January 22, 2015 Meeting Page
From IDESG Wiki
SECURITY COMMITTEE / FUNCTIONAL MODEL MEETING NOTES - draft
Meeting Date: January 22, 2015
Attendees-- review attendee list
- Adam Madlin
- Ann Racuya-Robbins
- Bev Corwin
- Bob Pinheiro
- Christopher Spottiswoode
- Hans Vargas
- Linda Braun, Global Inventures
- Martin Smith
- Paul Knight, FMO
- Jerry Kickenson
- Ryan Galluzzo
- Sal D’Agostino
- Suzanne Lightman
- Notes taken by Linda Braun
- Approve meeting notes
- January 8, 2015 https://www.idecosystem.org/wiki/January_8,_2014_Meeting_Page. (Sal asked for a small correction to be made before approving, which was done).
- January 15, 2015 https://www.idecosystem.org/wiki/January_15,_2014_Meeting_Page
- General updates:
- Plenary planning for Security Committee breakout
- Our normally scheduled call for next week will not be taking place. Instead, the Security Committee will have a breakout session on Thursday, January 29 at 4:30pm. Adam will be attending in person.
- The annual elections for elected officers of the IDESG began today, January 22, 2015. The election schedule has been posted on www.idecosystem.org.
- Security standards discussion
- The Security Committee nominated three security standards which have been submitted to be included in the standards registry. It will take some time to work through the process. More discussions are planned on the standards.
- The Standards Committee sent out email about the presentation of SAML 2.0 standard at the Plenary. The Management Council will be making some recommendations on the process; this is the first standard brought forward and is getting a lot of visibility.
- Process to get feedback on Security Requirements discussion
- The process to get external feedback relative to requirements has started. This is a process that all the requirements of the IDESG should follow; the FMO is using this as a pilot case.
- The FMO has focused on feedback related to our high level requirements. They are giving us feedback on the requirements and other aspects of the identity ecosystem that they are layering in. The FMO has done one round of interviews. There will be a presentation on the feedback, in particular the process, at the Plenary and how we get that feedback into our requirements.
- Discussion followed: There was a question as to how the questions were developed. The scope started with security requirements. It is intended to be an anonymous process so they are not going to attribute feedback to any group of individual.
- A number of other questions were asked about the role of the FMO. Many of the questions were not questions for the Security Committee.
- There were also questions about IDESG messaging. Adam commented that ConnellyWorks will be giving a presentation at the Plenary about the overall marketing communications (internal and external).
- Adam requested that if anyone has other questions, they need to put them into writing and send to the Management Council because the conversation was getting out of scope from a security requirements perspective.
- Meeting adjourned at 1:59pm EST.
- New business/other topics
- Next meeting January 29, 2015 at the Plenary.