Security Chapter, FIWARESprint 4.3.1 status

Chapter Leader: Pascal BissonChapter Architect: Cyril Dangerville

Cyber Security GE owner: Olivier Bettan, Thales

Achieved in Sprint 4.3.1

– Feature: Scored Attack Path – User preferences– SEC

173 (in progress)

• Story 371 Balance Scores (to be continued in 4.3.3): User

preferences feature enables the user to balance the scores

computed automatically with her own scores coming from

her vision and experience of the field. For each attack path,

he enters his own score.

• Story 409: RiskVisualizationAttritionLevel HMI Design

Cyber Security

Next steps

• Sprint 4.3.2

– Feature SEC-174: Risk Visualization – Attrition level

• Story 411: RiskVisualizationAttritionLevel HMI implementation

• Sprint 4.3.3

– Feature SEC 174: Risk Visualization – Attrition level

• Story 410: RiskVisualizationAttritionLevel.AttritionVisualization

– Feature SEC 173: Scored Attack Path – User preferences

• Story 408: Balance Scores – Cloning Story 371

PrivacyGE owner: Stephan Neuhaus, ZHAW

Achieved in 4.3.1

• Installation and Configuration Guide for all three services (Issuance, Verification, User)

• Unit Test Plan for all three services• Open API descriptions for all three services• VM Images for inclusion in the Lab• Service Filter for Resource Owners

Privacy

Planned for 4.3.2

• Get everything approved• Release Privacy GE in Release 4.3

Trustworthy FactoryGE owner: Sébastien Keller, Thales

Achieved in 4.3.1

• Work on documentation to prepare first release of FIWARE GE: Materializing_Security_in_FI-WARE

• Preparing release of Factory (IDE) for Java

Trustworthy Factory

Planned for 4.3.2

• Deliver GE Open Specification on the wiki• First version of Trustworthy Factory for Java• Preparing Demo of Factory for Java

Authorization PDP – AuthZForceGE owner: Cyril Dangerville, Thales

Achieved in 4.3.1

• Deployment of new FIWARE LAB image for R4.3 (Impeded)

• Access Logging of API requests/response: implementation

• Improve REST API with dedicated paths to sub-policies

(XACML): implementation

– .../policies/HR

– .../policies/Sales

Authorization PDP – AuthZForce

Planned for 4.3.2

• (Continued from 4.3.1) Deployment of new

FIWARE LAB image for R4.3

• Access Logging: finish testing

• Improve REST API with dedicated paths to

sub-policies: finish testing

PEP – WilmaGE owner: Alvaro Alonso, UPM

Achieved in 4.3.1

• HTTPS compatibility

• Token Caching

PEP – Wilma

Planned for 4.3.2

• Support for public paths

• Communication with Authorization PDP

• PEP registration in IdM

Identity Management – KeyRock GE owner: Alvaro Alonso, UPM

Achieved in 4.3.1

• Requirements for new policies

– Types of users (Basic, Trial, Community)

– Terms & conditions

– Cloud organizations

• Deployment of new release

– In dev environment

– Bridge v2-v3 for Keystone

Identity Management – KeyRock

Planned for 4.3.2

• Deployment of new release in production

• Bug fixing

Identity Management – KeyRock

• DEMO