[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: MINUTES OASIS IDCloud TC Meeting 20 February 2012
---------------------------------------- DRAFT MINUTES OASIS IDCloud TC Meeting 20 February 2012, 02:00pm to 03:00pm ET ---------------------------------------- Scribe: Gershon Janssen 1. Roll Call and Agenda Review Name Status ---- ------ Anil Saldhana Member Gershon Janssen Member Matthew Rutkowski Member Roger Bass Member Dominique Nguyen Member Cathy Tilton Member Observers: None. 6 people joined the meeting. This meeting does not quorate. Member status status changes: Lost voting rights: Brian Marshall David Turner Gained voting rights: Cathy Tilton Now: 10 voting members in TC. 2. Approval of Minutes - 06 Feb 2012 Meeting: http://www.oasis-open.org/apps/org/workgroup/id-cloud/email/archives/201202/ msg00049.html Deferred to next meeting as this meeting does not quorate. 3. Gap Analysis Editor's Draft [Gershon] Word: http://www.oasis-open.org/committees/document.php?document_id=45205&wg_abbre v=id-cloud PDF: http://www.oasis-open.org/committees/document.php?document_id=45206&wg_abbre v=id-cloud Textual remarks: - change to "Redhat" instead of "RedHat" - oAuth should be OAuth Structure remarks: - Mention long names or full names in a separate table or reference section. - Include links to their (i) website (ii) link to their standard version. - Create 2 tables. Approach for next steps: - Ask ourself a set of questions: e.g. where do we believe the standards fall short; what do we perceive as missing. - Do more gap analysis offline via the email threads - Also continue with the informal gap analysis meetings - Suggestions for approaches: - (i) per use case or (ii) per standard - first pass: go through all as a group; write down what we know. After that, publish as a draft and validate if our assumptions are true or not. - Scheduling informal meeting: - Matt: Fridays are good; Wednesdays are also good. Tuesdays are good as well. - Gershon talks about Trust and Trust Frameworks - Dominique: you asked me to have Abbie talk about Trust Framework and he accepted. Dominique will check with Abbie to talk about trust frameworks during our next TC meeting. 4. Gap Analysis Discussion - Use case 19: - if one can audit in the cloud, the accesses on a simple piece of blog data, one has basically the foundation for auditing other data - within a enterprise there are compliance regulations - within a cloud these standards do not exist - cloud standards e.g. SNIA not doing auditing yet. DMTF CIMI is considering this - would be worth considering the format. - reporting access management type events; audit requirements: timestamp, identity, identity of resource invovled (e.g. document, storage device) - also if encryption is applied (how it is protected) - also hardware side: on which server this is running on (e.g. virtual image running on vCloud, etc.) - audit 3 spaces (i) storage (ii) computing (iii) network space - include / extend with management for keys? yes should do this as its a difficult issue. key life cycle management. - syslog as a log format; SNIA for network storage for cloud; DMTF Cloud management working group with spec CIMI (management interface standard) - Data Model and topology aligned. - CloudAuditing Workgroup at DMTF, working with CIMI to provide audit type event and reports to be carried by their management interfaces. - group working on audit reports, privacy information obfuscations, soa, etc. - group does not talk about access control. - privacy management; KMIP (key life cycle management) - quantum; open networking management standard 5. Other Business - Gershon to participate in CloudScape conference this week; will talk about ID-Cloud. 6. Adjourn Meeting adjourned.
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]