David, Thanks for your update on these docs/efforts. Imho, part of the theme of our response to ITU is to demonstrate that the OGF community understands federation management issues! --Craig On 12/18/12 3:50 AM, David Chadwick wrote:
Hi Craig
GFD.159 the OASIS XACML TC has recently published a draft which shows how to make a RESTful call to an XACML PDP. I am going to propose that OpenStack adopts this (not sure what response I will get since it is XML not JSON). If we go the restful route for cloud, then we should write a supplementary short bit of text to say how GFD.159 and the OASIS draft can fit together. We may also need a spec to say how an XACMLv2 request context can be transferred as JSON rather than XML, since the OASIS XACML group are only doing an XACMLv3 JSON spec.
GFD.158 This is the pull model for credentials. I think in our work with OpenStack and VOMS we will use the push model instead. Note sure how many systems support pulling credentials.
GFD.157 Not sure if any implementation other than PERMIS supports this. It seems that many implementations do credential validation in the PEP rather than in a separate service, and then they do not properly do credential validation - they simply check the signature of the SAML assertion and if it is OK, they say fine, the attributes are OK (which effectively means that all IDPs are trusted to issue all attributes).
regards
David
On 17/12/2012 23:52, Craig Lee wrote:
Alan,
I concur with all of your suggested documents. While these are presumably supposed to be cloud standards, I assume that we can propose standards that are arguable "cloud-relevant". (DFDL, WS-Agreement and WS-Agreement-Negotiation would all be in this category.)
If federation and distributed resource management is a strong suit for OGF, and since it's relevant to federated clouds, what about the following documents concerning security and federation management:
GFD.159 Use of XACML Request Context to Obtain an Authorisation Decision P-REC
GFD.158 Use of SAML to retrieve Authorization Credentials P-REC
GFD.157 Use of WS-TRUST and SAML to access a Credential Validation Service P-REC
These are all P-RECs. In fact, in terms of "preparing our submission", do we want to pursue a "theme" of cloud federation as being the major value that OGF brings to the table? There are other INFO and CP docs that we could reference.
What do others think?
--Craig
On 12/17/12 10:48 AM, Sill, Alan wrote:
Dear OGF Standards Council members and all area work group members,
We have received the following formal invitation to contribute to the ITU-T Joint Coordination Activity on Cloud Computing Cloud Standards Roadmap effort, as described further in the attached document.
---
Liaison Statement from ITU-T JCA-Cloud to OGF
Source: JCA-Cloud Title: Invitation to contribute to the cloud computing roadmap population
LIAISON STATEMENT
For action to: ITU-T Study Groups SG 2, SG 5, SG 11, SG 12, SG 13, SG 15, SG 16, SG 17, CT-CCVOCAB, CT-CCRA, TMForum, OMG-CSCC, ISMA, ISO/IEC JTC1 SCs 6, 7, 27 and 38, OASIS, MEF, *OGF*, DMTF, CSA, SNIA, GICTF, ISACA, ATIS CSF, ETSI TC Cloud, ETSI TC LI, IEEE Cloud Profiles Working Group, IEEE Intercloud Working Group, IETF, BBF
Agreed to at JCA-Cloud meeting (Geneva, 31 October 2012)
Deadline: 18 February 2013
---
If there are no objections, I would like to propose to submit, without loss of or change to the OGF copyright statement, the following OGF published standards documents:
DFDL (applicable to interchange of data between Software as a Service application)
GFD.174 <http://ogf.org/documents/GFD.174.pdf> Data Format Description Language (DFDL) v1.0 Specification
GFD.190 <http://ogf.org/documents/GFD.190.pdf> Mapping between DFDL 1.0 Infoset and XML Data Model
WS-Agreement and WS-Agreement-Negotiation (applicable to service agreement and SLA expression and parameter negotiation)
GFD.192 <http://ogf.org/documents/GFD.192.pdf> Web Services Agreement Specification (WS-Agreement)
GFD.193 <http://ogf.org/documents/GFD.193.pdf> WS-Agreement Negotiation Version 1.0
OCCI 1.1 Core, Infrastructure and HTTP Rendering (applicable to Infrastructure as a Service control and federation, with possible applications to Platform as a Service and Software as a Service Clouds, and also to software-defined networking infrastructure control)
GFD.183 <http://ogf.org/documents/GFD.183.pdf> Open Cloud Computing Interface - Core
GFD.184 <http://ogf.org/documents/GFD.184.pdf> Open Cloud Computing Interface - Infrastructure
GFD.185 <http://ogf.org/documents/GFD.185.pdf> Open Cloud Computing Interface - RESTful HTTP Rendering
In addition, I invite the OGF community to propose other documents for submission, or to complete work on documents that can be referenced in a summary to be submitted to ISO and the ITU-T, along with other cloud roadmap efforts. For the purposes of this ITU-T submission, please take note of the deadline and of the fact that it will take some time to prepare our OGF documentation to accompany the submissions.
