWARE.ArchitectureDescription.IoT.Gateway.ProtocolAdapter So, The IoT chapter mostly concentrates on the application layer, and relies on existing standards for the lower network layers. And 6LoWPAN & RPL are simply one of these standards, that allow to communicate with IoT devices using IPv6, and they are also being defined by the IETF (by the "6lowpan" and "roll" groups). So, basically, there is no conflict here, as the Fuzzer and the IoT WP don't target the same layers. The Fuzzer can be used as-is by Use Cases that decide to deploy devices that use the 6LoWPAN stack, and it can support any protocol for which a scapy module exists. And in the event Use Cases decide to adopt other standards, and have an interest in the Fuzzer, we can also discuss the possibility for us to implement the necessary modules. Best regards, Alexandre Le mercredi 05 septembre 2012 ? 14:16, MUSARAJ Kreshnik a ?crit: > Dear all, > > We are only two days away from the deadline that we had fixed regarding the improvements following the peer-review of WP8. > > Until now, only ATOS and DT have reacted and notified progress on the matter. If I have omitted any partner, please signal it to me. > > You are strongly urged to take into account the review in your respective targets, detailed in my preceding mail below. Also, please notify Pascal, Daniel or myself, as soon as this is done. > > Thanks to all for the effort. > > Best regards, > Kreshnik > > ---THALES GROUP RESTRICTED--- > > De : MUSARAJ Kreshnik > Envoy? : jeudi 30 ao?t 2012 18:10 > ? : fiware-security at lists.fi-ware.eu > Cc : 'xavier.aghina at orange.com'; 'PascalBisson'; 'Antonio Garcia Vazquez'; 'TRABELSI, Slim'; 'Alexandre Boeglin'; EGAN Richard; 'Wolfgang.Steigerwald at telekom.de'; 'Michael Osborne'; 'ext Anja Lehmann'; 'Rodrigo Diaz Rodriguez'; WALLER Adrian; 'DI CERBO, Francesco'; GIDOIN Daniel; 'Seidl, Robert (NSN - DE/Munich)'; BISSON Pascal; LELEU Philippe; GASPARD Lucie > Objet : RE: [Fiware-security] TR: Review of Architecture and Open Specifications of Security Chapter > > Dear all, > > This is a kind reminder, following the request from Daniel, regarding the review on the Security GE that we all need to address. > > Most importantly, please provide the necessary answers/comments/modifications of your corresponding sections for Friday next week, September 7. > > More specifically, below are the targets and the corresponding partners that need to address the given target review: > > Architecture: > Fuzzer --> INRIA > Countermeasures --> TCS > Visualization --> TRT-UK > Context-based security & compliance --> ATOS > USDL-SEC --> SAP > Identity Management --> NSN + DT > Privacy --> IBM + SAP > Data handling --> SAP > Optional security enablers (altogether) --> TCS+INRIA+SAP+ORANGE > > Open Specifications: > OSSIM-SIEM --> ATOS > SSS --> TCS > Identity Management --> MSN + DT > DB Anonymizer --> SAP > Data handling --> SAP > > Moreover, Daniel just gave to all of us the permission to modify and update the pages as administrators, so everyone of you can personally make the necessary changes while accounting for the reviews. > > We will confirm and discuss about this during tomorrow's callconf. > > Best regards, > Kreshnik > > > > Von: fiware-security-bounces at lists.fi-ware.eu [mailto:fiware-security-bounces at lists.fi-ware.eu] Im Auftrag von GIDOIN Daniel > Gesendet: Dienstag, 28. August 2012 17:59 > An: fiware-security at lists.fi-ware.eu > Betreff: [Fiware-security] TR: Review of Architecture and Open Specifications of Security Chapter > > Dear all, > > Thank a lot to take into account the attached review on the Secutity GE which concerns you, and to keep me informed. > > Best regards > > Daniel > > De : Garino Pierangelo [mailto:pierangelo.garino at telecomitalia.it] > Envoy? : mardi 28 ao?t 2012 16:06 > ? : BISSON Pascal; GIDOIN Daniel; fiware-wpl at lists.fi-ware.eu; fiware-wpa at lists.fi-ware.eu > Objet : Review of Architecture and Open Specifications of Security Chapter > > Dear All, > > Please find attached the document containing the comments for the Security chapter. The document contains two tables concerning Architecture description and Open Specs review respectively. > > BR > Pier > > > ------------------------------------------------------------------ > Telecom Italia > Pierangelo Garino > Innovation & Industry Relations - Research & Prototyping > Via G. Reiss Romoli 274, I-10148 TORINO > Tel: +39 011 228 7142 > > Questo messaggio e i suoi allegati sono indirizzati esclusivamente alle persone indicate. La diffusione, copia o qualsiasi altra azione derivante dalla conoscenza di queste informazioni sono rigorosamente vietate. Qualora abbiate ricevuto questo documento per errore siete cortesemente pregati di darne immediata comunicazione al mittente e di provvedere alla sua distruzione, Grazie. > > This e-mail and any attachments is confidential and may contain privileged information intended for the addressee(s) only. Dissemination, copying, printing or use by anybody else is unauthorised. If you are not the intended recipient, please delete this message and any attachments and advise the sender by return e-mail, Thanks. > [cid:image001.gif at 01CD8B70.45F19270]Rispetta l'ambiente. Non stampare questa mail se non ? necessario. > > -- Alexandre Boeglin ?quipe-Projet Madynes Inria -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/x-pkcs7-signature Size: 3058 bytes Desc: not available URL: From daniel.gidoin at thalesgroup.com Fri Sep 7 15:42:01 2012 From: daniel.gidoin at thalesgroup.com (GIDOIN Daniel) Date: Fri, 7 Sep 2012 15:42:01 +0200 Subject: [Fiware-security] TR: Review of Architecture and Open Specifications of Security Chapter In-Reply-To: <20120907101322.GC12902@inria.fr> References: <21539_1346169516_503CEAAC_21539_3002_1_21ae7d8d-aa8d-445a-bda2-52b97a0d45fe@THSONEA01HUB06P.one.grp> <15206_1346847407_504742AF_15206_17628_1_4b48b0e3-f814-40f5-8596-4da4b3ec1334@THSONEA01HUB06P.one.grp> <20120907101322.GC12902@inria.fr> Message-ID: <28804_1347025335_5049F9B6_28804_8975_2_e22bda70-2909-4ec0-9736-1fa8a5a5b892@THSONEA01HUB04P.one.grp> Dear Alexandre, Thank you for these further details. Can you integrate them in the wiki. Best regards Daniel -----Message d'origine----- De?: Alexandre Boeglin [mailto:alexandre.boeglin at inria.fr] Envoy??: vendredi 7 septembre 2012 12:13 ??: MUSARAJ Kreshnik Cc?: fiware-security at lists.fi-ware.eu; xavier.aghina at orange.com; PascalBisson; Antonio Garcia Vazquez; TRABELSI, Slim; EGAN Richard; Wolfgang.Steigerwald at telekom.de; Michael Osborne; ext Anja Lehmann; Rodrigo Diaz Rodriguez; WALLER Adrian; DI CERBO, Francesco; GIDOIN Daniel; Seidl, Robert (NSN - DE/Munich); BISSON Pascal; LELEU Philippe; GASPARD Lucie Objet?: Re: [Fiware-security] TR: Review of Architecture and Open Specifications of Security Chapter Hello Kreshnik, Here is our answer to the two comments made by Pierangelo Garino on the IoT Fuzzer: > Is this fuzzer tool integrated with IoT developments, i.e. can it be > used in conjunction with the IoT GEs? It doesn't look like 6LowPAN is > one of the radio technologies adopted by IoT gateway. > Same comment about Fuzzer as above. It really seems there is no > correlation with the IoT chapter activity on the Gateway. The > interaction with the IoT device should be through that GE. Actually, the Protocol Adapter GE from the IoT chapter is supposed to offer an adaptation layer between the Gateway and any IoT device, as long as the device includes an IP stack and suppoorts the CoAP protocol (from the IETF "CoRE" group). https://forge.fi-ware.eu/plugins/mediawiki/wiki/fiware/index.php/FIWARE.ArchitectureDescription.IoT.Gateway.ProtocolAdapter So, The IoT chapter mostly concentrates on the application layer, and relies on existing standards for the lower network layers. And 6LoWPAN & RPL are simply one of these standards, that allow to communicate with IoT devices using IPv6, and they are also being defined by the IETF (by the "6lowpan" and "roll" groups). So, basically, there is no conflict here, as the Fuzzer and the IoT WP don't target the same layers. The Fuzzer can be used as-is by Use Cases that decide to deploy devices that use the 6LoWPAN stack, and it can support any protocol for which a scapy module exists. And in the event Use Cases decide to adopt other standards, and have an interest in the Fuzzer, we can also discuss the possibility for us to implement the necessary modules. Best regards, Alexandre Le mercredi 05 septembre 2012 ? 14:16, MUSARAJ Kreshnik a ?crit: > Dear all, > > We are only two days away from the deadline that we had fixed regarding the improvements following the peer-review of WP8. > > Until now, only ATOS and DT have reacted and notified progress on the matter. If I have omitted any partner, please signal it to me. > > You are strongly urged to take into account the review in your respective targets, detailed in my preceding mail below. Also, please notify Pascal, Daniel or myself, as soon as this is done. > > Thanks to all for the effort. > > Best regards, > Kreshnik > > ---THALES GROUP RESTRICTED--- > > De : MUSARAJ Kreshnik > Envoy? : jeudi 30 ao?t 2012 18:10 > ? : fiware-security at lists.fi-ware.eu > Cc : 'xavier.aghina at orange.com'; 'PascalBisson'; 'Antonio Garcia Vazquez'; 'TRABELSI, Slim'; 'Alexandre Boeglin'; EGAN Richard; 'Wolfgang.Steigerwald at telekom.de'; 'Michael Osborne'; 'ext Anja Lehmann'; 'Rodrigo Diaz Rodriguez'; WALLER Adrian; 'DI CERBO, Francesco'; GIDOIN Daniel; 'Seidl, Robert (NSN - DE/Munich)'; BISSON Pascal; LELEU Philippe; GASPARD Lucie > Objet : RE: [Fiware-security] TR: Review of Architecture and Open Specifications of Security Chapter > > Dear all, > > This is a kind reminder, following the request from Daniel, regarding the review on the Security GE that we all need to address. > > Most importantly, please provide the necessary answers/comments/modifications of your corresponding sections for Friday next week, September 7. > > More specifically, below are the targets and the corresponding partners that need to address the given target review: > > Architecture: > Fuzzer --> INRIA > Countermeasures --> TCS > Visualization --> TRT-UK > Context-based security & compliance --> ATOS > USDL-SEC --> SAP > Identity Management --> NSN + DT > Privacy --> IBM + SAP > Data handling --> SAP > Optional security enablers (altogether) --> TCS+INRIA+SAP+ORANGE > > Open Specifications: > OSSIM-SIEM --> ATOS > SSS --> TCS > Identity Management --> MSN + DT > DB Anonymizer --> SAP > Data handling --> SAP > > Moreover, Daniel just gave to all of us the permission to modify and update the pages as administrators, so everyone of you can personally make the necessary changes while accounting for the reviews. > > We will confirm and discuss about this during tomorrow's callconf. > > Best regards, > Kreshnik > > > > Von: fiware-security-bounces at lists.fi-ware.eu [mailto:fiware-security-bounces at lists.fi-ware.eu] Im Auftrag von GIDOIN Daniel > Gesendet: Dienstag, 28. August 2012 17:59 > An: fiware-security at lists.fi-ware.eu > Betreff: [Fiware-security] TR: Review of Architecture and Open Specifications of Security Chapter > > Dear all, > > Thank a lot to take into account the attached review on the Secutity GE which concerns you, and to keep me informed. > > Best regards > > Daniel > > De : Garino Pierangelo [mailto:pierangelo.garino at telecomitalia.it] > Envoy? : mardi 28 ao?t 2012 16:06 > ? : BISSON Pascal; GIDOIN Daniel; fiware-wpl at lists.fi-ware.eu; fiware-wpa at lists.fi-ware.eu > Objet : Review of Architecture and Open Specifications of Security Chapter > > Dear All, > > Please find attached the document containing the comments for the Security chapter. The document contains two tables concerning Architecture description and Open Specs review respectively. > > BR > Pier > > > ------------------------------------------------------------------ > Telecom Italia > Pierangelo Garino > Innovation & Industry Relations - Research & Prototyping > Via G. Reiss Romoli 274, I-10148 TORINO > Tel: +39 011 228 7142 > > Questo messaggio e i suoi allegati sono indirizzati esclusivamente alle persone indicate. La diffusione, copia o qualsiasi altra azione derivante dalla conoscenza di queste informazioni sono rigorosamente vietate. Qualora abbiate ricevuto questo documento per errore siete cortesemente pregati di darne immediata comunicazione al mittente e di provvedere alla sua distruzione, Grazie. > > This e-mail and any attachments is confidential and may contain privileged information intended for the addressee(s) only. Dissemination, copying, printing or use by anybody else is unauthorised. If you are not the intended recipient, please delete this message and any attachments and advise the sender by return e-mail, Thanks. > [cid:image001.gif at 01CD8B70.45F19270]Rispetta l'ambiente. Non stampare questa mail se non ? necessario. > > -- Alexandre Boeglin ?quipe-Projet Madynes Inria From daniel.gidoin at thalesgroup.com Fri Sep 7 17:04:03 2012 From: daniel.gidoin at thalesgroup.com (GIDOIN Daniel) Date: Fri, 7 Sep 2012 17:04:03 +0200 Subject: [Fiware-security] TR: Review of Architecture and Open Specifications of Security Chapter In-Reply-To: <71C0C7C7A712EE4CA636EDFD663B4E27048DF2A5B4@DEWDFECCR09.wdf.sap.corp> References: <21539_1346169516_503CEAAC_21539_3002_1_21ae7d8d-aa8d-445a-bda2-52b97a0d45fe@THSONEA01HUB06P.one.grp> <15206_1346847407_504742AF_15206_17628_1_4b48b0e3-f814-40f5-8596-4da4b3ec1334@THSONEA01HUB06P.one.grp> <71C0C7C7A712EE4CA636EDFD663B4E27048DF2A5B4@DEWDFECCR09.wdf.sap.corp> Message-ID: <32433_1347030259_504A0CF3_32433_5785_1_2cb5e3d5-2d90-4d0b-91cc-af054eb5b2a5@THSONEA01HUB01P.one.grp> Thank you for your contribution Francesco. Daniel De : DI CERBO, Francesco [mailto:francesco.di.cerbo at sap.com] Envoy? : jeudi 6 septembre 2012 11:39 ? : MUSARAJ Kreshnik; fiware-security at lists.fi-ware.eu Cc : xavier.aghina at orange.com; PascalBisson; Antonio Garcia Vazquez; TRABELSI, Slim; Alexandre Boeglin; EGAN Richard; Wolfgang.Steigerwald at telekom.de; Michael Osborne; ext Anja Lehmann; Rodrigo Diaz Rodriguez; WALLER Adrian; GIDOIN Daniel; Seidl, Robert (NSN - DE/Munich); BISSON Pascal; LELEU Philippe; GASPARD Lucie Objet : RE: [Fiware-security] TR: Review of Architecture and Open Specifications of Security Chapter Hello Kreshnik, On our side (SAP), all comments have been addressed. However, some comments on USDL-SEC specification are probably incorrect, as Juanjo in one of his past emails wrote that no Open Specification template was provided for non-software products, which is the case. Best regards, Francesco From: MUSARAJ Kreshnik [mailto:kreshnik.musaraj at thalesgroup.com] Sent: mercredi 5 septembre 2012 14:17 To: fiware-security at lists.fi-ware.eu Cc: xavier.aghina at orange.com; PascalBisson; Antonio Garcia Vazquez; TRABELSI, Slim; Alexandre Boeglin; EGAN Richard; Wolfgang.Steigerwald at telekom.de; Michael Osborne; ext Anja Lehmann; Rodrigo Diaz Rodriguez; WALLER Adrian; DI CERBO, Francesco; GIDOIN Daniel; Seidl, Robert (NSN - DE/Munich); BISSON Pascal; LELEU Philippe; GASPARD Lucie Subject: RE: [Fiware-security] TR: Review of Architecture and Open Specifications of Security Chapter Importance: High Dear all, We are only two days away from the deadline that we had fixed regarding the improvements following the peer-review of WP8. Until now, only ATOS and DT have reacted and notified progress on the matter. If I have omitted any partner, please signal it to me. You are strongly urged to take into account the review in your respective targets, detailed in my preceding mail below. Also, please notify Pascal, Daniel or myself, as soon as this is done. Thanks to all for the effort. Best regards, Kreshnik ---THALES GROUP RESTRICTED--- De : MUSARAJ Kreshnik Envoy? : jeudi 30 ao?t 2012 18:10 ? : fiware-security at lists.fi-ware.eu Cc : 'xavier.aghina at orange.com'; 'PascalBisson'; 'Antonio Garcia Vazquez'; 'TRABELSI, Slim'; 'Alexandre Boeglin'; EGAN Richard; 'Wolfgang.Steigerwald at telekom.de'; 'Michael Osborne'; 'ext Anja Lehmann'; 'Rodrigo Diaz Rodriguez'; WALLER Adrian; 'DI CERBO, Francesco'; GIDOIN Daniel; 'Seidl, Robert (NSN - DE/Munich)'; BISSON Pascal; LELEU Philippe; GASPARD Lucie Objet : RE: [Fiware-security] TR: Review of Architecture and Open Specifications of Security Chapter Dear all, This is a kind reminder, following the request from Daniel, regarding the review on the Security GE that we all need to address. Most importantly, please provide the necessary answers/comments/modifications of your corresponding sections for Friday next week, September 7. More specifically, below are the targets and the corresponding partners that need to address the given target review: Architecture: Fuzzer --> INRIA Countermeasures --> TCS Visualization --> TRT-UK Context-based security & compliance --> ATOS USDL-SEC --> SAP Identity Management --> NSN + DT Privacy --> IBM + SAP Data handling --> SAP Optional security enablers (altogether) --> TCS+INRIA+SAP+ORANGE Open Specifications: OSSIM-SIEM --> ATOS SSS --> TCS Identity Management --> MSN + DT DB Anonymizer --> SAP Data handling --> SAP Moreover, Daniel just gave to all of us the permission to modify and update the pages as administrators, so everyone of you can personally make the necessary changes while accounting for the reviews. We will confirm and discuss about this during tomorrow's callconf. Best regards, Kreshnik Von: fiware-security-bounces at lists.fi-ware.eu [mailto:fiware-security-bounces at lists.fi-ware.eu] Im Auftrag von GIDOIN Daniel Gesendet: Dienstag, 28. August 2012 17:59 An: fiware-security at lists.fi-ware.eu Betreff: [Fiware-security] TR: Review of Architecture and Open Specifications of Security Chapter Dear all, Thank a lot to take into account the attached review on the Secutity GE which concerns you, and to keep me informed. Best regards Daniel De : Garino Pierangelo [mailto:pierangelo.garino at telecomitalia.it] Envoy? : mardi 28 ao?t 2012 16:06 ? : BISSON Pascal; GIDOIN Daniel; fiware-wpl at lists.fi-ware.eu; fiware-wpa at lists.fi-ware.eu Objet : Review of Architecture and Open Specifications of Security Chapter Dear All, Please find attached the document containing the comments for the Security chapter. The document contains two tables concerning Architecture description and Open Specs review respectively. BR Pier ------------------------------------------------------------------ Telecom Italia Pierangelo Garino Innovation & Industry Relations - Research & Prototyping Via G. Reiss Romoli 274, I-10148 TORINO Tel: +39 011 228 7142 Questo messaggio e i suoi allegati sono indirizzati esclusivamente alle persone indicate. La diffusione, copia o qualsiasi altra azione derivante dalla conoscenza di queste informazioni sono rigorosamente vietate. Qualora abbiate ricevuto questo documento per errore siete cortesemente pregati di darne immediata comunicazione al mittente e di provvedere alla sua distruzione, Grazie. This e-mail and any attachments is confidential and may contain privileged information intended for the addressee(s) only. Dissemination, copying, printing or use by anybody else is unauthorised. If you are not the intended recipient, please delete this message and any attachments and advise the sender by return e-mail, Thanks. [cid:image001.gif at 01CD8D1A.C8295330]Rispetta l'ambiente. Non stampare questa mail se non ? necessario. -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: image001.gif Type: image/gif Size: 677 bytes Desc: image001.gif URL: From daniel.gidoin at thalesgroup.com Fri Sep 7 18:25:04 2012 From: daniel.gidoin at thalesgroup.com (GIDOIN Daniel) Date: Fri, 7 Sep 2012 18:25:04 +0200 Subject: [Fiware-security] TR: Review of Architecture and Open Specifications of Security Chapter In-Reply-To: <8E18929A6C79354FB4BD9BD4636DCB06E32262@INTMAIL03.es.int.atosorigin.com> References: <8E18929A6C79354FB4BD9BD4636DCB06E32262@INTMAIL03.es.int.atosorigin.com> Message-ID: <9855_1347035120_504A1FF0_9855_13222_1_8F1D40232A0E68409E3FC23A30C326620167817CC48A@THSONEA01CMS04P.one.grp> Thank a lot Antonio. We consolidate all contributions at the beginning of next week. Best regards Daniel De : Antonio Garcia Vazquez [mailto:antonio.garcia at atosresearch.eu] Envoy? : mardi 4 septembre 2012 16:18 ? : GIDOIN Daniel Cc : fiware-security at lists.fi-ware.eu Objet : RE: [Fiware-security] TR: Review of Architecture and Open Specifications of Security Chapter Daniel About this review and regarding with Context-based security and compliance GE and Service level SIEM component we've taken with the following actions 1) FIWARE.ArchitectureDescription.Security.Context-based security & compliance (pages 4 & 5) We've revised the following points: - Comment 12: Chapter wording has been revised - Comment 13: Disclaimer wording revised - Comment 15: As rule manager was part of our proposed (and not selected) EPICS for the second Open Call their features are still pending - Comment 16: Wording revised - Comment 17: Wording revised - Comment 18: "Chapter" has been used instead of WP3. - Comment 19: No changes at this moment, see answer to comment 15. However we have still pending actions to this one: FIWARE.ArchitectureDescription.Security.Context-based security & compliance Pier Garino General comment to this page: The context-aware capabilities mentioned in the name of this GE call for some explanation about possible interactions (or about impossibility to have interactions) with context/data Management chapter (e.g.: aren't there GEs which might be exploited in the architecture of the Context-based security & compliance GE?). This should help dissipating some doubts which might arise in readers and adopters of FI-WARE architecture. I do not understand this comment. Could be possible that Pierangelo Garino will provide more details about it? 2) Security-Monitoring: OSSIM SIEM Component (PRELIMINARY) (page 12) Page wording has been revised in order to make clear that Atos tasks will be: - Configure OSSIM according with FI-WARE monitoring GE needs - Develop an advance service level SIEM component on top of OSSIM. This advanced SIEM is going to be delivered on future releases of the security monitoring GE Best Regards ************************************ * Antonio Garc?a-V?zquez * * (+34) 91 214 9384 * * antonio.garcia at atosresearch.eu * ************************************ From: fiware-security-bounces at lists.fi-ware.eu [mailto:fiware-security-bounces at lists.fi-ware.eu] On Behalf Of GIDOIN Daniel Sent: martes, 28 de agosto de 2012 17:59 To: fiware-security at lists.fi-ware.eu Subject: [Fiware-security] TR: Review of Architecture and Open Specifications of Security Chapter Dear all, Thank a lot to take into account the attached review on the Secutity GE which concerns you, and to keep me informed. Best regards Daniel De : Garino Pierangelo [mailto:pierangelo.garino at telecomitalia.it] Envoy? : mardi 28 ao?t 2012 16:06 ? : BISSON Pascal; GIDOIN Daniel; fiware-wpl at lists.fi-ware.eu; fiware-wpa at lists.fi-ware.eu Objet : Review of Architecture and Open Specifications of Security Chapter Dear All, Please find attached the document containing the comments for the Security chapter. The document contains two tables concerning Architecture description and Open Specs review respectively. BR Pier ------------------------------------------------------------------ Telecom Italia Pierangelo Garino Innovation & Industry Relations - Research & Prototyping Via G. Reiss Romoli 274, I-10148 TORINO Tel: +39 011 228 7142 Questo messaggio e i suoi allegati sono indirizzati esclusivamente alle persone indicate. La diffusione, copia o qualsiasi altra azione derivante dalla conoscenza di queste informazioni sono rigorosamente vietate. Qualora abbiate ricevuto questo