April 24, 2014 Meeting Page
SECURITY COMMITTEE / FUNCTIONAL MODEL MEETING NOTES
Meeting Date: April 24, 2014
- Adam Madlin
- Ann Racuya-Robbins
- Bob Natale
- Chan Lim
- Christopher Spottiswoode
- John Willis
- Mike Garcia
- Ryan Galluzzo
- Sal D’Agostino
- Seetharama Durba
- Administrative issues were reviewed, roll call, IPR policy
- Notetaker was assigned to Ann Racuya-Robbins
- Members that have not been active in a while were welcomed and encouraged to review the Security/Functional Model wiki content and participate.
- Feedback from MC retreat
- A correspondence detailing the MC retreat will be forthcoming but nothing to report as of yet.
- Elections will be underway in the near future. A time line will be forthcoming for the election schedule.
- Discussion of Functional Model Approach
- How does this Functional Model fit into the overall Identity Ecosystem Framework? The general guidance is that the feedback from the Plenary Leadership should be forth coming before the next Plenary.
- Mike Garcia said that the role of the Functional Model is to categorize the work of the IDESG and to create a communication tool so that internal and external interaction will be facilitated as well as to write requirements. For example, in the first case a company may want to identify that “we are interested in developing or working on this part of the Functional Model.”
- The suggestion was made that we need reference models/implementations of the Functional Model. **There may be many implementations of the common sections, including requirements, governance, standards, and operations.
- One idea was to take the use cases as a first start towards creating key reference model. The Reference Model Creation work item will be added to the Functional Model Next Steps page.
- The requirements for IDESG including Certifications will be transparent. It is possible that some communities of interest may not be transparent in some way. A process/usecase for governing and creating baselines for Communities of Interest including transparency should be discussed going forward? ARR has agreed to provide input on what that process should look like.
- The question was raised about how the Security Committee should review the Functional Model. It was suggested and no objection raised that work items that come out of the Functional Model Adhoc group such as the Functional Model Approach should be official deliverables of the Security Committee.
InterProcess Communication Gap
- It was pointed out that major gap area is harmonizing by design intermediation and interoperation. The suggestion is to look at CORBA and why it failed. When CORBA 1 evolved into CORBA 2 it didn’t have an interoperation plan so it branched in different directions. The gap or challenge can be seen by looking at the details of interoperation and the need for standards for (IPC) inter process communication. That is there needs to be standards for cross the board interoperation that is needed for federation and ecosystem development. In the CORBA development case there were too many silos with different implementation and the request brokers. This is not being looked at currently in the IDESG and is dangerous for the long term survivability of the identity ecosystem. Christopher will write something about this situation.
- Reviewed the Un and Underserved Use Case Discussion – lead by Chan Lim
The Un and Underserved People Use Case functional model mapping performed by Chan was discussed. A general sense emerged that a functional gap has emerged in the Registration attribute control function and potentially the authentication function. Ann said she would review and update the Functional Model with some possible solutions to the gap(s). Sal felt this may require an exception process under redress function under Administration and Maintenance. Ann thought it might be addressed earlier in the model. Chan offered to work further with Ann if needed.
- Bring Next Steps on work actions to the next meeting.