April 30, 2015 Meeting Page
Jump to navigation Jump to search
Meeting Date: April 30, 2015
SECURITY COMMITTEE / FUNCTIONAL MODEL MEETING NOTES - draft
Meeting Date: April 30, 2015
- Adam Migus
- Andrew Hughes
- Ann Racuya-Robbins
- Bob Pinheiro
- Christopher Spottiswoode
- Hans Vargas
- Jamie Clark
- Jeff Shultz
- Jerry Kickenson
- Linda Braun, Global Inventures
- Mike Garcia
- Paul Knight
- Ryan Galluzzo
- Sal D’Agostino
- Ryan Galluzzo led the call. Notes taken by Linda Braun
- Results from RSA Conference
- Management Council / Committee Elections
- Overview of FMO feedback on Security Committee requirements
- General Updates
- Results from RSA Conference – IDESG panel gave a preview of the Identity Ecosystem framework. Michael Daniels spoke. Mike Garcia was moderator. Kim Little Sutherland presented. Panel members included Matt Thompson, Greg Kimball, Denise Tayloe, and Ian Glaser. 100 people in attendance. Session was well received.
- Management Council – newly elected Chair is Matt Thompson; with Ian Glaser as Vice Chair. IDESG Board - Sal D’Agostino was elected the new President; Neville Pattinson, Treasurer and Mark DiFraia, Secretary.
- Via chat, Sal provided a link to an article “Why we need an ID Ecosystem Framework”
- Security Committee nominations – election deadline has been extended for one additional week.
- Overview of FMO feedback on Security Committee requirements – Jamie clarified that what the FMO sent to the Security Committee was preliminary questions. Next week SC will receive a full set of comments from the FMO that will include proposed solutions to questions in the last report and some other issues that they tried to address.
- Next steps: Report from FMO will be sent to SC next week. FMO will send to TFTM as well. TFTM will recommend format. TFTM and SC will put requirements package together for eventual approval before the plenary. SC will have May 8 – 22 to clarify or make changes to requirements if necessary. Suggestion was to bring up issues with TFTM on collaborative process should any arise. TFTM are not domain experts. They are responsible for supporting the 1.0 certification program. If they see a requirement that is overreaching 1.0 – they will discuss whether it should be considered or delayed. They will not rewrite requirements. TFTM is expecting to receive the final requirements text. TFTM is looking at requirements from a feasibility perspective. Are there security engineers that could help? Those types of people should already be in the SC already. TFTM is responsible for getting the program out based on requirements brought to them.
- Where are other groups in the process? With exception of SCC, the SC has provided more guidance and specificity on the requirements.
- Wrap up and actions for next week
- Next meeting May 7, 2015
- Security Committee to review feedback from FMO once received.