If you have any questions, please feel free to explore the links below, which can be accessed if you create yourself a guest account, and to take note of the submissions already made by other participating liaisons from other standards organizations.
Thanks very much, and please let me hear from you.
Alan Sill OGF VP of Standards (acting as ITU-T JCA-Cloud liaison for OGF)
Begin forwarded message:
*From: *"Kurakova, Tatiana" <tatiana.kurakova@itu.int <mailto:tatiana.kurakova@itu.int>> *Subject: **Liaison Statement from ITU-T JCA-Cloud to OGF* *Date: *December 17, 2012 12:17:24 PM CST *To: *"Alan.Sill@ttu.edu <mailto:Alan.Sill@ttu.edu>" <Alan.Sill@ttu.edu <mailto:Alan.Sill@ttu.edu>> *Cc: *"mmorrow@cisco.com <mailto:mmorrow@cisco.com>" <mmorrow@cisco.com <mailto:mmorrow@cisco.com>>, "Lee, Chae Sub (TIES)" <chae-sub.lee@ties.itu.int <mailto:chae-sub.lee@ties.itu.int>>, "jamil.chawki@orange.com <mailto:jamil.chawki@orange.com>" <jamil.chawki@orange.com <mailto:jamil.chawki@orange.com>>, "li.mingdong@zte.com.cn <mailto:li.mingdong@zte.com.cn>" <li.mingdong@zte.com.cn <mailto:li.mingdong@zte.com.cn>>, "dibrack@microsoft.com <mailto:dibrack@microsoft.com>" <dibrack@microsoft.com <mailto:dibrack@microsoft.com>>, 이강찬 (chan@etri.re.kr <mailto:chan@etri.re.kr>) <chan@etri.re.kr <mailto:chan@etri.re.kr>>
Dear Mr.Sill, On behalf of ITU-T JCA-Cloud Chairman, Ms. Monique Morrow, I am pleased to send you the communication from the ITU-T Joint Coordination Activity on Cloud Computing group. Please find enclosed the Liaison Statement agreed by JCA-Cloud at its last meeting (31 October 2012) for OGF. It is for action before 18 February 2013. Thank you for acknowledging the receipt. Best regards, Tatiana Kurakova, TSB secretariat for JCA-Cloud International Telecommunication Union Place des Nations CH-1211, Geneva 20 Switzerland Tel.: +41 22 730 51 26 Fax: +41 22 730 58 53
_______________________________________________ ogf-board mailing list ogf-board@ogf.org https://www.ogf.org/mailman/listinfo/ogf-board
-- The wg-all mailing list is an umbrella list for all OGF mailing lists. If you are subscribed to any OGF mailing list, you will receive mails to wg-all.
You can unsubscribe from this list on
http://www.ogf.org/cgi-bin/perl/unsubscribe-wg-all.pl
wg-all mailing list wg-all@ogf.org https://www.ogf.org/mailman/listinfo/wg-all