documento per errore siete cortesemente pregati di darne immediata comunicazione al mittente e di provvedere alla sua distruzione, Grazie. This e-mail and any attachments is confidential and may contain privileged information intended for the addressee(s) only. Dissemination, copying, printing or use by anybody else is unauthorised. If you are not the intended recipient, please delete this message and any attachments and advise the sender by return e-mail, Thanks. [cid:image001.gif at 01CD8D26.19B4DED0]Rispetta l'ambiente. Non stampare questa mail se non ? necessario. ------------------------------------------------------------------ This e-mail and the documents attached are confidential and intended solely for the addressee; it may also be privileged. If you receive this e-mail in error, please notify the sender immediately and destroy it. As its integrity cannot be secured on the Internet, the Atos group liability cannot be triggered for the message content. Although the sender endeavours to maintain a computer virus-free network, the sender does not warrant that this transmission is virus-free and will not be liable for any damages resulting from any virus transmitted. Este mensaje y los ficheros adjuntos pueden contener informacion confidencial destinada solamente a la(s) persona(s) mencionadas anteriormente pueden estar protegidos por secreto profesional. Si usted recibe este correo electronico por error, gracias por informar inmediatamente al remitente y destruir el mensaje. Al no estar asegurada la integridad de este mensaje sobre la red, Atos no se hace responsable por su contenido. Su contenido no constituye ningun compromiso para el grupo Atos, salvo ratificacion escrita por ambas partes. Aunque se esfuerza al maximo por mantener su red libre de virus, el emisor no puede garantizar nada al respecto y no sera responsable de cualesquiera danos que puedan resultar de una transmision de virus. ------------------------------------------------------------------ -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: image001.gif Type: image/gif Size: 677 bytes Desc: image001.gif URL: From alexandre.boeglin at inria.fr Fri Sep 7 18:42:05 2012 From: alexandre.boeglin at inria.fr (Alexandre Boeglin) Date: Fri, 7 Sep 2012 18:42:05 +0200 Subject: [Fiware-security] TR: Review of Architecture and Open Specifications of Security Chapter In-Reply-To: <28804_1347025335_5049F9B6_28804_8975_2_e22bda70-2909-4ec0-9736-1fa8a5a5b892@THSONEA01HUB04P.one.grp> References: <21539_1346169516_503CEAAC_21539_3002_1_21ae7d8d-aa8d-445a-bda2-52b97a0d45fe@THSONEA01HUB06P.one.grp> <15206_1346847407_504742AF_15206_17628_1_4b48b0e3-f814-40f5-8596-4da4b3ec1334@THSONEA01HUB06P.one.grp> <20120907101322.GC12902@inria.fr> <28804_1347025335_5049F9B6_28804_8975_2_e22bda70-2909-4ec0-9736-1fa8a5a5b892@THSONEA01HUB04P.one.grp> Message-ID: <20120907164204.GD12902@inria.fr> Dear Daniel, I added this as a subsection of the fuzzer architecture description at https://forge.fi-ware.eu/plugins/mediawiki/wiki/fiware/index.php/FIWARE.ArchitectureDescription.Security.Security_Monitoring#Fuzzer Best regards, Alaxandre Le vendredi 07 septembre 2012 ? 15:42, GIDOIN Daniel a ?crit: > Dear Alexandre, > > Thank you for these further details. Can you integrate them in the wiki. > > Best regards > > Daniel > > -----Message d'origine----- > De?: Alexandre Boeglin [mailto:alexandre.boeglin at inria.fr] > Envoy??: vendredi 7 septembre 2012 12:13 > ??: MUSARAJ Kreshnik > Cc?: fiware-security at lists.fi-ware.eu; xavier.aghina at orange.com; PascalBisson; Antonio Garcia Vazquez; TRABELSI, Slim; EGAN Richard; Wolfgang.Steigerwald at telekom.de; Michael Osborne; ext Anja Lehmann; Rodrigo Diaz Rodriguez; WALLER Adrian; DI CERBO, Francesco; GIDOIN Daniel; Seidl, Robert (NSN - DE/Munich); BISSON Pascal; LELEU Philippe; GASPARD Lucie > Objet?: Re: [Fiware-security] TR: Review of Architecture and Open Specifications of Security Chapter > > Hello Kreshnik, > > Here is our answer to the two comments made by Pierangelo Garino on the > IoT Fuzzer: > > > Is this fuzzer tool integrated with IoT developments, i.e. can it be > > used in conjunction with the IoT GEs? It doesn't look like 6LowPAN is > > one of the radio technologies adopted by IoT gateway. > > > Same comment about Fuzzer as above. It really seems there is no > > correlation with the IoT chapter activity on the Gateway. The > > interaction with the IoT device should be through that GE. > > Actually, the Protocol Adapter GE from the IoT chapter is supposed to > offer an adaptation layer between the Gateway and any IoT device, as > long as the device includes an IP stack and suppoorts the CoAP protocol > (from the IETF "CoRE" group). > https://forge.fi-ware.eu/plugins/mediawiki/wiki/fiware/index.php/FIWARE.ArchitectureDescription.IoT.Gateway.ProtocolAdapter > > So, The IoT chapter mostly concentrates on the application layer, and > relies on existing standards for the lower network layers. > > And 6LoWPAN & RPL are simply one of these standards, that allow to > communicate with IoT devices using IPv6, and they are also being defined > by the IETF (by the "6lowpan" and "roll" groups). > > So, basically, there is no conflict here, as the Fuzzer and the IoT WP > don't target the same layers. > > The Fuzzer can be used as-is by Use Cases that decide to deploy devices > that use the 6LoWPAN stack, and it can support any protocol for which a > scapy module exists. > > And in the event Use Cases decide to adopt other standards, and have an > interest in the Fuzzer, we can also discuss the possibility for us to > implement the necessary modules. > > > Best regards, > Alexandre > > > Le mercredi 05 septembre 2012 ? 14:16, MUSARAJ Kreshnik a ?crit: > > Dear all, > > > > We are only two days away from the deadline that we had fixed regarding the improvements following the peer-review of WP8. > > > > Until now, only ATOS and DT have reacted and notified progress on the matter. If I have omitted any partner, please signal it to me. > > > > You are strongly urged to take into account the review in your respective targets, detailed in my preceding mail below. Also, please notify Pascal, Daniel or myself, as soon as this is done. > > > > Thanks to all for the effort. > > > > Best regards, > > Kreshnik > > > > ---THALES GROUP RESTRICTED--- > > > > De : MUSARAJ Kreshnik > > Envoy? : jeudi 30 ao?t 2012 18:10 > > ? : fiware-security at lists.fi-ware.eu > > Cc : 'xavier.aghina at orange.com'; 'PascalBisson'; 'Antonio Garcia Vazquez'; 'TRABELSI, Slim'; 'Alexandre Boeglin'; EGAN Richard; 'Wolfgang.Steigerwald at telekom.de'; 'Michael Osborne'; 'ext Anja Lehmann'; 'Rodrigo Diaz Rodriguez'; WALLER Adrian; 'DI CERBO, Francesco'; GIDOIN Daniel; 'Seidl, Robert (NSN - DE/Munich)'; BISSON Pascal; LELEU Philippe; GASPARD Lucie > > Objet : RE: [Fiware-security] TR: Review of Architecture and Open Specifications of Security Chapter > > > > Dear all, > > > > This is a kind reminder, following the request from Daniel, regarding the review on the Security GE that we all need to address. > > > > Most importantly, please provide the necessary answers/comments/modifications of your corresponding sections for Friday next week, September 7. > > > > More specifically, below are the targets and the corresponding partners that need to address the given target review: > > > > Architecture: > > Fuzzer --> INRIA > > Countermeasures --> TCS > > Visualization --> TRT-UK > > Context-based security & compliance --> ATOS > > USDL-SEC --> SAP > > Identity Management --> NSN + DT > > Privacy --> IBM + SAP > > Data handling --> SAP > > Optional security enablers (altogether) --> TCS+INRIA+SAP+ORANGE > > > > Open Specifications: > > OSSIM-SIEM --> ATOS > > SSS --> TCS > > Identity Management --> MSN + DT > > DB Anonymizer --> SAP > > Data handling --> SAP > > > > Moreover, Daniel just gave to all of us the permission to modify and update the pages as administrators, so everyone of you can personally make the necessary changes while accounting for the reviews. > > > > We will confirm and discuss about this during tomorrow's callconf. > > > > Best regards, > > Kreshnik > > > > > > > > Von: fiware-security-bounces at lists.fi-ware.eu [mailto:fiware-security-bounces at lists.fi-ware.eu] Im Auftrag von GIDOIN Daniel > > Gesendet: Dienstag, 28. August 2012 17:59 > > An: fiware-security at lists.fi-ware.eu > > Betreff: [Fiware-security] TR: Review of Architecture and Open Specifications of Security Chapter > > > > Dear all, > > > > Thank a lot to take into account the attached review on the Secutity GE which concerns you, and to keep me informed. > > > > Best regards > > > > Daniel > > > > De : Garino Pierangelo [mailto:pierangelo.garino at telecomitalia.it] > > Envoy? : mardi 28 ao?t 2012 16:06 > > ? : BISSON Pascal; GIDOIN Daniel; fiware-wpl at lists.fi-ware.eu; fiware-wpa at lists.fi-ware.eu > > Objet : Review of Architecture and Open Specifications of Security Chapter > > > > Dear All, > > > > Please find attached the document containing the comments for the Security chapter. The document contains two tables concerning Architecture description and Open Specs review respectively. > > > > BR > > Pier > > > > > > ------------------------------------------------------------------ > > Telecom Italia > > Pierangelo Garino > > Innovation & Industry Relations - Research & Prototyping > > Via G. Reiss Romoli 274, I-10148 TORINO > > Tel: +39 011 228 7142 > > > > Questo messaggio e i suoi allegati sono indirizzati esclusivamente alle persone indicate. La diffusione, copia o qualsiasi altra azione derivante dalla conoscenza di queste informazioni sono rigorosamente vietate. Qualora abbiate ricevuto questo documento per errore siete cortesemente pregati di darne immediata comunicazione al mittente e di provvedere alla sua distruzione, Grazie. > > > > This e-mail and any attachments is confidential and may contain privileged information intended for the addressee(s) only. Dissemination, copying, printing or use by anybody else is unauthorised. If you are not the intended recipient, please delete this message and any attachments and advise the sender by return e-mail, Thanks. > > [cid:image001.gif at 01CD8B70.45F19270]Rispetta l'ambiente. Non stampare questa mail se non ? necessario. > > > > > > > > -- > Alexandre Boeglin > ?quipe-Projet Madynes > Inria -- Alexandre Boeglin ?quipe-Projet Madynes Inria -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/x-pkcs7-signature Size: 3058 bytes Desc: not available URL: From pascal.bisson at thalesgroup.com Tue Sep 11 13:42:50 2012 From: pascal.bisson at thalesgroup.com (BISSON Pascal) Date: Tue, 11 Sep 2012 13:42:50 +0200 Subject: [Fiware-security] FI-WARE - *** Important **** Catalog was moved and request you rest your password to reenter Message-ID: <28664_1347363772_504F23BC_28664_1620_1_CBBCD6C304123F4AB23FAAE3055C8C0E0206D81E0B56@THSONEA01CMS04P.one.grp> Dear All, The catalogue has been migrated to the Testbed, and now has a new URL: http://catalogue.fi-ware.eu/ During the migration Testbed team have made updates to the architecture of the site, including the user management. Because of this, you must reset your password before you login to the catalogue again. To reset your password, go to: http://catalogue.fi-ware.eu/user/password Best Regards, Pascal -------------- next part -------------- An HTML attachment was scrubbed... URL: From susana.gzarzosa at atosresearch.eu Mon Sep 10 17:31:40 2012 From: susana.gzarzosa at atosresearch.eu (Susana Gonzalez Zarzosa) Date: Mon, 10 Sep 2012 17:31:40 +0200 Subject: [Fiware-security] [FI-WARE] New member on Atos security team In-Reply-To: <6557_1346664912_504479D0_6557_610_1_4996eb06-7bda-4762-95d1-d491b8e354e3@THSONEA01HUB05P.one.grp> References: <8E18929A6C79354FB4BD9BD4636DCB06E31E2E@INTMAIL03.es.int.atosorigin.com> <6557_1346664912_504479D0_6557_610_1_4996eb06-7bda-4762-95d1-d491b8e354e3@THSONEA01HUB05P.one.grp> Message-ID: