[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: RE: [wsdm] [UPlat] Security
I like to look at this as: 1) The security of the management infrastructure 2) The management of the security infrastructure It is reasonable to say the security of the management infrastructure should be addressed by other standards such as WS-Security. But isn't the management of the security infrastructure in the scope of the WSDM effort? We can say that security standards bodies should address manageability, but that is not likely to happen. Jeff Bohren Product Architect OpenNetwork Technologies, Inc -----Original Message----- From: John DeCarlo [mailto:jdecarlo@mitre.org] Sent: Thursday, October 30, 2003 10:39 AM To: WSDM TC Subject: [wsdm] [UPlat] Security In response to [assign champions for each item. Start discussions on mailing list * John - Security.] Following the definition & need for management of Notification expressed in the very nice aggregation message from Andreas D: http://lists.oasis-open.org/archives/wsdm/200310/msg00135.html Primarily the issue with Security is that while the requirement for Security within manageability is extremely important, it is not unique to manageability. All the same issues arise with any other Web Services endpoint. Every manageability endpoint and many business endpoints will have requirements for confidentiality, integrity, and authentication, as well as access control, availability, and privacy (see the definition of Security). Also, there is the issue of location. Security may be implemented in various ways. For example, there could be a security filter/proxy in front of every Web Services endpoint (including the manageability endpoint) that only allows messages through that are valid, authenticated, authorized, and have no integrity problems identified. Or all of those functions could be performed by the endpoint itself. Thus, the main concern for Security is that the specification allow for external Security infrastructure mechanisms that are composable on top of the manageability exposed via Web Services. This will require examining other standards like WS-Security to ensure nothing done in the specification precludes the composability of Security. Another external effort is to work with standards groups developing interoperable Security infrastructure mechanisms. It is desirable that these mechanisms provide manageability exposed via Web Services. -- John DeCarlo, The MITRE Corporation, My Views Are My Own email: jdecarlo@mitre.org voice: 703-883-7116 fax: 703-883-3383 DISA cube: 703-882-0593 To unsubscribe from this mailing list (and be removed from the roster of the OASIS TC), go to http://www.oasis-open.org/apps/org/workgroup/wsdm/members/leave_workgrou p.php.
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]