EdgeX Security Team F2F?


David Ferriera
 

Hi All,

   I tried to attend some of the London session remotely.  I missed the Security session, but it looks like the following was agreed for Barcelona:

  • No implementation as MVP
  • Build longer term roadmap – the EdgeX security story
  • Agreement on what security features are going to be in EdgeX and what’s going to be provided by the platform that EdgeX runs on (example:  the underlying platform must have a keystore)
  • Agreement on security requirements
  • Define what EdgeX security service(s) need to be eventually implemented
  • Define what security hooks need to be added to the existing micro services
  • Define what standards, protocols, etc. are going to be adhered to and followed by EdgeX (ex:  IIC specs, OAuth tokens, etc.)
  • Provide guidance on how security features can/should be tested

  I think it would be very helpful for the Security wg to have a F2F to jumpstart progress on the above. Forgerock is willing to host at our office in SF assuming the number of attendees is less than 20 (room size limit).  I was thinking late August would be good timing.  Maybe the week of 8/21?

   I know several members of the Security working group have offices in SF, so I thought it would be convenient.  I am open to other suggestions as well.

 John?  Team?  What do you think?

Thanks,
-David


--
David Ferriera | Forgerock
Director, Cloud Technology | Office of the CTO
t +1 408.454.8189 | w forgerock.com

Join EdgeX-TSC-Security@lists.edgexfoundry.org to automatically receive all group messages.