[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: IDCloud TC Meeting Minutes - 7 Jan 2013
1. Roll Call, Agenda Review and Minute Taker Nomination. Attendees: NEC Corporation Felix Gomez Marmol Voting Member IBM David Kern Voting Member Microsoft Anthony Nadalin Chair Bank of America Dominique Nguyen Voting Member Red Hat Anil Saldhana Chair Daon Cathy Tilton Voting Member Quorum: 6 out of 11 Voting Members (54%). Achieved. 2. Meeting Minutes Approval Deferred. 3. Gap Analysis Document Deferred. 4. IDCloud Profiles- Anil started a discussion on the IDCloud PaaS profile document: https://www.oasis-open.org/committees/download.php/47817/IDCloud-paas-v1d.pdf * A new PaaS Architecture diagram and description was added to the Definitions section.
- Good suggestions offered to improve the document. (Please see chat transcript)
5. Other Business 6. Adjourn Chat Transcript =========================AnilSaldhana(RedHat): 1. Roll Call, Agenda Review and Minute Taker Nomination.
2. Meeting Minutes Approval 3. Gap Analysis Document 4. IDCloud Profiles 5. Other Business 6. AdjournAnilSaldhana(RedHat): https://www.oasis-open.org/committees/download.php/47816/IDCloud-paas-v1d.odt
AnilSaldhana(RedHat): https://www.oasis-open.org/committees/download.php/47817/IDCloud-paas-v1d.pdf
AnilSaldhana(RedHat): https://www.oasis-open.org/committees/download.php/47817/IDCloud-paas-v1d.pdf
anonymous morphed into Cathy Tilton (Daon) David Kern (IBM): A few notes on the diagram on page 6...David Kern (IBM): authentication and authorization are covered under Identity Services
David Kern (IBM): but should encryption of data at rest be included in the storage box and encryption of data in motion in the networking box?
David Kern (IBM): Data integrity - where would that be represented?David Kern (IBM): Should application integrity (signing of binaries, etc) be shown?
David Kern (IBM): and to continue the trend, should operating system integrity checking (tripwire, re-instantiation from a "clean" r/o source, etc) be mentioned?
AnilSaldhana(RedHat): cathy: Cloud Provider security services may have additional services.
AnilSaldhana(RedHat): cathy: does this include Physical Security concerns?AnilSaldhana(RedHat): Not in the PaaS document. Maybe in the cloud security guidelines or such document.
AnilSaldhana(RedHat): can you hear me? AnilSaldhana(RedHat): dialing back AnilSaldhana(RedHat): stay David Kern (IBM): no, we can't hear you Cathy Tilton (Daon): Anil - are you on the line? AnilSaldhana(RedHat): is the diagram helpful? AnilSaldhana(RedHat): cathy: yes, diagrams are always helpful =========================
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]