OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

id-cloud message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: RE: [id-cloud] Meeting Minutes of 3 October 2011 Oasis IDCloud TC

Member status changes after 03/Oct/2011 OASIS IDCloud TC meeting:

 

Lost voting rights:

Hadass Harel

 

Gained voting rights:

Brian Marshall, Joe Savak, Cathy Tilton

 

Now: 13 voting members in TC.

 

 

 

From: id-cloud@lists.oasis-open.org [mailto:id-cloud@lists.oasis-open.org] On Behalf Of Nguyen, Dominique V
Sent: maandag 3 oktober 2011 21:39
To: id-cloud@lists.oasis-open.org
Subject: [id-cloud] Meeting Minutes of 3 October 2011 Oasis IDCloud TC

 

Agenda

 

1, Roll Call, Agenda review and Minutes Taker Nomination

 

Abbie Barbir (Bank of America) – Voting  member

 Anil Saldhana (RedHat) - Chair

 Anthony Nadalin - Chair

 Brian Marshall (Vanguard) – Voting member

 Cathy Tilton (Daon) – Voting member

Dominique Nguyen (Bank of America) – Voting member

 Joe Savak (Rackspace) – Voting member

Matt Rutkowski (IBM) - Secretary

David Kern (IBM) – Voting member

David Turner (Microsoft) – Voting member

 

Quorum achieved:  7 out of 10  voting members (70%) quorated

 

2. Approval of September 19, 2011Meeeting minutes 
http://lists.oasis-open.org/archives/id-cloud/201109/msg00046.html

 

Dominique moved, Abbie seconded.  Approved.

 

3. Use case document 
http://docs.oasis-open.org/id-cloud/IDCloud-usecases/v1.0/cnd01/IDCloud-usecases-v1.0-cnd01.html

 

4. Gap Analysis Work

 

5. OASIS International Cloud Symposium

 

6. Other business

 

7. Adjourn.

 

Chat room transcript for October 3, 2011 meeting:

 

AnilSaldhana(RedHat): Joe: Hi Joe
JoeSavak (Rackspace): Anil: Hi!
David Kern (IBM): Good afternoon
JoeSavak (Rackspace): hi all
Matt Rutkowski (IBM): Hello
Dominique Nguyen1: Hi
Dominique Nguyen1: Hi Abbie
AnilSaldhana(RedHat): 7 out of 10  voting members (70%) quorated
AnilSaldhana(RedHat): http://lists.oasis-open.org/archives/id-cloud/201109/msg00044.html
AnilSaldhana(RedHat): 19 sep minutes for approval
Dominique Nguyen1: Anil - I sent you and Abbie the revision for use case #23 - did you get a chance a review?
Dominique Nguyen1: Dominique - minutes taker
Dominique Nguyen1: Abbie moved to approve minutes
Dominique Nguyen1: Dominique seconds to approve
Dominique Nguyen1: Minutes are approve
AnilSaldhana(RedHat): 3) Rackspace usecase discussion (10minutes)
 
