| Info |
|---|
Call not at quorum |
Date and Time
- Date: Wednesday, 24 July 2013
- Time: 07:00 PT | 10:00 ET | 14:00 UTC
- Dial-in: United States Toll +1 (805) 309-2350
- Alternate Toll +1 (714) 551-9842
- Skype: +99051000000481
- Conference code: 613-2898
...
- Administration:
- Roll Call
- Agenda Confirmation
- Approval of Minutes:AIM WG Minutes 01-May-2013
- Discussion / Action Item Review
- Discussion around "Review AMDG Recommendations and verify if/how they tie in to the AIMWG work"
- the AIM WG charter and next steps
- AOB
- Adjourn
Attendees
- Steve Olshansky
- Allan Foster
- Keith Hazelton
- Sal D'Agostino
As of May 1, 2013, quorum is 5 of 9
Non-Voting
Staff
- Heather Flanagan
Apologies
Minutes
Approval of Minutes:AIM WG Minutes 01-May-2013
- Call not at quorum
Administration
Action Items
...
Action | Assigned To | Status | Description | Comments |
|---|---|---|---|---|
| 20130723-01 | Keith Hazelton, Steve Olshansky | Keith to add in the additional columns to the attribute registry discussed and bring back to the group for discussion |
Action | Assigned To | Status | Description | Comments |
|---|---|---|---|---|
AIMWG CHARTER REVIEW SUGGESTIONS...as suggested by Joni
Recommendations taken from AMDG Report |
Discussion
...
Notes from the last call are particularly useful as we consider next steps - see AIM WG Notes 10-July-2013
See WG - Attributes In Motion - Roadmap Planning - AIMWG (make sure to add to next call when Ken Dagg and/or Colin Wallis are available)
- consider adding a paper on the issue of metadata around attributes themselves (i.e., level of confidence, level of assurance, age and duration, etc.) - does this fit under handling? context? or should it be its own thing?
- Allan was at the U.S. government ABAC workshop, and NIST 800-162 is the US government's first shot in terms of access control in the attribute space, and is a parallel to NIST 800-63 which was the original identity landscape; with 162, the questions started to come up of how do you issue and track this metadata (hallway discussions)
- part of the mission of this doc is to create a formal place for more of a XACML model, and while it probably won't be immediately impacting, it is likely to have a long term impact on this space
- this is a first attempt to try to formalize attribute based access control to frame the discussion, and there will be subsequent documents going in to more detail on specific components later
- Document is still open for public comment
- suggest starting with caching of status before caching with attributes
- do not make assumptions that the authoritative source will be repeatedly referenced - caching technologies will need to be taken in to account
- where should the metadata of attributes live, in what document?
- this is something of a chicken and egg problem, since we are guessing on both sides
- we are probably clearer on what the attributes are, what they look like, where they come from and how they are determined
- we do not have something that defines what are the metadata of attributes, what things do you need to manage as you look at an attribute in their life cycle
- if you have a metadata registry, what would you register? what would you apply best practices to?
- Keith has the rudimentary attribute registry, and the columns are essentially metadata on the attributes themselves - AI: Keith to add in the additional columns discussed and bring back to the group for discussion; Steve Olshansky to assist
- the challenge is that metadata outside of context are not really practicable
Next Call
- Date: Wednesday, 7 August 2013
- Time: 07:00 PT | 10:00 ET | 15:00 UTC
- Dial-in: United States Toll +1 (805) 309-2350
- Alternate Toll +1 (714) 551-9842
- Skype: +99051000000481
- Conference code: 613-2898