Re: [cosmos-dev] Security scope from a CA perspective - Summit agenda it

[David Whiteman <David_Whiteman@xxxxxxxxxx>]

You might want to ask on eclipse.technology.higgins
newsgroup.  Maybe some Higgins adopters there can talk to your questions
in blue about what it's desgined for and how it's been used.

David
---
David Whiteman | Tivoli Autonomic Computing
Eclipse COSMOS project committer | http://www.eclipse.org/cosmos/
david_whiteman@xxxxxxxxxx | 919-254-8224 | T/L 444-8224

"Mohsin, Jimmy" <Jimmy.Mohsin@xxxxxx>
Sent by: cosmos-dev-bounces@xxxxxxxxxxx

05/15/2008 12:54 PM

Please respond to
Cosmos Dev <cosmos-dev@xxxxxxxxxxx>

To	<cosmos-dev@xxxxxxxxxxx>
cc
Subject	[cosmos-dev] Security scope from a CA perspective - Summit agenda        item from CA

All,
 
This is in reference to the Security capabilities
we need for CA from COSMOS 1.0.
 We need a simple implementation
that supports authentication ONLY (no authorization, encryption
is nice to have).  One of our initial adopter products has a web service
that needs three parameters: login, password, and the (graph) query string.
 
Since COSMOS does not have any security today
whatsoever, we need to find a way to pass on the login / password from
the COSMOS client (and possibly the webUI) to the MDR’s web service.
 
There is NO need to deal with any roles /
authorization at this point; I state this explicitly to narrowly define
the scope of our initial implementation.  Encryption, while NOT required
by the CA product, would be nice to have, assuming it does not add significant
time to the implementation.
 
Now some 64 million dollar questions:
Do we need Higgins for this limited implementation?  Given our timeframes,
should we do a simple / custom authentication implementation for now, and
bring in Higgins later when we have elaborate security requirements?  Does
anyone have any elaborate requirements at this juncture?  Is Higgins
designed for such a simple Security implementation, or using Higgins for
this purpose would be like swatting a fly with a tactical nuke?  Has
anyone utilized Higgins for a similar scenario in conjunction with another
open source (or corporate) project?
 
Thanks,
Jimmy Mohsin
Cell   +1-609-635-1703
 
---------------------------------------------------------------------------------------------------------------------------------------------------------------------------
From: cosmos-dev-bounces@xxxxxxxxxxx
[mailto:cosmos-dev-bounces@xxxxxxxxxxx] On Behalf Of Ebright, Don
Sent: Wednesday, May 14, 2008 10:06 AM
To: Cosmos Dev
Subject: RE: [cosmos-dev] Security must-do for COSMOS 1.0
 
Jimmy
 
I think that this is worthy thing
to prioritize, but we need to assess the impact on other requirements.
 
Don
 

The contents of this e-mail are intended for the named addressee only.
It contains information that may be confidential. Unless you are the named
addressee or an authorized designee, you may not copy or use it, or disclose
it to anyone else. If you received it in error please notify us immediately
and then destroy it.
 
From: cosmos-dev-bounces@xxxxxxxxxxx
[mailto:cosmos-dev-bounces@xxxxxxxxxxx] On Behalf Of Mohsin, Jimmy
Sent: Wednesday, May 14, 2008 9:55 AM
To: Cosmos Dev
Subject: [cosmos-dev] Security must-do for COSMOS 1.0
Importance: High
Don / Mark,
 
Quick note about the Security item for the
May Summit meeting…. We have a critical adopter that requires Security
internally.  It is essential for us to have a minimal Security implementation
for the 1.0 timeframe.  Minimal is defined as the ability to pass
on a login-id/password; I have opened a bugzilla entry (231400) for this
ER; design document to follow shortly….
 
We would be willing to actively participate
from our end to get this capability implemented in i12…  Thoughts?
 
Thanks,
Jimmy Mohsin
Cell   +1-609-635-1703
 
 
 _______________________________________________
cosmos-dev mailing list
cosmos-dev@xxxxxxxxxxx
https://dev.eclipse.org/mailman/listinfo/cosmos-dev