FW: Meeting minutes March 18th 2013

1. Roll Call, Agenda Review and Minute Taker Nomination.

2. Approval of minutes – March 4 2013

https://lists.oasis-open.org/archives/cloudauthz/201302/msg00013.html

3. Use Case Submissions Discussions – (Repeat with more details)

- Mike Poulin (https://www.oasis-open.org/committees/document.php?document_id=48320&wg_abbrev=cloudauthz)

- Anil Saldhana (https://lists.oasis-open.org/archives/cloudauthz/201303/msg00000.html)

- Radu Marian (https://lists.oasis-open.org/archives/cloudauthz/201303/msg00003/CloudAuthZ.BAC.UseCases.doc)

- Darran Rolls (https://lists.oasis-open.org/archives/cloudauthz/201303/msg00001.html)

4. CloudAuthZ Face To Face (3-4 April 2013 in Santa Clara)

5. Other Discussions

6. Adjourn

Discussed F2F details

Agreed that F2F will happen (start a ballot to confirm the attendance in person or dial in)

Radu to check for a webex meeting and an agenda

Action item on people to provide uses cases for the f2f

April 1^st meeting to cancel

Motion to cancel the April F2F meeting and replacing it with the F2F

Motion approved. April 1^st meeting cancelled

Discussed Radu use case, Need better description of the use case

Shaheen said it is missing more details

Discussing entitlement catalogue (needed throughout the entitlement cycle)

Does entitlement can be directly assigned to users?

No need to group entitlements

Do we need to distinguish between entitlement and logical ones?

Logical stated and agreed upon by the TC

So basically the first the TC needs to agree on how roles, business roles and logical entitlement are treated in this work

Catalogue will be a classification mechanism for logical entitlement

What entitlements a user has do we want to leverage SCIM 2.0 in this TC, by using SCIM?

Shaheen/Mark suggest that we should wait before we go for it

Shaheen need to know SCIM maturity before we go forward

Richard Hill (Boeing):I agree, we should look at SCIM, but not commit until we have a better understanding of its capabilities

Do we need to marry the use case with the entitlement model?

Am I correct in understanding that SCIM is for the moment more theoretical oriented and they hope to become more practical because of how we fill in the entitlements?

Mark Lambiase (SecureAuth): I do not think they believe they are operating in the realm of the theoretical, but that in the notion of Cloud Identity Management they, too, are looking to understand the entitlement model. Entitlements go beyond just creating/deleting accounts, or marking an account active/inactive. Role/entitlement assignment, as we have seen, can become a messy business. I believe they have worked out assigning roles, but do not have the authorization framework for how a role/attribute assigned via a SCIM process would be utilized.

Radu: SCIM provide pluming our TC can provide the meaning to SCIM

Need to provide meaning to entitlement in the form of syntax where reference id can be assigned. Meaning cannot be ambiguous

Radu to provide SoD use case data for the F2F and show the role of ontology

Kammala cloud is available as a small ontology for free we can use it as a proof

Michael Poulin will need to detail his use case

Chat room dump

anonymous morphed into Mark Lambiase - SecureAuth

anonymous morphed into Lloyd (Novell)

anonymous1 morphed into Mohammad Jafari (ESC)

abbie barbir morphed into abbie barbir bofa

anonymous morphed into Radu Marian (Bank of America)

Mark Lambiase - SecureAuth morphed into Mark Lambiase (SecureAuth)

anonymous morphed into Richard Hill (Boeing)

abbie barbir bofa: 1. Roll Call, Agenda Review and Minute Taker Nomination.

