OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

soa-rm-ra message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: Re: [soa-rm-ra] Thought Experiment on SOA Security and Governance

Federated Identity exists today. Both Adobe and Microsoft have server based
products which use a WS-Trust type model on the back end to allow a trusted
region to be declared including CRL's for all CA's.  Sadly, what you are
talking about is largely linked to the weak link in the chain - the people
who administer and operate the trust domain.  The basic tenet is to deny all
and allow only specific trusted entities.  All it takes is one slip.

D


On 10/30/06 11:00 AM, "Chiusano Joseph" <chiusano_joseph@bah.com> wrote:

> My take is that we would never reach the question of federated identity,
> because the chances of fraud (especially through a virus) are so high
> that it will probably be a very long time before Internet-based voting
> is a reality (if at all).
> 
> Joe
> 
> Joseph Chiusano
> Associate
> 
> Booz | Allen | Hamilton
> ______________________--
> 
> 700 13th St. NW, Suite 1100
> Washington, DC 20005
> O: 202-508-6514
> C: 202-251-0731
> Visit us online@ http://www.boozallen.com
> 
> -----Original Message-----
> From: Michael Stiefel [mailto:development@reliablesoftware.com]
> Sent: Monday, October 30, 2006 9:40 AM
> To: soa-rm-ra@lists.oasis-open.org
> Subject: [soa-rm-ra] Thought Experiment on SOA Security and Governance
> 
> One of my action items was to come with a scenario that we could use to
> think about SOA Governance. Here is one "use case". Try to imagine what
> it would take for the United States to have secure Internet voting in
> state and federal elections.
> 
> Who would offer the "voting service"?
> 
> This would be the extreme case of Federated Identity. Would the state
> federated identity servers be trusted by the federal identity servers? I
> cannot imagine everybody getting an X509 certificate. Would we restrict
> voting to a few days?
> 
> Comments?
> 
> Michael
> 

-- 
******************************************************
Sr. Technical Evangelist - Adobe Systems, Inc.       *
Chair - OASIS SOA Reference Model Technical Committee*
Blog: http://technoracle.blogspot.com                *
******************************************************

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]