Dear Daniel, I'm afraid I haven't received the emails sent to the fi-ware security mainlining list on Friday. Please, could you check if I'm included in it? On the other hand, could you give me permissions to the fi-ware-private wiki? I can't access e.g. to https://forge.fi-ware.eu/plugins/mediawiki/wiki/fi-ware-private/index.php/FiwareDeliverables Thanks and best regards, Susana From: GIDOIN Daniel [mailto:daniel.gidoin at thalesgroup.com] Sent: lunes, 03 de septiembre de 2012 11:35 To: Susana Gonzalez Zarzosa Cc: Antonio Garcia Vazquez; BISSON Pascal Subject: RE: [FI-WARE] New member on Atos security team Dear Susana, Welcome in the security team! I included you in the security mailing list. Best regards Daniel De : Antonio Garcia Vazquez [mailto:antonio.garcia at atosresearch.eu] Envoy? : lundi 3 septembre 2012 10:09 ? : BISSON Pascal Cc : GIDOIN Daniel; Susana Gonzalez Zarzosa Objet : [FI-WARE] New member on Atos security team Pascal, This is to introduce you my college Susana Gonzalez (in copy) that is going to join us in the security team. She is already registered in the Forge web an also has request access to the projects. Cloud you please include her in the security mailing list? Thanks and Best Regards ************************************ * Antonio Garc?a-V?zquez * * (+34) 91 214 9384 * * antonio.garcia at atosresearch.eu * ************************************ ------------------------------------------------------------------ This e-mail and the documents attached are confidential and intended solely for the addressee; it may also be privileged. If you receive this e-mail in error, please notify the sender immediately and destroy it. As its integrity cannot be secured on the Internet, the Atos group liability cannot be triggered for the message content. Although the sender endeavours to maintain a computer virus-free network, the sender does not warrant that this transmission is virus-free and will not be liable for any damages resulting from any virus transmitted. Este mensaje y los ficheros adjuntos pueden contener informacion confidencial destinada solamente a la(s) persona(s) mencionadas anteriormente pueden estar protegidos por secreto profesional. Si usted recibe este correo electronico por error, gracias por informar inmediatamente al remitente y destruir el mensaje. Al no estar asegurada la integridad de este mensaje sobre la red, Atos no se hace responsable por su contenido. Su contenido no constituye ningun compromiso para el grupo Atos, salvo ratificacion escrita por ambas partes. Aunque se esfuerza al maximo por mantener su red libre de virus, el emisor no puede garantizar nada al respecto y no sera responsable de cualesquiera danos que puedan resultar de una transmision de virus. ------------------------------------------------------------------ -------------- next part -------------- An HTML attachment was scrubbed... URL: From daniel.gidoin at thalesgroup.com Wed Sep 12 09:38:45 2012 From: daniel.gidoin at thalesgroup.com (GIDOIN Daniel) Date: Wed, 12 Sep 2012 09:38:45 +0200 Subject: [Fiware-security] FI-WARE: Review of Architecture and Open Specifications of Security Chapter In-Reply-To: References: Message-ID: <19630_1347435529_50503C09_19630_6618_1_491b39ce-f48a-4cf5-9fe0-bdd82209ee11@THSONEA01HUB01P.one.grp> Dear Pierangelo, Please find bellow our answer to your comments on the Security chapter: Architecture: * Introduction: 1. Comments 1 & 2: wording and example modified (TS) * Architecture Overview: 1. Comment 3: sentence clarified; 2. Comment 4: increasing readability (TS) * Security monitoring: 1. Comment 5: very global rewriting of the page by TS; 2. Comment 6: justification of the Security Monitoring approach with regard to ISO 27000 standard; 3. Comment 7: architecture clarified (I.e. origin of inputs) * Fuzzer: 1. Comments 8 & 11: taken into account in the wiki page (INRIA) * Countermeasures: 1. Comment 9: taken into account by TCS * Visualization: 1. Comment 10: review comment fixed by TRT * Context-based security & compliance (ATOS): 1. Comment 12: Chapter wording has been revised 2. Comment 13: Disclaimer wording revised 3. Comment 14: wording revised 4. Comment 15: As rule manager was part of our proposed (and not selected) EPICS for the second Open Call their features are still pending 5. Comment 16: Wording revised 6. Comment 17: Wording revised 7. Comment 18: "Chapter" has been used instead of WP3. 8. Comment 19: No changes at this moment, see answer to comment 15. However we have still pending actions to this one: FIWARE.ArchitectureDescription.Security.Context -based security & compliance Pier Garino General comment to this page: The context-aware capabilities mentioned in the name of this GE call for some explanation about possible interactions (or about impossibility to have interactions) with context/data Management chapter (e.g.: aren't there GEs which might be exploited in the architecture of the Context-based security & compliance GE?). This should help dissipating some doubts which might arise in readers and adopters of FI-WARE architecture. We do not understand this comment. Could be possible that Pierangelo Garino will provide more details about it? * USDL-SEC (SAP) 1. Comments 32, 33, 34 SAP: all comments have been addressed. However, some comments on USDL-SEC specification are probably incorrect, as Juanjo in one of his past emails wrote that no Open Specification template was provided for non-software products, which is the case. * Data Handling (SAP) 1. Comments 21 to 30: all comments have been addressed * Identity Management (DT) 1. All comments addressed * Optional security enablers 1. Comment 31 addressed Open Specifications: * Security Monitoring / Mulval Attack Path Engine 1. Comment 35 addressed_ rewriting of the page * Security monitoring / OSSIM-SIEM (ATOS) 1. Page wording has been revised in order to make clear that Atos tasks will be: 2. Configure OSSIM according with FI-WARE monitoring GE needs 3. Develop an advance service level SIEM component on top of OSSIM. This advanced SIEM is going to be delivered on future releases of the security monitoring GE * SSS (TCS) 1. Comments addressed * Identity Management (DT) 1. Comments addressed * DB Anonymizer (SAP) 1. Comments addressed * Data handling (SAP) 1. Comments addressed Best regards Daniel -------------- next part -------------- An HTML attachment was scrubbed... URL: From pascal.bisson at thalesgroup.com Wed Sep 12 11:42:47 2012 From: pascal.bisson at thalesgroup.com (BISSON Pascal) Date: Wed, 12 Sep 2012 11:42:47 +0200 Subject: [Fiware-security] FI-WARE WP8 Weekly audio conf Message-ID: <1942_1347442969_50505919_1942_18260_1_CBBCD6C304123F4AB23FAAE3055C8C0E0206D828E49E@THSONEA01CMS04P.one.grp> Quand : A lieu chaque vendredi ? compter du 14/09/2012 jusqu'au 25/04/2014 de 10:00 ? 12:00 (GMT+01:00) Bruxelles, Copenhague, Madrid, Paris. Emplacement : Meeting Room Number: 391581 Remarque : le d?calage GMT ci-dessus ne tient pas compte des r?glages de l'heure d'?t?. *~*~*~*~*~*~*~*~*~* Liste des num?ros LocalConnect: Australia Australia Toll Free 1800 005 574 Australia Sydney +61 (0) 282 239 767 Austria Vienna +43 (0) 2682 205 6609 Belgium Brussels +32 (0) 2 789 8678 Denmark Copenhagen +45 3271 4340 Finland Helsinki +358 (0) 923 142 830 France Lyon +33 (0) 426 840 285 France Marseille +33 (0) 488 915 385 France Paris +33 (0) 170 994 816 Germany Berlin +49 (0) 3072 616 7342 Germany D?sseldorf +49 (0) 2115 407 3902 Germany Frankfurt +49 (0) 6971 044 5635 Germany Hamburg +49 (0) 4080 902 0684 Germany Munich +49 (0) 8924 443 2893 Germany Stuttgart +49 (0) 7111 856 2130 Greece Greece Toll Free 0080 012 6344 Hong Kong Hong Kong +852 301 145 59 Hungary Budapest +36 (06) 1-889-3286 Ireland Dublin +353 (0) 14 860 780 Israel Israel Toll Free 1809 245 981 Italy Milan +39 0 230 413 017 Italy Rome +39 0 645 217 056 Italy Turin +39 0 112 179 2159 Japan Japan Toll Free 005 311 212 65 Japan Tokyo +81 (0) 357 675 025 Korea, Republic Of Seoul +82 (0) 234 831 224 Luxembourg Luxemburg City +352 2700 41 42 Malaysia Kuala Lumpur +60 (0) 377 124 640 Netherlands Amsterdam +31 (0) 207 948 529 New Zealand Auckland +64 (0) 9 919 2428 Norway Oslo +47 2153 3919 Poland Poland Toll Free 0080 0121 1304 Portugal Portugal Toll Free 800 814 183 Russia Russia Toll Free 81080 02209 4011 Singapore Singapore +65 6622 1068 Spain Barcelona +34 93 492 3235 Spain Madrid +34 91 788 9908 Sweden Stockholm +46 (0) 850 520 145 Switzerland Geneva +41 (0) 225 927 428 United Kingdom Birmingham +44 (0) 121 260 4686 United Kingdom London +44 (0) 207 153 9902 United Kingdom Manchester +44 (0) 161 250 0679 United States USA & Canada Toll Free 1888 249 0050 United States USA Toll +1 954 334 1559 -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: text/calendar Size: 3961 bytes Desc: not available URL: From pascal.bisson at thalesgroup.com Wed Sep 12 11:43:48 2012 From: pascal.bisson at thalesgroup.com (BISSON Pascal) Date: Wed, 12 Sep 2012 11:43:48 +0200 Subject: [Fiware-security] =?utf-8?q?Annul=C3=A9=3A_FI-WARE_WP8_Weekly_aud?= =?utf-8?q?io_conf?= Message-ID: <28664_1347443030_50505955_28664_8757_1_CBBCD6C304123F4AB23FAAE3055C8C0E0206D828E4A4@THSONEA01CMS04P.one.grp> Quand : vendredi 2 novembre 2012 10:00-12:00 (GMT+01:00) Bruxelles, Copenhague, Madrid, Paris. Emplacement : Meeting Room Number: 391581 Remarque : le d?calage GMT ci-dessus ne tient pas compte des r?glages de l'heure d'?t?. *~*~*~*~*~*~*~*~*~* Liste des num?ros LocalConnect: Australia Australia Toll Free 1800 005 574 Australia Sydney +61 (0) 282 239 767 Austria Vienna +43 (0) 2682 205 6609 Belgium Brussels +32 (0) 2 789 8678 Denmark Copenhagen +45 3271 4340 Finland Helsinki +358 (0) 923 142 830 France Lyon +33 (0) 426 840 285 France Marseille +33 (0) 488 915 385 France Paris +33 (0) 170 994 816 Germany Berlin +49 (0) 3072 616 7342 Germany D?sseldorf +49 (0) 2115 407 3902 Germany Frankfurt +49 (0) 6971 044 5635 Germany Hamburg +49 (0) 4080 902 0684 Germany Munich +49 (0) 8924 443 2893 Germany Stuttgart +49 (0) 7111 856 2130 Greece Greece Toll Free 0080 012 6344 Hong Kong Hong Kong +852 301 145 59 Hungary Budapest +36 (06) 1-889-3286 Ireland Dublin +353 (0) 14 860 780 Israel Israel Toll Free 1809 245 981 Italy Milan +39 0 230 413 017 Italy Rome +39 0 645 217 056 Italy Turin +39 0 112 179 2159 Japan Japan Toll Free 005 311 212 65 Japan Tokyo +81 (0) 357 675 025 Korea, Republic Of Seoul +82 (0) 234 831 224 Luxembourg Luxemburg City +352 2700 41 42 Malaysia Kuala Lumpur +60 (0) 377 124 640 Netherlands Amsterdam +31 (0) 207 948 529 New Zealand Auckland +64 (0) 9 919 2428 Norway Oslo +47 2153 3919 Poland Poland Toll Free 0080 0121 1304 Portugal Portugal Toll Free 800 814 183 Russia Russia Toll Free 81080 02209 4011 Singapore Singapore +65 6622 1068 Spain Barcelona +34 93 492 3235 Spain Madrid +34 91 788 9908 Sweden Stockholm +46 (0) 850 520 145 Switzerland Geneva +41 (0) 225 927 428 United Kingdom Birmingham +44 (0) 121 260 4686 United Kingdom London +44 (0) 207 153 9902 United Kingdom Manchester +44 (0) 161 250 0679 United States USA & Canada Toll Free 1888 249 0050 United States USA Toll +1 954 334 1559 -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: text/calendar Size: 3838 bytes Desc: not available URL: From pascal.bisson at thalesgroup.com Fri Sep 14 16:48:10 2012 From: pascal.bisson at thalesgroup.com (BISSON Pascal) Date: Fri, 14 Sep 2012 16:48:10 +0200 Subject: [Fiware-security] TR: [Fiware-wpl] [Fiware-wpa] OUTSMART / FI-WARE synchronization virtual meeting (call and webex details) Message-ID: <32315_1347634088_505343A8_32315_462_1_CBBCD6C304123F4AB23FAAE3055C8C0E0206D83A073B@THSONEA01CMS04P.one.grp> FYI De : fiware-wpl-bounces at lists.fi-ware.eu [mailto:fiware-wpl-bounces at lists.fi-ware.eu] De la part de Juanjo Hierro Envoy? : mercredi 5 septembre 2012 21:40 ? : fiware-wpa at lists.fi-ware.eu; fiware-wpl