Re: EdgeX Security Team F2F?
toggle quoted messageShow quoted text
I'll raise this on the TSC call tomorrow.
On 25 July 2017 at 20:14, David Ferriera <david.ferriera@...>
I tried to attend some of the London session remotely. I missed the Security session, but it looks like the following was agreed for Barcelona:
- No implementation as MVP
- Build longer term roadmap – the EdgeX security story
- Agreement on what security features are going to be in EdgeX and what’s going to be provided by the platform that EdgeX runs on (example: the underlying platform must have a keystore)
- Agreement on security requirements
- Define what EdgeX security service(s) need to be eventually implemented
- Define what security hooks need to be added to the existing micro services
- Define what standards, protocols, etc. are going to be adhered to and followed by EdgeX (ex: IIC specs, OAuth tokens, etc.)
- Provide guidance on how security features can/should be tested
I think it would be very helpful for the Security wg to have a F2F to jumpstart progress on the above. Forgerock is willing to host at our office in SF assuming the number of attendees is less than 20 (room size limit). I was thinking late August would be good timing. Maybe the week of 8/21?
I know several members of the Security working group have offices in SF, so I thought it would be convenient. I am open to other suggestions as well.
John? Team? What do you think?
David Ferriera | Forgerock
Director, Cloud Technology | Office of the CTO
Join EdgeX-TSC-Security@lists.edgexfoundry.org to automatically receive all group messages.