http://lists.oasis-open.org/archives/id-cloud/201109/msg00046.html
Dominique Nguyen1: 3rd item: RackSpace submitted a use case
David Kern (IBM): Are you on a cell phone, Anil? I'm getting some fairly dramatic reverb on the phone line when you speak.
Dominique Nguyen1: Impersonate customer to trouble-shoot issue in the cloud space.
Brian Marshall (Vanguard): sorry I am late... again...
Dominique Nguyen1: No standard exists today - Idea: Token exchange, support rep would exchange the token with the customer
Dominique Nguyen1: Matt's response:  Exchange token can present audit & compliance issue
Dominique Nguyen1: Identity delegation use case -
Dominique Nguyen1: Need audit logging
Dominique Nguyen1: Anil - SAML may be a solution - good use case as a gap is identified
Dominique Nguyen1: Item #5: Use case normalization - Anil contacted assignees & all said they would start working on the assignments
Dominique Nguyen1: Duran's case: normalization (use the OASIS template filled out)
AnilSaldhana(RedHat): http://docs.oasis-open.org/id-cloud/IDCloud-usecases/v1.0/cnd01/IDCloud-usecases-v1.0-cnd01.html
Dominique Nguyen1: Next action on agenda: Discuss gap analysis
Matt Rutkowski (IBM): Thanks Joe got your email and the word document looks fine
JoeSavak (Rackspace): Matt, no problem
Dominique Nguyen1: Use case #23 - device authentication surfaces as another important
Dominique Nguyen1: Mobile devices are also special identity
Dominique Nguyen1: Each device has its unique identifier- SIM card, software on
Dominique Nguyen1: We should annotate the audit aspect for this use case
Dominique Nguyen1: Device registration, what standards are relevant
David Turner: Every mobile device has a unique identifier call the IMEI (http://www.gsm-security.net/faq/imei-international-mobile-equipment-identity-gsm.shtml)
Dominique Nguyen1: For gap analysis - multiple standards apply
Dominique Nguyen1: Homework for Dominique: Mobile phone specific: Authentication, registration & auditing
Dominique Nguyen1: Matt discuss use case #0 for audit aspect
AnilSaldhana(RedHat): David kern:  not on cell phone. but my phone service is a use case by itself.
Dominique Nguyen1: Matt requests: there needs to be a meaningful way to consider audit aspect to e call out in each of the use case
David Kern (IBM): Anil - understood
Dominique Nguyen1: Matt: use case 0 describes consistent and generalized audit logging information - all other use cases can reference use case 0 unless there is special attributes
Dominique Nguyen1: Matt: number of groups create Cloud services, it is desirable for OASIS to develop what profile of cloud services look like
Dominique Nguyen1: and add the compliance aspect - what things need to be added to make it auditable
Dominique Nguyen1: Matt - Audit & Compliance is the theme for OASIS symposium
AnilSaldhana(RedHat): 4.24 Use Case 24: Privileged User Access using Two-Factor Authentication
AnilSaldhana(RedHat): overlap with Joe's use case.
JoeSavak (Rackspace): 4.24 seems like an administrative login for a user to manage other users. My use case is about assuming the identity and capabilities of a user (from a support perspective if given adequate permission) in order to perform actions as the user
Dominique Nguyen1: Matt - Got to letter "I" of the Terms and Definitions
Dominique Nguyen1: Anil: Motion to adjourn and meet in 2 weeks. Dominique motions and Matt seconds.

 

This message w/attachments (message) is intended solely for the use of the intended recipient(s) and may contain information that is privileged, confidential or proprietary. If you are not an intended recipient, please notify the sender, and then please delete and destroy all copies and attachments, and be advised that any review or dissemination of, or the taking of any action in reliance on, the information contained in or attached to this message is prohibited.
Unless specifically indicated, this message is not an offer to sell or a solicitation of any investment products or other financial product or service, an official confirmation of any transaction, or an official statement of Sender. Subject to applicable law, Sender may intercept, monitor, review and retain e-communications (EC) traveling through its networks/systems and may produce any such EC to regulators, law enforcement, in litigation and as required by law.
The laws of the country of each sender/recipient may impact the handling of EC, and EC may be archived, supervised and produced in countries other than the country in which you are located. This message cannot be guaranteed to be secure or free of errors or viruses.

References to "Sender" are references to any subsidiary of Bank of America Corporation. Securities and Insurance Products: * Are Not FDIC Insured * Are Not Bank Guaranteed * May Lose Value * Are Not a Bank Deposit * Are Not a Condition to Any Banking Service or Activity * Are Not Insured by Any Federal Government Agency. Attachments that are part of this EC may have additional important disclosures and disclaimers, which you should read. This message is subject to terms available at the following link:
http://www.bankofamerica.com/emaildisclaimer. By messaging with Sender you consent to the foregoing.

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]