at lists.fi-ware.eu Objet : Re: [Fiware-wpl] [Fiware-wpa] OUTSMART / FI-WARE synchronization virtual meeting (call and webex details) Don't miss this important background info: * OUTSMART D2.3 Functional Architecture Deliverable: https://forge.fi-ware.eu/docman/view.php/7/1204/OUTSMART-D2.3-Final.pdf Cheers, ------------- Product Development and Innovation (PDI) - Telefonica Digital website: www.tid.es email: jhierro at tid.es twitter: twitter.com/JuanjoHierro FI-WARE (European Future Internet Core Platform) Chief Architect You can follow FI-WARE at: website: http://www.fi-ware.eu facebook: http://www.facebook.com/pages/FI-WARE/251366491587242 twitter: http://twitter.com/FIware linkedIn: http://www.linkedin.com/groups/FIWARE-4239932 On 05/09/12 17:36, CARLOS RALLI UCENDO wrote: Dear Colleagues, Find enclosed below the details to connect tomorrow. Please do forward to those that will be involved. Looking to the googledoc I can see the Fi-WARE testbed attendee field is empty (perhaps got deleted accidentally by someone?) and there is no proposal for a Cloud chapter attendee. Thanks, -- Inicio del mensaje reenviado: De: > Fecha: 31 de agosto de 2012 12:00:22 GMT+02:00 Para: Antonio Filograna > Cc: "BARRELLA, PIERO (PIERO)" >, "Mathieu Hutschemaekers" >, Martien Huysmans >, "torsten.leidig at sap.com" >, "jsoriano at fi.upm.es" >, "rfernandez at fi.upm.es" >, "davide.dallecarbonare at eng.it" >, "uwe.riss at sap.com" >, "h.abangar at surrey.ac.uk" >, "Thomas.Riegel at siemens.com" >, "NAGELLEN Thierry RD-BIZZ" >, ARTUSIO Laurent RD-BIZZ >, "guysh at il.ibm.com" >, "tali at il.ibm.com" >, "boris.moltchanov at telecomitalia.it" >, "pierangelo.garino at telecomitalia.it" >, "p.amon at siemens.com" >, MADHUSUDAN Giyyarpuram RD-TECH >, "levent.gurgen at cea.fr" >, "s.meissner at surrey.ac.uk" >, "boris.pokric at gmail.com" >, "mdohler at worldsensing.com" >, "lydie.desperben at coronis.com" >, "alexey.baraev at create-net.org" >, "jcuesta at tlmat.unican.es" >, "calin.curescu at Ericsson.com" >, "d.ghataoura at surrey.ac.uk" >, "maarten.los at atosresearch.eu" >, "andriy.panchenko at uni.lu" >, "jerome.francois at uni.lu" >, "pascal.bisson at thalesgroup.com" >, "daniel.gidoin at thalesgroup.com" >, "mirko.presser at alexandra.dk" >, "alhj at tid.es" >, stefano de panfilis >, "GALLISSOT Mathieu 234683" >, "Hans.Einsiedler at telekom.de" >, Roberto Di Bernardo >, GRATTARD Gilles RD-BIZZ >, "k.moessner at surrey.ac.uk" >, "ralli at tid.es" >, "jhierro at tid.es" >, "Goldacker, Gabriele" > Asunto: final call and webex details: RE: OUTSMART / FI-WARE synchronization - finding a date for the OUTSMART software architecture review Dear all, Could you please confirmed before today 4:00PM your participation to this meeting, by adding your name (with a mention webex, in case you'll participate remotely) on this shared document: https://docs.google.com/spreadsheet/ccc?key=0AobKeqMq4hM-dFJFdWtIWEJ0Vk95ckFLQkk5U28zLUE#gid=8 I'll book WiFi connection for those registered at that time. Juanjo, could you please forward my message to FIWARE chapter leaders and architects for them to register or appoint a representative of their chapter has you've agreed at our last FI-PPP Architecture Board meeting. Thank you very much. Here are the WebEx identifiers for connecting remotely ------------------------------------------------------- Meeting information ------------------------------------------------------- Topic: OUTSMART -FIWARE synchronisation Date: Thursday 6 September 2012 Time: 8:30, Europe Summer Time (Paris, GMT+02:00) Meeting Number: 709 850 195 Meeting Password: Outsmart123 ------------------------------------------------------- To start or join the online meeting ------------------------------------------------------- Go to https://cea.webex.com/cea-en/j.php?ED=222415942&UID=257057&PW=NMDNkMWFiNjdi&RT=NyMyMw%3D%3D ------------------------------------------------------- Audio conference information ------------------------------------------------------- To receive a call back, provide your phone number when you join the meeting, or call the number below and enter the access code. France Num?ro local: +33 17091 8646 Access code:709 850 195 ------------------------------------------------------- For assistance ------------------------------------------------------- 1. Go to https://cea.webex.com/cea-en/mc 2. On the left navigation bar, click "Support". To check whether you have the appropriate players installed for UCF (Universal Communications Format) rich media files, go to https://cea.webex.com/cea-en/systemdiagnosis.php. http://www.webex.com Thank you to Levent for setting up this WebEx session. Best regards, Fano ________________________________ Este mensaje se dirige exclusivamente a su destinatario. Puede consultar nuestra pol?tica de env?o y recepci?n de correo electr?nico en el enlace situado m?s abajo. This message is intended exclusively for its addressee. We only send and receive email on the basis of the terms set out at: http://www.tid.es/ES/PAGINAS/disclaimer.aspx _______________________________________________ Fiware-wpa mailing list Fiware-wpa at lists.fi-ware.eu http://lists.fi-ware.eu/listinfo/fiware-wpa ________________________________ Este mensaje se dirige exclusivamente a su destinatario. Puede consultar nuestra pol?tica de env?o y recepci?n de correo electr?nico en el enlace situado m?s abajo. This message is intended exclusively for its addressee. We only send and receive email on the basis of the terms set out at: http://www.tid.es/ES/PAGINAS/disclaimer.aspx -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- An embedded and charset-unspecified text was scrubbed... Name: ATT00001.txt URL: From pascal.bisson at thalesgroup.com Mon Sep 17 18:59:02 2012 From: pascal.bisson at thalesgroup.com (BISSON Pascal) Date: Mon, 17 Sep 2012 18:59:02 +0200 Subject: [Fiware-security] FI-WARE WP8 - Minutes of last Audio conf Message-ID: <14568_1347901155_505756E3_14568_7241_1_80fb3d14-b1de-4383-9467-90550794bed5@THSONEA01HUB04P.one.grp> Now available at : https://forge.fi-ware.eu/docman/view.php/19/1312/FI-WARE_WP8_Minutes_14_09_12.doc Please notice our next audio conference would on Monday 17 September 9am-11am due to a meeting I have to attend on Friday and that force me to cancel our audio conf of this week. Apologize for the inconvenience. Best Regards, Pascal -------------- next part -------------- An HTML attachment was scrubbed... URL: From pascal.bisson at thalesgroup.com Mon Sep 17 19:00:58 2012 From: pascal.bisson at thalesgroup.com (BISSON Pascal) Date: Mon, 17 Sep 2012 19:00:58 +0200 Subject: [Fiware-security] FI-WARE WP8 Weekly audio conf Message-ID: <14568_1347901265_50575751_14568_7318_1_CBBCD6C304123F4AB23FAAE3055C8C0E0206D8401DEC@THSONEA01CMS04P.one.grp> Quand : lundi 24 septembre 2012 09:00-11:00 (GMT+01:00) Bruxelles, Copenhague, Madrid, Paris. Emplacement : Meeting Room Number: 391581 Remarque : le d?calage GMT ci-dessus ne tient pas compte des r?glages de l'heure d'?t?. *~*~*~*~*~*~*~*~*~* Liste des num?ros LocalConnect: Australia Australia Toll Free 1800 005 574 Australia Sydney +61 (0) 282 239 767 Austria Vienna +43 (0) 2682 205 6609 Belgium Brussels +32 (0) 2 789 8678 Denmark Copenhagen +45 3271 4340 Finland Helsinki +358 (0) 923 142 830 France Lyon +33 (0) 426 840 285 France Marseille +33 (0) 488 915 385 France Paris +33 (0) 170 994 816 Germany Berlin +49 (0) 3072 616 7342 Germany D?sseldorf +49 (0) 2115 407 3902 Germany Frankfurt +49 (0) 6971 044 5635 Germany Hamburg +49 (0) 4080 902 0684 Germany Munich +49 (0) 8924 443 2893 Germany Stuttgart +49 (0) 7111 856 2130 Greece Greece Toll Free 0080 012 6344 Hong Kong Hong Kong +852 301 145 59 Hungary Budapest +36 (06) 1-889-3286 Ireland Dublin +353 (0) 14 860 780 Israel Israel Toll Free 1809 245 981 Italy Milan +39 0 230 413 017 Italy Rome +39 0 645 217 056 Italy Turin +39 0 112 179 2159 Japan Japan Toll Free 005 311 212 65 Japan Tokyo +81 (0) 357 675 025 Korea, Republic Of Seoul +82 (0) 234 831 224 Luxembourg Luxemburg City +352 2700 41 42 Malaysia Kuala Lumpur +60 (0) 377 124 640 Netherlands Amsterdam +31 (0) 207 948 529 New Zealand Auckland +64 (0) 9 919 2428 Norway Oslo +47 2153 3919 Poland Poland Toll Free 0080 0121 1304 Portugal Portugal Toll Free 800 814 183 Russia Russia Toll Free 81080 02209 4011 Singapore Singapore +65 6622 1068 Spain Barcelona +34 93 492 3235 Spain Madrid +34 91 788 9908 Sweden Stockholm +46 (0) 850 520 145 Switzerland Geneva +41 (0) 225 927 428 United Kingdom Birmingham +44 (0) 121 260 4686 United Kingdom London +44 (0) 207 153 9902 United Kingdom Manchester +44 (0) 161 250 0679 United States USA & Canada Toll Free 1888 249 0050 United States USA Toll +1 954 334 1559 -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: text/calendar Size: 4329 bytes Desc: not available URL: From pascal.bisson at thalesgroup.com Mon Sep 17 19:03:36 2012 From: pascal.bisson at thalesgroup.com (BISSON Pascal) Date: Mon, 17 Sep 2012 19:03:36 +0200 Subject: [Fiware-security] TR: FI-WARE WP8 - Minutes of last Audio conf Message-ID: <14568_1347901423_505757EF_14568_7486_1_CBBCD6C304123F4AB23FAAE3055C8C0E0206D8401DF5@THSONEA01CMS04P.one.grp> Just to correct that our next audio conference would be on Monday 24 9:00am-11am in replacement of the one scheduled this week on Friday 21 that I'm forced to cancel. Apologize for the dates which were wrongly stated I my previous email. BR Pascal De : BISSON Pascal Envoy? : lundi 17 septembre 2012 18:59 ? : fiware-security at lists.fi-ware.eu Cc : BISSON Pascal Objet : FI-WARE WP8 - Minutes of last Audio conf Now available at : https://forge.fi-ware.eu/docman/view.php/19/1312/FI-WARE_WP8_Minutes_14_09_12.doc Please notice our next audio conference would on Monday 17 September 9am-11am due to a meeting I have to attend on Friday and that force me to cancel our audio conf of this week. Apologize for the inconvenience. Best Regards, Pascal -------------- next part -------------- An HTML attachment was scrubbed... URL: From pascal.bisson at thalesgroup.com Thu Sep 20 16:25:48 2012 From: pascal.bisson at thalesgroup.com (BISSON Pascal) Date: Thu, 20 Sep 2012 16:25:48 +0200 Subject: [Fiware-security] FI-WARE - Shared documents new folder - please pay attention to document already uploaded Message-ID: <18964_1348151164_505B277C_18964_17775_1_63b0bb7a-6275-4d6f-84ac-e71e4dd38a70@THSONEA01HUB03P.one.grp> Dear All, This just to let you know that on Security folder on the Forge I created a new folder called "Shared documents" where I put the following documents: 1. Minutes of the OUTSMART-FI-WARE Meeting hold on September 6th and where Daniel was representing WP8/Security Chapter: https://forge.fi-ware.eu/docman/view.php/19/1316/OUTSMARTArchitectureReviewMeeting+mod+ALU.zip ? Please have a look and send me and Daniel any comments you may have. Of course would be re-addressed at next audio since we have to continue supporting OUTSMART in understanding and making use of GE they are interested in. Also learn from additional reqts they have formulated to see what to answer and actions to be performed 2. The draft version of validation process under preparation within WP10 (Testbed) https://forge.fi-ware.eu/docman/view.php/19/1317/2012-09-10-M18_validation_process_and_template_v2.doc Once more all have a look and especially Tasks leads and GE owners provide me with your comments/feedback asap. I remind you here that the validation process would be also the one used by UC to assess & validate our GEs (also report). Also a document we would discuss together based on your feedback at our next audio conf (on Monday) >From your side and if you see documents worth to be shared among the Security team please use this newly created folder to upload them. Best Regards, Pascal -------------- next part -------------- An HTML attachment was scrubbed... URL: From pascal.bisson at thalesgroup.com Fri Sep 21 