Minutes for the meeting of the Electronic Identity Credential Trust Elevation Methods (Trust Elevation) Technical Committee
October 18, 2012.
1. Call to Order and Welcome.
2. Roll Call
Attending (please notify me if you attended the meeting but are not on the list below)
Abbie Barbir, Bank of America - y |
Anil Saldhana, Red Hat Bob Sunday |
Brendan Peter, CA |
Carl Mattocks, Bofa |
Cathy Tilton, Daon - y Charline Duccans, DHS |
Duane DeCouteau |
Colin Wallis, New Zealand Government |
Dale Rickards, Verizon Business - y |
David Brossard, Axiomatics |
Dazza Greenwood |
Debbie Bucci, NIH |
Deborah Steckroth, RouteOne LLC |
Detlef Huehnlein, Federal Office for Information |
Don Thibeau, Open Identity Exchange |
Doron Cohen, SafeNet |
Doron Grinstein, BiTKOO Gershon Janssen |
Ivonne Thomas, Hasso Plattner Institute |
Jaap Kuipers, Amsterdam |
Jeff Broburg, CA |
John Bradley |
John "Mike" Davis, Veteran's Affairs - y |
John Walsh, Sypris Electronics |
Jonas Hogberg |
Julian Hamersley, Adv Micro Devices |
Kevin Mangold, NIST - y Lucy Lynch ISOC |
Marcus Streets, Thales e-Security |
Marty Schleiff, The Boeing Company |
Mary Ruddy, Identity Commons – y |
Massimiliano Masi, Tiani "Spirit" GmbH |
Nick Pope, Thales e-Security |
Peter Alterman, SAFE-BioPharma, - y Rainer Hoerbe |
Rebecca Nielsen, Booz Allen Hamilton |
Rich Furr |
Ronald Perez, Advanced Micro Devices |
Scott Fitch Lockeed Martin |
Shaheen Abdul Jabbar, JPMorgan Chase Bank, N.A. - y |
Shahrokh Shahidzadeh (Intel Corp) - y |
Suzanne Gonzales-Webb, VA - y Tony Rutkowski Tony Nadlin Thomas Hardjono, M.I.T. |
William Barnhill, Booz Allen Hamilton |
Adrian James, VA - y Patrick, Acxiomatics - y |
73 percent of the voting members were present at the meeting. We did have quorum.
2. Agenda review and approval
We used the following chat room for the call: http://webconf.soaphub.org/conf/room/trust-el chat room text is included at the end of the minutes.
Abbie asked if there were any additions to the agenda.
Mary asked if we could add a report on the Sep 10-12 International Cloud Symposium.
Abbie replied that ICS was a successful event. There were about150 attendees in total. Lots of government people where there for parts of the event. There were about 50 there at any one time. We had a good discussion and the panel gave an overview on Trust-elevation. Most of panel Q&A time was reallocated to NTSIC. Based on side conversations there is good synergy between the TC with other work. A Gartner analyst asked to be contacted, related to how you do trust elevation. Overall it was very successful. Microsoft and Sales Force are moving identity API’s. There are two use cases from ICS that we have not incorporated. Anil may be able to help.
***Action item to follow-up with Anil to move these use cases.
3. Approval of the Minutes
Abbie asked for a motion to approve the minutes from the Oct 5 and Oct 9th meetings.
Shaheen made a motion to approve.
Shahrokh seconded the motion.
There were no objections. The minutes were approved.
3. Editors Update
Mary gave an overview of what was accomplished at the F2F. We reviewed the new method analyses that were posted before the F2F, and also the token analysis that Shahrokh did during the event. As part of this we identified some changes that need to be made to all the analyses. First, we need to differentiate between actions taken by the RP and taken by an IDP that may not be part of the RP. Second we need to describe the applicability of the method to non-person entities (NPEs) as program to program authentication is becoming more important. Finally the most important systematic change we identified was the need to have more granularity in the threat description and in the various remedies to the threat. As part of dealing with the analyses at a more granular level, we created a diagram, of generic trust elevation that is being circulated amongst the editors. We have also started to add detail to the analysis template.
Abbie uploaded the current revised draft analysis template to the website so that we could discuss it.
Mary continued, for example we need to define eavesdropping with more granularity. That is define it, and have a table of the options. We need to agree that these X items are the threats and these Y elements are the mitigations.
Abbie suggested that we divide and conquer.
Shahrokh said we need to define each risk. We need to have a document that defines, for example, eavesdropping and what machine to machine eavesdropping means. Do we want to go to an ISO document?
Abbie replied I think we should go with X1254 to start or with OASIS definitions. It has to be done systematically.
Abbie will send the final version of x1254. Only one definition changed since the previously provided draft version. There is also a Gartner 2010 document. The scope of the Gartner analysis is there are really only two threats [there are many types of impersonation.]
Mary asked for a volunteer to add more detail to one of the threat categories.
Abbie volunteered. It was discussed that we need to add the threat descriptions to the document and the methods that mitigate that threat with links. Then we can say, for example, that a method mitigates the threat using the 1C approach.
Abbie said what he would like to see is method and threat definitions, and techniques so we can cross reference. Mary and Abbie will work on eavesdropping as an example.
Shaheen asked if the uploaded template had been modified.
Mary said yes, it already has some more detail.
Abbie wants to add even more detail. The question is, is this good enough? We still need a table to add the definitions of the threat and subthreat and what the mitigations are. So then we can say using the table, items 1, 3 and 4 apply to a particular method.
Shaheen asked so does it make sense to have a spreadsheet with a matrix of all the threats and controls?
Abbie replied yes, this will lead us to phase 3 where we combine methods. At the end of the day, we could create an automated tool: this is where you are and these methods will enable you to achieve the level of assurance you need.
Abbie reviewed all the threats and discussed assignments.
Abbie – will look at eavesdropping
Mary commented that the current list in the template came from x1254.
Abbie continued down the template and we juggled assignments
Peter – Online guessing
Mary – Replay
Shaheen - MIM
Shahrokh - Spoofing
Abbie - Phishing
Cathy - Eavesdropping
Peter - Session hijacking
Abbie continued, for the next TC meeting CyberCore will present to give us perspective. Mary and Abbie will present at the call after.
Shaheen asked Mary to indicate in the notes who will present on what date.
For the November 1st TC call, Cyber Core will be presenting its product approach.
For the November 15th TC call, Mary and Abbie will present.
5. Attendance Update
We achieved quorum.
6. Adjournment
Abbie made a motion to adjourn.
Cathy seconded the motion.
The meeting was adjourned.
>>>>>>>>>>>>>>>>>>>>
abbie: 1. roll call
2. agenda approval
3. approve minutes
4. editor discussion on Second Deliverable (Analysis phase)
5. conclude
abbie: Passcode: 637 218 8139
Int'l Toll: 1-980-939-6928
abbie: 1 866 222 6652
anonymous morphed into Adrianne
anonymous morphed into Suzanne Gonzales-Webb
Please change your name from 'anonymous' using the Settings button
anonymous morphed into Mary Ruddy
abbie: https://www.oasis-open.org/apps/org/workgroup/trust-el/members/upload.php
abbie: https://www.oasis-open.org/apps/org/workgroup/trust-el/documents.php
abbie: sorry use second link