OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

wsdm message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: RE: [wsdm] Security Needs and Use Cases for MUWS (RE: [wsdm] Security Question: Can we manage security resources using WSDM?)

Title: Message
I'm not sure if this addresses what this thread is about. Your material addresses the Security of Manageability rather than the Manageability of Security . These are related but different issues. I would define them as:
 
Security of Manageability - The security of the Manageability Provider and the underlying communications protocols. How are the management requests authenticated? How are management requests authorized and audited?
 
Manageability of Security - What security information on the managed resource can be managed by the Manageability Provider. How is this information presented to the Manager. In MOWS, there is the specific use case of managing the configuration of the Web Service Security infrastructure for that web service (among other things).
 
Then there is the case where one Manageability Provider is managing another (i.e. one Mangeability Provider is being treated as a Manageable Resource by another Mangeability Provider). In that case the Security of Manageability in the one Manageability Provider would be addressed as Manageability of Security in the other Manageability Provider.
 
Jeff Bohren
Product Architect
OpenNetwork Technologies, Inc
 
Try the industry's only 100% .NET-enabled identity management software. Download your free copy of Universal IdP Standard Edition today. Go to www.opennetwork.com/eval.
 
-----Original Message-----
From: Andreas Dharmawan [mailto:andreas@westbridgetech.com]
Sent: Tuesday, June 08, 2004 9:15 PM
To: wsdm@lists.oasis-open.org
Subject: [wsdm] Security Needs and Use Cases for MUWS (RE: [wsdm] Security Question: Can we manage security resources using WSDM?)

Hi team:
 
I reviewed MUWS requirements on security and came up with the following use cases.
 
Feedback?
 
Thanks

From: Heather Kreger [mailto:kreger@us.ibm.com]
Sent: Thursday, June 03, 2004 7:20 PM
To: wsdm@lists.oasis-open.org
Subject: [wsdm] Security Question: Can we manage security resources using WSDM?

Per our call today, I'm sending this email to start a discussion on this topic:

Given that security needs to be managed and has resources that need to be managed,
will the WSDM architecture and interfaces be able to be used to express the manageability of
manageable security resources?

Which leads to the follow on question: what are the requirements for managing Security?
What are the manageable security resources?

Hal suggested the following categories:
Provisioning – enabling service around user – name/id/pw are resources – Jeff Bohren
Configuration – of authentication mechanism - certificate, keys are resources

Heather Kreger
STSM, Web Services Lead Architect for SWG Emerging Technologies
Author of "Java and JMX: Building Manageable Systems"
kreger@us.ibm.com
919-543-3211 (t/l 441) cell:919-496-9572

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]