15:15:28 2012 From: pascal.bisson at thalesgroup.com (BISSON Pascal) Date: Fri, 21 Sep 2012 15:15:28 +0200 Subject: [Fiware-security] FI-WARE WP8 Weekly audio conf Message-ID: <12300_1348233341_505C687D_12300_4160_1_CBBCD6C304123F4AB23FAAE3055C8C0E0206D859674E@THSONEA01CMS04P.one.grp> Quand : lundi 24 septembre 2012 09:30-11:30 (GMT+01:00) Bruxelles, Copenhague, Madrid, Paris. Emplacement : Meeting Room Number: 391581 Remarque : le d?calage GMT ci-dessus ne tient pas compte des r?glages de l'heure d'?t?. *~*~*~*~*~*~*~*~*~* Liste des num?ros LocalConnect: Australia Australia Toll Free 1800 005 574 Australia Sydney +61 (0) 282 239 767 Austria Vienna +43 (0) 2682 205 6609 Belgium Brussels +32 (0) 2 789 8678 Denmark Copenhagen +45 3271 4340 Finland Helsinki +358 (0) 923 142 830 France Lyon +33 (0) 426 840 285 France Marseille +33 (0) 488 915 385 France Paris +33 (0) 170 994 816 Germany Berlin +49 (0) 3072 616 7342 Germany D?sseldorf +49 (0) 2115 407 3902 Germany Frankfurt +49 (0) 6971 044 5635 Germany Hamburg +49 (0) 4080 902 0684 Germany Munich +49 (0) 8924 443 2893 Germany Stuttgart +49 (0) 7111 856 2130 Greece Greece Toll Free 0080 012 6344 Hong Kong Hong Kong +852 301 145 59 Hungary Budapest +36 (06) 1-889-3286 Ireland Dublin +353 (0) 14 860 780 Israel Israel Toll Free 1809 245 981 Italy Milan +39 0 230 413 017 Italy Rome +39 0 645 217 056 Italy Turin +39 0 112 179 2159 Japan Japan Toll Free 005 311 212 65 Japan Tokyo +81 (0) 357 675 025 Korea, Republic Of Seoul +82 (0) 234 831 224 Luxembourg Luxemburg City +352 2700 41 42 Malaysia Kuala Lumpur +60 (0) 377 124 640 Netherlands Amsterdam +31 (0) 207 948 529 New Zealand Auckland +64 (0) 9 919 2428 Norway Oslo +47 2153 3919 Poland Poland Toll Free 0080 0121 1304 Portugal Portugal Toll Free 800 814 183 Russia Russia Toll Free 81080 02209 4011 Singapore Singapore +65 6622 1068 Spain Barcelona +34 93 492 3235 Spain Madrid +34 91 788 9908 Sweden Stockholm +46 (0) 850 520 145 Switzerland Geneva +41 (0) 225 927 428 United Kingdom Birmingham +44 (0) 121 260 4686 United Kingdom London +44 (0) 207 153 9902 United Kingdom Manchester +44 (0) 161 250 0679 United States USA & Canada Toll Free 1888 249 0050 United States USA Toll +1 954 334 1559 -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: text/calendar Size: 4712 bytes Desc: not available URL: From pascal.bisson at thalesgroup.com Fri Sep 21 15:15:52 2012 From: pascal.bisson at thalesgroup.com (BISSON Pascal) Date: Fri, 21 Sep 2012 15:15:52 +0200 Subject: [Fiware-security] FI-WARE WP8 Weekly audio conf Message-ID: <12254_1348233366_505C6896_12254_339_1_CBBCD6C304123F4AB23FAAE3055C8C0E0206D8596751@THSONEA01CMS04P.one.grp> Quand : lundi 24 septembre 2012 09:30-11:00 (GMT+01:00) Bruxelles, Copenhague, Madrid, Paris. Emplacement : Meeting Room Number: 391581 Remarque : le d?calage GMT ci-dessus ne tient pas compte des r?glages de l'heure d'?t?. *~*~*~*~*~*~*~*~*~* Liste des num?ros LocalConnect: Australia Australia Toll Free 1800 005 574 Australia Sydney +61 (0) 282 239 767 Austria Vienna +43 (0) 2682 205 6609 Belgium Brussels +32 (0) 2 789 8678 Denmark Copenhagen +45 3271 4340 Finland Helsinki +358 (0) 923 142 830 France Lyon +33 (0) 426 840 285 France Marseille +33 (0) 488 915 385 France Paris +33 (0) 170 994 816 Germany Berlin +49 (0) 3072 616 7342 Germany D?sseldorf +49 (0) 2115 407 3902 Germany Frankfurt +49 (0) 6971 044 5635 Germany Hamburg +49 (0) 4080 902 0684 Germany Munich +49 (0) 8924 443 2893 Germany Stuttgart +49 (0) 7111 856 2130 Greece Greece Toll Free 0080 012 6344 Hong Kong Hong Kong +852 301 145 59 Hungary Budapest +36 (06) 1-889-3286 Ireland Dublin +353 (0) 14 860 780 Israel Israel Toll Free 1809 245 981 Italy Milan +39 0 230 413 017 Italy Rome +39 0 645 217 056 Italy Turin +39 0 112 179 2159 Japan Japan Toll Free 005 311 212 65 Japan Tokyo +81 (0) 357 675 025 Korea, Republic Of Seoul +82 (0) 234 831 224 Luxembourg Luxemburg City +352 2700 41 42 Malaysia Kuala Lumpur +60 (0) 377 124 640 Netherlands Amsterdam +31 (0) 207 948 529 New Zealand Auckland +64 (0) 9 919 2428 Norway Oslo +47 2153 3919 Poland Poland Toll Free 0080 0121 1304 Portugal Portugal Toll Free 800 814 183 Russia Russia Toll Free 81080 02209 4011 Singapore Singapore +65 6622 1068 Spain Barcelona +34 93 492 3235 Spain Madrid +34 91 788 9908 Sweden Stockholm +46 (0) 850 520 145 Switzerland Geneva +41 (0) 225 927 428 United Kingdom Birmingham +44 (0) 121 260 4686 United Kingdom London +44 (0) 207 153 9902 United Kingdom Manchester +44 (0) 161 250 0679 United States USA & Canada Toll Free 1888 249 0050 United States USA Toll +1 954 334 1559 -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: text/calendar Size: 4712 bytes Desc: not available URL: From pascal.bisson at thalesgroup.com Tue Sep 25 18:31:23 2012 From: pascal.bisson at thalesgroup.com (BISSON Pascal) Date: Tue, 25 Sep 2012 18:31:23 +0200 Subject: [Fiware-security] Peer review of I2ND Chapter Message-ID: <19871_1348590702_5061DC6E_19871_11266_1_CBBCD6C304123F4AB23FAAE3055C8C0E0206D86D2321@THSONEA01CMS04P.one.grp> Hi Robert, As you know we (Thales) already peer-reviewed and provided comments Data Chapter. Regarding second round which was launched I decided to appoint NSN to review I2ND Chapter (Architecture and Open Specifications). As such I would appreciate if you could proceed with this review and fill in the attached form with your comments in order to have them provided to the I2ND Chapter's lead. I would need your review by Thursday EOB in order to have it discussed at Friday's audio. Counting on you to have this review performed and organized with your colleagues. Many thanks in advance for your cooperation and support Best Regards, Pascal PS: Useless to say that any on the list having checked I2ND Chapter could also contribute its review comments to Robert that will consolidate. -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: FI-WARE Peer-Review Form 12-09-05.docx Type: application/vnd.openxmlformats-officedocument.wordprocessingml.document Size: 215384 bytes Desc: FI-WARE Peer-Review Form 12-09-05.docx URL: From pascal.bisson at thalesgroup.com Wed Sep 26 14:59:02 2012 From: pascal.bisson at thalesgroup.com (BISSON Pascal) Date: Wed, 26 Sep 2012 14:59:02 +0200 Subject: [Fiware-security] TR: [Fiware-wpa] Security aspects and access control to FI-WARE GEs deployed on the FI-WARE Testbed Message-ID: <25988_1348664363_5062FC2B_25988_11190_1_9cbb27b7-d78c-4bcf-945a-3c92eb62a3d4@THSONEA01HUB03P.one.grp> FYI We will re-address this email and demand that came to us at our WP8 audio conf of Friday. Also to be further discussed in the context of Access Control GE we had in mind for Second Major Release of FI-WARE. As said next week Daniel and I will organize an audio conf to debrief on OUTSMART - FI-WARE meeting where access control reqts where also reported. Keep you posted and talk with you on Friday. Best Regards, Pascal De : Juanjo Hierro [mailto:jhierro at tid.es] Envoy? : mardi 25 septembre 2012 18:59 ? : BISSON Pascal; GIDOIN Daniel; fiware-wpa at lists.fi-ware.eu; stefano de panfilis; robert.seidl at nsn.com; Wolfgang.Steigerwald at telekom.de; jhierro >> "Juan J. Hierro" Objet : Re: [Fiware-wpa] Security aspects and access control to FI-WARE GEs deployed on the FI-WARE Testbed Hi, Thanks to all who attended for the productive confcall. I hope it has helped to put things in the right perspective and understand that it is critical that we tackle the development of all the components that are needed to provide a full framework that supports OAuth2.0-based authenticated access control to APIs provided by any kind of FI-WARE GE. I have updated the slide that I brought for the discussion and shared it with all participants. It is slide 5 in the shared slides in google docs that we have used, which is the one which basically would summarize how OAuth2.0 would be used. I have also write down some notes on slide 4 based on our discussion: https://docs.google.com/presentation/d/1FyaGSaoBif5Avv-Li3m1X6bopk-deG8_OoNC0jYCl0A/edit#slide=id.gfcfffda_2_11 From my perspective, and this is not the first time I have said this but probably not strong enough, I believe that providing all the pieces that are still missing to provide a complete OAuth2.0 framework is critical and one of the tasks we should assign the highest priority for Release 2 of FI-WARE. I believe the whole FI-WARE will be criticized (indeed I would) if we cannot provide such support to FI-PPP Trials in phase 2. I have marked on red in slide 5 the pieces that I'm afraid are missing (not just with circles but in the text). I hope we will plan their development as part of the roadmap of the Security Chapter. One point that we didn't discuss during the confcall but I believe it is also rather important to bear in mind is that we should address development of the Access Control GE in a way that it may also serve for accounting the usage of APIs (accounting of access, you can see this that way). That would pave the way for going the next step beyond and enable to support pay-per-use schemas linked to usage of FI-WARE GE APIs. Usage "CDRs" can be transmitted to the Revenue Share System in the Apps Chapter by the Access Control GE, in order to implement calculation of revenues. Given said all this, we now have to give a response to the UC projects regarding what we can deliver in the short term. In this respect, I would go for the following: * Promise them a paper that will describe the OAuth2.0 framework we aim to support. It doesn't need to be a paper that brings all the details but at least explain what we have in mind (I see this as an elaboration of slides 4 and 5 in the shared presentation). I would rather like to see a first draft of this paper presented during the next virtual FI-PPP AB meeting scheduled on October 18. Furthermore, It would be nice to provide some insights or sketch of the envisioned architecture in the FI-WARE FAQ even earlier to that date. This would be important because the different proposers of UC Trials in the second phase are monitoring this FAQ to design their proposals in a way that they can align with the FI-WARE Vision (see http://forge.fi-ware.eu/plugins/mediawiki/wiki/fiware/index.php/FI-WARE_FAQ). Then, afterwards, we can refine it as part of the contributions from the Security Chapter to the FI-WARE Technical Whitepaper we have asked to develop. A document that we should try to plan delivering for sure before the next project review (i.e., should be available end of October). * Find a quick&dirty solution that we may offer to the UC projects in order to implement their Proof of Concepts that can workaround their control access problems. This is something I have already asked Miguel, as proxy of the FI-WARE Testbed team in the meeting, to look for. Anyway, I believe this is not a major issue and we should come with some solution in the coming days. We would state that the final solution will come with the Second Release of FI-WARE, but therefore will arrive late for their Proof of Concepts. I hope we can agree, please confirm or provide feedback. This is a quite important issue to address properly in the Second Release of FI-WARE. Best regards, -- Juanjo ------------- Product Development and Innovation (PDI) - Telefonica Digital website: www.tid.es email: jhierro at tid.es twitter: twitter.com/JuanjoHierro FI-WARE (European Future Internet Core Platform) Chief Architect You can follow FI-WARE at: website: http://www.fi-ware.eu facebook: http://www.facebook.com/pages/FI-WARE/251366491587242 twitter: http://twitter.com/FIware linkedIn: http://www.linkedin.com/groups/FIWARE-4239932 On 25/09/12 08:46, Juanjo Hierro wrote: Hi, Just to make sure that we all arrive with the same understanding and expectations to the meeting this afternoon ... I expect that the Security team will come with several alternative ideas we can adopt to solve the question raised by the UC