OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

wsdm message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: [UPlat] Security

In response to [assign champions for each item. Start discussions on mailing list * John - Security.]

Following the definition & need for management of Notification expressed in the very nice aggregation message from Andreas D:


Primarily the issue with Security is that while the requirement for 
Security within manageability is extremely important, it is not unique 
to manageability.  All the same issues arise with any other Web Services 
endpoint.  Every manageability endpoint and many business endpoints will 
have requirements for confidentiality, integrity, and authentication, as 
well as access control, availability, and privacy (see the definition of 

Also, there is the issue of location.  Security may be implemented in 
various ways.  For example, there could be a security filter/proxy in 
front of every Web Services endpoint (including the manageability 
endpoint) that only allows messages through that are valid, 
authenticated, authorized, and have no integrity problems identified.  
Or all of those functions could be performed by the endpoint itself.

Thus, the main concern for Security is that the specification allow for 
external Security infrastructure mechanisms that are composable on top 
of the manageability exposed via Web Services.  This will require 
examining other standards like WS-Security to ensure nothing done in the 
specification precludes the composability of Security.

Another external effort is to work with standards groups developing 
interoperable Security infrastructure mechanisms.  It is desirable that 
these mechanisms provide manageability exposed via Web Services.


John DeCarlo, The MITRE Corporation, My Views Are My Own
email:      jdecarlo@mitre.org
voice:      703-883-7116
fax:        703-883-3383
DISA cube:  703-882-0593

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]