RE: [id-cloud] Groups - Inter-Cloud Use Cases (OASIS ID Cloud - Inter-Cloud Doc Exchange Use Case v0.11 2011-03-25.doc) uploaded

["Roger Bass" <roger@traxian.com>]

Colin,

Thanks for your thoughtful feedback.  Despite the various issues that can arise, the minimal requirements to enable mass scale "Inter-Cloud" document exchange are rather smaller, I think, than this first draft may make it seem.  I definitely agree with your comment that it's just an extension of where we are now, rather than being something completely new.

I'd certainly hope some aspects of this use case might be within scope for this TC.  If other aspects fit with Kantara or elsewhere, that would be good to understand better.
 
To clarify what's real today, and the gaps:

1. OAuth-based interoperability: here, in the "three-corner" scenario, each network requires a PRE-EXISTING identity for both the parties exchanging documents.  Provided those identities exist, a simple OAuth account/password approval step can enable an integration service or "Inter-Cloud Brokerage" to make the connection.  In some cases, trust models also exist (we've built some) for ESTABLISHING A NEW IDENTITY; however, this has tended to be based on custom APIs, not standards (though OpenID Attribute Exchange might work).  This piece is, I think, the key gap to be addressed for mass-scale adoption.

2. The "four corner" model (the main draft approach in OASIS BDX), solves or side-steps many of these identity issues, by leveraging a new type of DNS record for routing, and a "trusted network" model for document submission.  The key notion here is the domain/email as an identity, not a channel for sending e-invoices etc.  The PEPPOL e-procurement infrastructure project is about to go live in seven countries with such a model.  However, this approach seems like probably too big of a change and loss of control to be widely adopted by leading B2B networks/clouds as is.

Best regards,
Roger


-----Original Message-----
From: Colin Wallis [mailto:Colin.Wallis@dia.govt.nz] 
Sent: Sunday, March 27, 2011 6:03 PM
To: id-cloud@lists.oasis-open.org
Subject: RE: [id-cloud] Groups - Inter-Cloud Use Cases (OASIS ID Cloud - Inter-Cloud Doc Exchange Use Case v0.11 2011-03-25.doc) uploaded

Roger

One of the dubious pleasures of being close to date line and the first to see the new day, I can take stab at this while most other folks are still enjoying their weekend:-).

Man, this use case is a complex beast to get through! (particularly on a Monday when my brain's got even more cobwebs than usual).  But at a high level, it seems to be something one might expect to see in the emerging generation of trust Frameworks, where identity assurance and data exchange agreements are profiled to suit a particular use case.

This use case steps across many technical boundaries - protocols, business rules, federation rules etc.

In an attempt to (probably over-) simplify it, I can't get past the notion that this could be done with Web Services calls running over a rules engine (I am not at all sure having a valid email address gives any sense of security for sending invoices but let's put that aside) within a federation.

So while think the use case (at least at a high level) is valid for this TC, there are probably other additional fora where the development of federated trust frameworks is their 'core business'. I would point to Kantara and the ITU-T as examples, but existing 'federations' such as Fixs.org (and the banking and telco settlement regimes themselves), have some of the elements this use case touches on.  

So while I can see that lots of standardisation, and maybe an agreed technical design approach has to come to pass before (secure) 'inter-cloud' becomes a reality, I'm not sure its all totally new, but rather just an extension in complexity of where we are now.

FWIW..

Cheers
Colin  
 
-----Original Message-----
From: roger@traxian.com [mailto:roger@traxian.com]
Sent: Saturday, 26 March 2011 5:46 p.m.
To: id-cloud@lists.oasis-open.org
Subject: [id-cloud] Groups - Inter-Cloud Use Cases (OASIS ID Cloud - Inter-Cloud Doc Exchange Use Case v0.11 2011-03-25.doc) uploaded

As discussed on the last TC call, I'm submitting an initial use case document regarding Inter-Cloud scenarios, specifically for Business Document Exchange. I'd welcome feedback (either on the email list or as document comments) as to:
- document content
- fit with the TC's work schedule in particular the upcoming F2F meeting, and
- individuals outside this TC who might be interested
- additional or alternate venues where it might make sense to introduce this. 

As an initial draft, it doubtless has significant errors and omissions. I'm also submitting it to the BusDoc Exchange TC to get their feedback as well.

Best regards,
Roger Bass

 -- Roger Bass

The document named Inter-Cloud Use Cases (OASIS ID Cloud - Inter-Cloud Doc Exchange Use Case v0.11 2011-03-25.doc) has been submitted by Roger Bass to the OASIS Identity in the Cloud TC document repository.

Document Description:
Identity use cases relating to Inter-Cloud communications, specifically for business document exchange.

View Document Details:
http://www.oasis-open.org/committees/document.php?document_id=41622

Download Document:  
http://www.oasis-open.org/committees/download.php/41622/OASIS%20ID%20Cloud%20-%20Inter-Cloud%20Doc%20Exchange%20Use%20Case%20v0.11%202011-03-25.doc


PLEASE NOTE:  If the above links do not work for you, your email application may be breaking the link into two pieces.  You may be able to copy and paste the entire link address into the address field of your web browser.

-OASIS Open Administration

====
CAUTION:  This email message and any attachments contain information that may be confidential and may be LEGALLY PRIVILEGED. If you are not the intended recipient, any use, disclosure or copying of this message or attachments is strictly prohibited. If you have received this email message in error please notify us immediately and erase all copies of the message and attachments. Thank you.
====