projects. In this respect, I also expect/hope that the Security team will share with us some slides that may help us to understand how they propose that UC projects set up their architecture relying on GEs available on the FI-WARE Testbed. The scenario we want to solve is pretty simple: UC project applications need to invoke APIs provided by some GEs available on the FI-WARE Testbed (just consider the Pub/Sub Broker GE or the Complex Event Processing GE). They need to invoke those APIs from applications that are a) hosted in the FI-WARE Testbed, b) hosted somewhere else, remotely or even c) running on smartphones. They need to do so in a secured way and we also want that no one can invoke APIs exported by our GEs running on the FI-WARE Testbed if it doesn't have the necessary credentials. One issue to solve here is that the GEs that export APIs are not dealing with authentication or management credentials themselves. APIs have mostly been implemented assuming they are invoked by clients with the right credentials. Therefore, I guess we need to co-locate some proxy that intercepts requests in the first place, validate them using some authentication mechanism (OAuth ? here is where I'm looking for your recommendation) and, based on results of such validation, forward the request to the GE instance or reject it (probably reporting to the Security Monitoring GE about a potential risk of attack). I would like to see a sketch of the reference architecture for this simple and critical scenario, where we can envision what pieces (GEs, other auxiliary software) we have to place where. One thing I would like you to bring ideas about is that I would like to approach the target architecture in a way that helps us to perform some accountability about usage of APIs. This may be helpful to integrate with the business framework and support scenarios where a pay-per-use(-of-API) kind of monetization is applied for some GEs. Hope it helps to introduce the meeting this afternoon. For sharing slides, we can use https://join.me You just need to download a very small client application on your windows or mac and then run it locally. It would allow you to share your desktop and generate an URI that you will send to rest of attendees to watch your desktop in their browsers. Depending on the complexity of the slides to be share, it would also be a rather great idea to upload the slides into google docs and produce a shared google docs presentation. This would allow us to share changes in the slides dynamically while we discuss, using it like some sort of whiteboard/blackboard. I have created a blank presentation at: https://docs.google.com/presentation/d/1FyaGSaoBif5Avv-Li3m1X6bopk-deG8_OoNC0jYCl0A/edit#slide=id.p You can try uploading some of your slides by means of clicking on File->Import Slides ... don't worry if the results are not "pretty printable", what matters is that we can play with the shapes, boxes, arrows, etc of any architecture sketch you want to share with us. Thanks, -- Juanjo ------------- Product Development and Innovation (PDI) - Telefonica Digital website: www.tid.es email: jhierro at tid.es twitter: twitter.com/JuanjoHierro FI-WARE (European Future Internet Core Platform) Chief Architect You can follow FI-WARE at: website: http://www.fi-ware.eu facebook: http://www.facebook.com/pages/FI-WARE/251366491587242 twitter: http://twitter.com/FIware linkedIn: http://www.linkedin.com/groups/FIWARE-4239932 On 20/09/12 12:22, JUAN JOSE HIERRO SUREDA wrote: Event Invitation Title: Security aspects and access control to FI-WARE GEs deployed on the FI-WARE Testbed Location: When: 25 de septiembre de 2012 14:00 - 16:30 Organizer: JUAN JOSE HIERRO SUREDA Description: When: Tuesday, September 25, 2012 2:00 PM-4:30 PM. (UTC+01:00) Brussels, Copenhagen, Madrid, Paris We'll use powwownow. PIN: 050662. Local dial-in phone numbers at: http://pdf.powwownow.com/pdf/USA_en_pwn-dial-in-numbers.pdf We can use https://join.me> for sharing the screen Background info: one of the issues that were discussed during the last FI-PPP Architecture Board was the issue about access control to APIs exported by FI-WARE GEs deployed on the FI-WARE Testbed. As per know, we are simply applying a filtering on IP addresses that can access to APIs exported by FI-WARE GEs. However, this is not suitable for scenarios where the IP address from which access will be requested in advance (e.g, access from mobile smartphones). A more smart/flexible approach should be feasible relying on the Identity Management GE that should enable filtering not based on the IP addresses but the authenticated entity on behalf requests to APIs are issued. We need to establish a recommendation about how the Use Case projects should design their architecture of their PoC in order to implement an authenticated and single sign-on access architecture to APIs based on the Identity Management GEs. Such recommendation may help to enrich documentation of the FI-WARE Reference Architecture. I believe that this, far to be a problem, is an opportunity to push usage of Identity Management GEs by Use Case Projects. ________________________________ Este mensaje se dirige exclusivamente a su destinatario. Puede consultar nuestra pol?tica de env?o y recepci?n de correo electr?nico en el enlace situado m?s abajo. This message is intended exclusively for its addressee. We only send and receive email on the basis of the terms set out at: http://www.tid.es/ES/PAGINAS/disclaimer.aspx Comment: Attendees: BISSON Pascal GIDOIN Daniel fiware-wpa at lists.fi-ware.eu stefano de panfilis robert.seidl at nsn.com Wolfgang.Steigerwald at telekom.de _______________________________________________ Fiware-wpa mailing list Fiware-wpa at lists.fi-ware.eu http://lists.fi-ware.eu/listinfo/fiware-wpa ________________________________ Este mensaje se dirige exclusivamente a su destinatario. Puede consultar nuestra pol?tica de env?o y recepci?n de correo electr?nico en el enlace situado m?s abajo. This message is intended exclusively for its addressee. We only send and receive email on the basis of the terms set out at: http://www.tid.es/ES/PAGINAS/disclaimer.aspx _______________________________________________ Fiware-wpa mailing list Fiware-wpa at lists.fi-ware.eu http://lists.fi-ware.eu/listinfo/fiware-wpa ________________________________ Este mensaje se dirige exclusivamente a su destinatario. Puede consultar nuestra pol?tica de env?o y recepci?n de correo electr?nico en el enlace situado m?s abajo. This message is intended exclusively for its addressee. We only send and receive email on the basis of the terms set out at: http://www.tid.es/ES/PAGINAS/disclaimer.aspx -------------- next part -------------- An HTML attachment was scrubbed... URL: From pascal.bisson at thalesgroup.com Fri Sep 28 10:06:46 2012 From: pascal.bisson at thalesgroup.com (BISSON Pascal) Date: Fri, 28 Sep 2012 10:06:46 +0200 Subject: [Fiware-security] AUdio conf will open in a minute Message-ID: <9668_1348819825_50655B71_9668_7520_1_CBBCD6C304123F4AB23FAAE3055C8C0E0206D87DDEE6@THSONEA01CMS04P.one.grp> Will open in a minute apologize for the small delay. Best Regards, Pascal -------------- next part -------------- An HTML attachment was scrubbed... URL: From jhierro at tid.es Fri Sep 28 15:47:14 2012 From: jhierro at tid.es (Juanjo Hierro) Date: Fri, 28 Sep 2012 15:47:14 +0200 Subject: [Fiware-security] Fwd: Re: Concord CROWD server In-Reply-To: <5065A73F.4040701@tid.es> References: <5065A73F.4040701@tid.es> Message-ID: <5065AA62.9060001@tid.es> Hi all, I'm forwarding you a recent discussion that has taken place over the FI-PPP ab mailing list. Essentially, one of the Use Case projects (ENVIROFI) is looking for a single sign-on solution plus a solution that supports creation and management of user accounts. They have just found that the CONCORD guys are offering a service called CROWD that apparently serve their purpose or looks attractive enough to seek for further exploration. As you see, I have raised the question about why they believe that what the FI-WARE Identity Management GE provides is not enough ... However, it would be great that you participate in the discussion and help to solve it given the detailed answers to whatever question they may have. Could you point whom should I add to the discussion ? Is this something for which we don't provide all the necessary pieces ? Cheers, -- Juanjo ------------- Product Development and Innovation (PDI) - Telefonica Digital website: www.tid.es email: jhierro at tid.es twitter: twitter.com/JuanjoHierro FI-WARE (European Future Internet Core Platform) Chief Architect You can follow FI-WARE at: website: http://www.fi-ware.eu facebook: http://www.facebook.com/pages/FI-WARE/251366491587242 twitter: http://twitter.com/FIware linkedIn: http://www.linkedin.com/groups/FIWARE-4239932 -------- Original Message -------- Subject: Re: Concord CROWD server Date: Fri, 28 Sep 2012 15:33:51 +0200 From: Juanjo Hierro To: Salo Juha CC: Havlik Denis , Humer Susanna , Susanna Avessta , Pauli Kuosmanen , "jhierro >> \"Juan J. Hierro\"" Hi Denis, I may be wrong but ... could you elaborate on what was missing in the FI-WARE Identity Management GE in order to solve your problem ? Best regards, -- Juanjo ------------- Product Development and Innovation (PDI) - Telefonica Digital website: www.tid.es email: jhierro at tid.es twitter: twitter.com/JuanjoHierro FI-WARE (European Future Internet Core Platform) Chief Architect You can follow FI-WARE at: website: http://www.fi-ware.eu facebook: http://www.facebook.com/pages/FI-WARE/251366491587242 twitter: http://twitter.com/FIware linkedIn: http://www.linkedin.com/groups/FIWARE-4239932 On 28/09/12 13:36, Salo Juha wrote: Hello, I was thinking to reply when we have more information about the hosting of Atlassian tools, but I think it would be informative to let know what is going on even without full details. I'll answer inline if you may. On 20 Sep, 2012, at 15:41 , Susanna Avessta wrote: @Juha: Do you see any issues in principle for using Crowd really at large like mentioned below? Crowd supports unlimited number of users ( http://www.atlassian.com/software/crowd/learn/faq#FAQs-Howmanyuserdirectories ), and the restriction is set by the license. Currently, our license for Atlassian software is set for unlimited number of users. Other considerations that I can quickly think of relate to performance and policies. Currently, we are evaluating different hosting solutions for Atlassian software with Susanna and our focus is now on a dedicated server only to be used with Atlassian software. Since this task is currently in progress, we will come back to this question after we have settled some open questions first. About policies, which relates to answers below, it should be thought out who can have access to the user information. For instance, it appears that to change OpenID settings, adding and changing groups requires administrator rights to Crowd. This means, that the administrator have access to all the user information in Crowd. However, Crowd supports different scenarios for directories. You could have your own OpenLDAP instance for example that could be under your control, and then Crowd would connect to your OpenLDAP directory and while being a centralized point of entry. From: Havlik Denis [mailto:Denis.Havlik at ait.ac.at] Sent: 20 September 2012 14:25 To: Susanna Avessta Cc: 'Jose Lorenzo Mon'; Juanjo Hierro (jhierro at tid.es) Subject: Concord CROWD server ... 