2. Approval of minutes  March 4 2013

https://lists.oasis-open.org/archives/cloudauthz/201302/msg00013.html

3. Use Case Submissions Discussions  (Repeat with more details)

- Mike Poulin  (https://www.oasis-open.org/committees/document.php?document_id=48320&wg_abbrev=cloudauthz)

- Anil Saldhana (https://lists.oasis-open.org/archives/cloudauthz/201303/msg00000.html)

- Radu Marian (https://lists.oasis-open.org/archives/cloudauthz/201303/msg00003/CloudAuthZ.BAC.UseCases.doc)

- Darran Rolls (https://lists.oasis-open.org/archives/cloudauthz/201303/msg00001.html)

4. CloudAuthZ Face To Face (3-4 April 2013 in Santa Clara)

5. Other Discussions

6. Adjourn

Lloyd (Novell): Any  phone yet?

abbie barbir bofa: use this bridge 1-866 222 6658  pass 237796

Radu Marian (Bank of America): 1-866 222 6658  pass 237796

abbie barbir bofa: add f2F discussio

abbie barbir bofa: minutes March 18 meeting

abbie barbir bofa: Discussed F2F details

Agreed that F2F will happen (start a ballot to confirm the attendance in person or dial in)

Radu to check for a webex meeting

Lloyd (Novell): Could you please add Lloyd Burch to the Roll

Chris Kappler, PwC: Please add Chris Kappler to the roll

abbie barbir bofa: Action item on people to provide uses cases for the f2f

April 1st meeting to cancel

Motion to cancel the April F2F meeting and replacing it with the F2F

Motion approved. April 1st meeting cancelled

abbie barbir bofa: ok chris

abbie barbir bofa: Discussed Radu use case, Need better description of the use case

abbie barbir bofa: Shahenn said it is missing more details

abbie barbir bofa: Discussing entitlement catalogue (needed throughout the entitlement cycle)

abbie barbir bofa: Does entitlement can be directly assigned to users

anonymous morphed into Carlton @Intel Corporation

abbie barbir bofa: Can profiles be agnostic to entitlements?

abbie barbir bofa: No need to group entitlements

Do we need to distinguish between entitlement and logical ones?

abbie barbir bofa: logical stated and agreed upon by the TC

abbie barbir bofa: so basically the first the TC need to agree on how roles, business roles and logical entitlement are treated in thos work

abbie barbir bofa: Catalogue will be a classification mechanism for logical entitlement

abbie barbir bofa: SCIM captures what entitlments a user have

abbie barbir bofa: do we want to leverage SCIM 2.0 in this TC, by using SCIM

abbie barbir bofa: Shaheen/Mark suggest that we should wait before we go for it

Shaheen need to know SCIM maturity before we go forward

Richard Hill (Boeing): I agree, we should look at SCIM, but not commit until we have a better understanding of its capabilites.

abbie barbir bofa: agree

Chris Kappler, PwC: Am I correct in understanding that SCIM is for the moment more theoretical oriented and they hope to become more practical because of how we fill in the entitlements?

abbie barbir bofa: Do we need to marry the use case with the entitlement model?

Mark Lambiase (SecureAuth): I do not think they believe they are operating in the realm of the theoretical, but that in the notion of Cloud Identity Management they, too, are looking to understand the entitlement model. Entitlements go beyond just creating/deleting accounts, or marking an account active/inactive.  Role/entitlement assignment, as we have seen, can become a messy business.  I believe they have worked out assigning roles, but do not have the authorization framework for how a role/attribute assigned via a SCIM process would be utilized.

Chris Kappler, PwC: I agree, thanks for the clarification

abbie barbir bofa: Radu: SCIM provide pluming our TC can provide the meaning to SCIM

abbie barbir bofa: Radu: SCIM provide pluming our TC can provide the meaning to SCIM

Need to provide meaning to entitlement in the form of syntax where reference id can be assigned. Meaning cannot be ambiguous

abbie barbir bofa: need to decide if we will do an ontology in this TC or not

abbie barbir bofa: Radu to provide SoD use case data for the F2F and show the role of ontology

anonymous morphed into Michael Poulin

abbie barbir bofa: Kammala cloud is available as a small ontology for free we can use it as a proof

Danny Thorpe (Dell): i joined late, after first roll call

abbie barbir bofa: Michael Poulin will need to detail his use case

cloudauthz message