MHonArc v2.5.0b2 -->
emergency message
[Date Prev]
| [Thread Prev]
| [Thread Next]
| [Date Next]
--
[Date Index]
| [Thread Index]
| [List Home]
Subject: RE: [emergency] CAP Visualization (was RE: CAP Developers'Forum...)
Thanks, Gary,
I am copying the list with my reply, so it should get through. BTW,
this is the kind of discussion we have been needing for some time, so
thanks to all. But special thanks to Gary for eliminating my need to
write to DMIS separately. I have asked for some special attention to
both the UDDI and ebXML Registry Tech Notes to WSRP which I will
forward or synopsize in the relatively near future. I will also be
looking into how to go about establishing some best practices
resources or guides for XACML, SAML and WSS.
Ciao,
Rex
At 11:27 AM -0400 5/20/04, Ham, Gary A wrote:
>Rex,
>
>This will probably bounce on the TC list so you may forward if
>necessary. All this security is wrapped up in the definition of "trust"
>as applied to individual networks. In a multiple network situation it
>should be expected that different networks will have differing "trust"
>needs for application and individual that might use the network. DMIS
>trust is based on the concept of establishing validated Collaborative
>Operations Groups (COGs) as defined virtual organizations of users who
>agree to dynamically create and share information amongst themselves in
>real time. Validation is a manual process and done individually using a
>variety of non-public techniques. Once validated, each COG administers
>its own individual membership. Designated primary operators for each
>COG may also, at the press of a button, post the created information to
>one or more other COGs on the network based own their own selection
>criteria.
>
>In production mode CAP senders through DMIS are COG members using some
>basic COG metadata to wrap their CAP message. If you look at the
>interface that prototyping systems have been using, you will see a
>special interoperability COG that does not directly connect to all
>production COGS. A COG member EM organization that uses one of these
>prototypes could however change the COG id used in the interface to
>their own and post directly into DMIS. Note that COGS can be formed for
>groups of users that do not use DMIS tools, but that they must be
>sponsored and maintained by legitimate EM related organizations. So one
>network could post to a second network through the DMIS backbone, but
>would still need to have compliance with the basic DMIS trust system.
>Actually that is just what was done in the Congressional demo when
>alerts created in a non-DMIS product were posted to DMIS, picked up by
>as third party, and reposted to ComCARE's E-Safety prototype. The
>middleman was a member of both trust networks.
>
>So, the question is how we come to agreement on trust issues. I doubt
>that we will because different networks have different needs. Hopefully
>we can agree to use particular standards as they are developed and made
>usable, but even with standards different needs for balance between
>openness and security will make inter network negotiation a required
>task.
>
>
>Respectfully,
>
>
>Gary A. Ham
>Senior Research Scientist
>Battelle Memorial Institute
>540-288-5611 (office)
>703-869-6241 (cell)
>"You would be surprised what you can accomplish when you do not care who
>gets the credit." - Harry S. Truman
>
>