OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

ebxml-dev message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]

Subject: RE: [ebxml-dev] ebXML security

Is this security issues list for ebXML v. 2.0 or for a future version of
Zahid Ahmed

-----Original Message-----
From: Douglas Nelson [mailto:douglas.nelson@sun.com]
Sent: Thursday, August 08, 2002 3:38 PM
To: ebxml-dev@lists.ebxml.org
Subject: [ebxml-dev] ebXML security

I would like to start a thread of security issues to discuss what features
need to be included, interfaces, we would like to have and general discusses
of each of the primary features. I am thinking the features should be
available as web service and as an API possible an addition to the java core
api's for web services. I would be interested in what you guys have thinking
about security.  This first cut at the primary features,  you guys come up
with any more, might include the following: 

*	Administration - An administrator shall have all the tools necessary
to define and maintain roles, monitor all security aspects of the framework
and to perform maintenance on any of the security modules. 

*	Auditing - The administrator shall be able to return the framework
to any previous state on any given day, view logs and to track changes to
the system by other authorized users and administrators. 

*	Authorization - The framework shall provide a mechanism that will
allow an administrator to define roles to access confidential data and

*	Authentication - The framework will uniquely identify a user by user
id and password or the acceptance credential information from a federated
third party server. 

*	Certificate Management - The administrator will have the ability to
accept, delete, track certificates submitted from a trusted third party on
behalf of all users registered to the framework. 

*	Encryption - The framework will provide API (Application Program
Interface) to support encryption of all or part of an XML (eXtensible Markup
Language) message document. 

*	Monitoring - The framework will monitor and issue alerts to
administrators and support personal when errors, exceptions or general
failures occurs. 

*	Planning for Evolution - The framework will be architected in a
object oriented modular fashion to allow new open standards to be introduced
without have to effect the pre- established API's or web services. 

*	Privacy - The framework will provide a mechanism that will allow
documents to be classified and encrypted so that the document may only be
view by those to whom the document was intended. 

*	Redundancy - The framework will have the ability to be load balance
and fail over to additional servers. 

*	Single Sign On - User will have the ability to log on to any of the
trusted federated server and be authorized to access data and services by
user id and password or any additional federated servers providing the
appropriate credentials. 

*	Time Stamping - The framework will have the ability to sync its
internal clock to government run time sync servers to maintain accurate
logging and saving of documents for non-repudiation. 

Thanks Doug 

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]

Search: Match: Sort by:
Words: | Help

Powered by eList eXpress LLC