[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Subject: OASIS Registry Security : Minutes
Here are the minutes of the meeting ebXML Registry Security meeting.
Suresh will send out any updates/corrections to this note later.
Sekhar
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
Minutes of ebXML Registry Security Meeting
Attendees: Sanjay Patil, Suresh Damodaran, Farrukh Najmi, Sekhar
Vajjhala
Use Cases
- Sanjay to send use cases by today
Review of security risk document updated by Suresh
1.b added. needs to be split into 1.b.1 & 1.b.2
1.b.1 integrity protection in xmission
1.b.2 confidentiality protection in xmission
sekhar to update
5.2 Added Type F ( for futuristic)
2d changed from C to D
Section numbers may no longer be accurate.
Define Registry Profile
- Registry profile is available
- Global issue ; not specific to security
- every group needs to define what is needed in the registry profile
- suggestion: each group documents in English what is needed
in English. Syntax could be deferred.
- CPP could be source for what should be in registry profile
A (targeted for V2.0) items:
- integrity protection of data
- authentication ( at least the verification of the signer )
- custom access controls
- XACML may not be ready in time ?
use IBM_XACL ?
Status of XMLDSIG
- making progress ; hopefully a first version would be
out tomorrow ( Sekhar to send out ).
- Reference the document in the "Deliverables" Section in the
Risks document.
Deliverables:
- Integrity protection of data in xmission and storage
- use of XML DSIG
- Authentication of content owner
- Management of Access control policies
- updates to the RIM and RS; follow use case model
- Registry profile
- cookie cutter policies for registry
- use cases document
--
Sekhar
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Powered by eList eXpress LLC