1) Can you assure the availability of this service for a couple of year after the project end? 2) could we use this system for SSO on various ENVIROFI web sites? (for our team) There seems to be two ways of achieving SSO ( https://confluence.atlassian.com/display/CROWD/Overview+of+SSO ). We currently use the first method between Crowd and Confluence that is based on a Web-browser cookie and only works under the same domain (in our case, *.fi-ppp.eu). The second method relies on OpenID. I am not that familiar yet with OpenID (in the Atlassian world, CrowdID means OpenID provider), but seems like SSO can be achieved using CrowdID ( https://confluence.atlassian.com/display/CROWD/Overview+of+SSO - "SSO Beyound the Firewall"). Currently the new services (Crowd, Confluence) are under test use. We would like to establish Atlassian software on a solid ground first, including all the policies and processes related to specifically to user management, before enabling CrowdID. However, to get things rolling, we could test how the Crowd would work by enabling it on a testing server? 3) could we even use it for management of the users of our application prototypes? (that would potentially be a large number, so self-provision and assuring they don't get access to wrong applications would be important.) If I understood the question correct, I think you would need some kind of a way to connect to Crowd from your applications to ask about whether the user has sufficient rights. Crowd supports connectors ( https://developer.atlassian.com/display/CROWDDEV/Crowd+Remote+API+Reference and https://confluence.atlassian.com/display/CROWD/Integrating+Crowd+with+a+Custom+Application ). Maybe we could make this connector to your applications to work based on groups. For instance, we could have Application1-users and Application2-users groups, and if we want a user to access both the first and the second application, we would add the user to these groups. Or, create a separate connector for each of your applications. Here is a list of already supported applications: https://confluence.atlassian.com/display/CROWD/Supported+Applications+and+Directories On 25 Sep, 2012, at 13:41 , Havlik Denis wrote: OK, here is something to get us started: 1) we are about to set up an Drupal service for ENVIROFI catalogue. 2) I would like to use your server for identity management (Drupal supports OpenID). 3) I'm putting Susanna and Susanna together now, and expect to get 2 out of it. 1. Possiblity to use the CROWD server as our user mgm. Backend for this drupal instance. 2. Drupal instance able to take advantage of this. If we are going to use OpenID, I think in this instance you set groups and permissions in Drupal - Crowd handles the login. However, there might be more to this, I am not yet that familiar with OpenID/CrowdID. Susanna x2, could you pls. see how this is done without me now? Just tell me "it works, here is how to use it", don't need more details. :) Oops :) How does this sound? Maybe we could have a chat on Skype and further elaborate what is needed and when? Best Regards, Juha Salo, Susanna Avessta ________________________________ Este mensaje se dirige exclusivamente a su destinatario. Puede consultar nuestra pol?tica de env?o y recepci?n de correo electr?nico en el enlace situado m?s abajo. This message is intended exclusively for its addressee. We only send and receive email on the basis of the terms set out at: http://www.tid.es/ES/PAGINAS/disclaimer.aspx -------------- next part -------------- An HTML attachment was scrubbed... URL: From pascal.bisson at thalesgroup.com Fri Sep 28 17:10:02 2012 From: pascal.bisson at thalesgroup.com (BISSON Pascal) Date: Fri, 28 Sep 2012 17:10:02 +0200 Subject: [Fiware-security] Fwd: Re: Concord CROWD server In-Reply-To: <5065AA62.9060001@tid.es> References: <5065A73F.4040701@tid.es> <5065AA62.9060001@tid.es> Message-ID: <3305_1348845025_5065BDE1_3305_3093_1_CBBCD6C304123F4AB23FAAE3055C8C0E0206D882578D@THSONEA01CMS04P.one.grp> Hi Juanjo, Thanks to inform us also about this. As you know since this relate to IdM GE please consider Robert and Wolfgang in cc as main contact persons to get involved on this threat of discussion and figure why CONCORD think IdM GE solutions we have released is not answering their needs. Do think this worth to know in view of IdM GE potential evolution for next release. Of course you could also put me and Daniel to be kept in the loop and this how this evolved and step in necessary. Best Regards, Pascal De : fiware-security-bounces at lists.fi-ware.eu [mailto:fiware-security-bounces at lists.fi-ware.eu] De la part de Juanjo Hierro Envoy? : vendredi 28 septembre 2012 15:47 ? : Fiware-security at lists.fi-ware.eu Objet : [Fiware-security] Fwd: Re: Concord CROWD server Hi all, I'm forwarding you a recent discussion that has taken place over the FI-PPP ab mailing list. Essentially, one of the Use Case projects (ENVIROFI) is looking for a single sign-on solution plus a solution that supports creation and management of user accounts. They have just found that the CONCORD guys are offering a service called CROWD that apparently serve their purpose or looks attractive enough to seek for further exploration. As you see, I have raised the question about why they believe that what the FI-WARE Identity Management GE provides is not enough ... However, it would be great that you participate in the discussion and help to solve it given the detailed answers to whatever question they may have. Could you point whom should I add to the discussion ? Is this something for which we don't provide all the necessary pieces ? Cheers, -- Juanjo ------------- Product Development and Innovation (PDI) - Telefonica Digital website: www.tid.es email: jhierro at tid.es twitter: twitter.com/JuanjoHierro FI-WARE (European Future Internet Core Platform) Chief Architect You can follow FI-WARE at: website: http://www.fi-ware.eu facebook: http://www.facebook.com/pages/FI-WARE/251366491587242 twitter: http://twitter.com/FIware linkedIn: http://www.linkedin.com/groups/FIWARE-4239932 -------- Original Message -------- Subject: Re: Concord CROWD server Date: Fri, 28 Sep 2012 15:33:51 +0200 From: Juanjo Hierro To: Salo Juha CC: Havlik Denis , Humer Susanna , Susanna Avessta , Pauli Kuosmanen , "jhierro >> \"Juan J. Hierro\"" Hi Denis, I may be wrong but ... could you elaborate on what was missing in the FI-WARE Identity Management GE in order to solve your problem ? Best regards, -- Juanjo ------------- Product Development and Innovation (PDI) - Telefonica Digital website: www.tid.es email: jhierro at tid.es twitter: twitter.com/JuanjoHierro FI-WARE (European Future Internet Core Platform) Chief Architect You can follow FI-WARE at: website: http://www.fi-ware.eu facebook: http://www.facebook.com/pages/FI-WARE/251366491587242 twitter: http://twitter.com/FIware linkedIn: http://www.linkedin.com/groups/FIWARE-4239932 On 28/09/12 13:36, Salo Juha wrote: Hello, I was thinking to reply when we have more information about the hosting of Atlassian tools, but I think it would be informative to let know what is going on even without full details. I'll answer inline if you may. On 20 Sep, 2012, at 15:41 , Susanna Avessta wrote: @Juha: Do you see any issues in principle for using Crowd really at large like mentioned below? Crowd supports unlimited number of users ( http://www.atlassian.com/software/crowd/learn/faq#FAQs-Howmanyuserdirectories ), and the restriction is set by the license. Currently, our license for Atlassian software is set for unlimited number of users. Other considerations that I can quickly think of relate to performance and policies. Currently, we are evaluating different hosting solutions for Atlassian software with Susanna and our focus is now on a dedicated server only to be used with Atlassian software. Since this task is currently in progress, we will come back to this question after we have settled some open questions first. About policies, which relates to answers below, it should be thought out who can have access to the user information. For instance, it appears that to change OpenID settings, adding and changing groups requires administrator rights to Crowd. This means, that the administrator have access to all the user information in Crowd. However, Crowd supports different scenarios for directories. You could have your own OpenLDAP instance for example that could be under your control, and then Crowd would connect to your OpenLDAP directory and while being a centralized point of entry. From: Havlik Denis [mailto:Denis.Havlik at ait.ac.at] Sent: 20 September 2012 14:25 To: Susanna Avessta Cc: 'Jose Lorenzo Mon'; Juanjo Hierro (jhierro at tid.es) Subject: Concord CROWD server ... 1) Can you assure the availability of this service for a couple of year after the project end? 2) could we use this system for SSO on various ENVIROFI web sites? (for our team) There seems to be two ways of achieving SSO ( https://confluence.atlassian.com/display/CROWD/Overview+of+SSO ). We currently use the first method between Crowd and Confluence that is based on a Web-browser cookie and only works under the same domain (in our case, *.fi-ppp.eu). The second method relies on OpenID. I am not that familiar yet with OpenID (in the Atlassian world, CrowdID means OpenID provider), but seems like SSO can be achieved using CrowdID ( https://confluence.atlassian.com/display/CROWD/Overview+of+SSO - "SSO Beyound the Firewall"). Currently the new services (Crowd, Confluence) are under test use. We would like to establish Atlassian software on a solid ground first, including all the policies and processes related to specifically to user management, before enabling CrowdID. However, to get things rolling, we could test how the Crowd would work by enabling it on a testing server? 3) could we even use it for management of the users of our application prototypes? (that would potentially be a large number, so self-provision and assuring they don't get access to wrong applications would be important.) If I understood the question correct, I think you would need some kind of a way to connect to Crowd from your applications to ask about whether the user has sufficient rights. Crowd supports connectors ( https://developer.atlassian.com/display/CROWDDEV/Crowd+Remote+API+Reference and https://confluence.atlassian.com/display/CROWD/Integrating+Crowd+with+a+Custom+Application ). Maybe we could make this connector to your applications to work based on groups. For instance, we could have Application1-users and Application2-users groups, and if we want a user to access both the first and the second application, we would add the user to these groups. Or, create a separate connector for each of your applications. Here is a list of already supported applications: https://confluence.atlassian.com/display/CROWD/Supported+Applications+and+Directories On 25 Sep, 2012, at 13:41 , Havlik Denis wrote: OK, here is something to get us started: 1) we are about to set up an Drupal service for ENVIROFI catalogue. 2) I would like to use your server for identity management (Drupal supports OpenID). 3) I'm putting Susanna and Susanna together now, and expect to get 2 out of it. 1. Possiblity to use the CROWD server as our user mgm. Backend for this drupal instance. 2. Drupal instance able to take advantage of this. If we are going to use OpenID, I think in this instance you set groups and permissions in Drupal - Crowd handles the login. However, there might be more to this, I am not yet that familiar with OpenID/CrowdID. Susanna x2, could you pls. see how this is done without me now? Just tell me "it works, here is how to use it", don't need more details. :) Oops :) How does this sound? Maybe we could have a chat on Skype and further elaborate what is needed and when? Best Regards, Juha Salo, Susanna Avessta ________________________________ Este mensaje se dirige exclusivamente a su destinatario. Puede consultar nuestra pol?tica de env?o y recepci?n de correo electr?nico en el enlace situado m?s abajo. This message is intended exclusively for its addressee. We only send and receive email on the basis of the terms set out at: http://www.tid.es/ES/PAGINAS/disclaimer.aspx -------------- next part -------------- An HTML attachment was scrubbed... URL: