12:01:36 <RRSAgent> RRSAgent has joined #wot-sec
12:01:36 <RRSAgent> logging to http://www.w3.org/2017/05/05-wot-sec-irc
12:03:30 <zkis> zkis has joined #wot-sec
12:05:03 <McCool> present+ Michael_McCool
12:05:10 <zkis> present+ Zoltan_Kis
12:05:52 <elena> present+  Elena_Reshetova
12:06:42 <kaz> present+ Daniel_Ibaseta, Kaz_Ashimura
12:06:51 <kaz> present+ Michael_Koster
12:07:01 <kaz> rrsagent, make log public
12:07:05 <kaz> rrsagent, draft minutes
12:07:05 <RRSAgent> I have made the request to generate http://www.w3.org/2017/05/05-wot-sec-minutes.html kaz
12:07:50 <kaz> Agenda: https://www.w3.org/WoT/IG/wiki/IG_Security_WebConf#Agenda
12:09:18 <daniel_ibaseta> daniel_ibaseta has joined #wot-sec
12:09:26 <daniel_ibaseta> Here?
12:10:05 <kaz> we invite Daniel as a guest today
12:10:08 <daniel_ibaseta> OK
12:10:20 <daniel_ibaseta> i dont ahve a microphone right now
12:10:23 <mjkoster_> mjkoster_ has joined #wot-sec
12:11:12 <kaz> -> @@@ Elena's resource tbd
12:11:43 <kaz> topic: WOT Threat model & security objectives
12:11:49 <McCool> https://github.com/w3c/wot/pull/318
12:13:12 <kaz> elena: explains her proposed thread model description
12:13:15 <kaz> ... which is to be merged
12:13:43 <kaz> mm: security model provided by the underlining mechanism?
12:13:53 <kaz> ... or something specific for wot itself?
12:13:59 <zkis> q+
12:14:23 <kaz> s/mechanism/protocols/
12:15:25 <kaz> elena: threat model of protocols vs application layer
12:15:45 <kaz> ... some messages might be reordered or delayed
12:16:02 <kaz> mm: layering our threat model
12:16:13 <kaz> ... on the top of underlying protocols
12:16:45 <kaz> elena: first table is regarding the stakeholders
12:17:27 <kaz> ... thing manufacturer (oem), solution provider and solution user
12:17:39 <kaz> s/table/column/
12:17:49 <kaz> mm: provider creating new things?
12:18:03 <kaz> ... user using things which are created by providers?
12:18:32 <kaz> ... possibly both at once
12:19:28 <kaz> q+
12:20:47 <kaz> q+ to ask about if "solution provider" means "thing exposer" and "solution user" means "thing consumer"
12:21:12 <kaz> elena: you can have flexible definition
12:21:17 <zkis> q-
12:21:35 <kaz> ... there might be a number of solution providers
12:22:02 <kaz> mm: there are similar tables by other SDOs
12:22:24 <kaz> ... you might outsource or contract of our systems to 2nd/3rd parties
12:23:02 <kaz> ... factory owners may ask the others to maintain the factories based on some contract
12:23:12 <kaz> q?
12:23:25 <kaz> ... issue you need to delegate responsibilities to people
12:23:48 <kaz> elena: ok. but it's important to think about these roles
12:24:21 <kaz> ... 3 basic stakeholders
12:24:33 <kaz> mm: can imagine some nested situations
12:24:47 <kaz> ... a user can add some additional services
12:25:00 <kaz> ... multiple security owners are possible
12:25:56 <kaz> s/Daniel/Daniel from CTIC/
12:26:47 <kaz> elena: do we have any tree structure or hierarchy?
12:27:15 <kaz> mm: e.g., ISP provides some box for network connection
12:27:31 <kaz> ... let's make a list of issues and see which are in/out of scope
12:27:45 <kaz> elena: bootstrapping
12:28:17 <kaz> mm: let's assume a tree and see if it works
12:28:41 <kaz> elena: there could be a higher tree
12:28:57 <kaz> zk: there may be contracts between manufacturers
12:29:13 <kaz> ... different deployment mechanism
12:29:25 <kaz> mm: how general setting do we allow here?
12:29:31 <kaz> q?
12:29:43 <kaz> elena: would explain the detail during the f2f
12:30:32 <kaz> q?
12:31:30 <kaz> zk: where do we want to file the issues for the security work?
12:31:44 <kaz> mm: I raised an issue about that within the Chairs group
12:32:12 <kaz> ... we would raise issues within the IG
12:32:47 <kaz> ... let's revisit the detail on how to handle them after the f2f
12:33:25 <kaz> q?
12:34:01 <kaz> ack k
12:34:01 <Zakim> kaz, you wanted to ask about if "solution provider" means "thing exposer" and "solution user" means "thing consumer"
12:35:49 <kaz> mm: kind of similar
12:36:30 <kaz> elena: it's similar idea but maybe different
12:36:34 <McCool> q+
12:37:07 <kaz> ... it's not only denoting physical things
12:38:03 <kaz> zk: this is related to WoT assets
12:38:13 <kaz> ... not stakeholders
12:38:34 <kaz> kaz: let's talk about the relationship during the f2f
12:38:39 <kaz> elena: ok
12:38:39 <McCool> mm: let's discuss relationship of thing roles and stakeholder types in F2F or in a future meeting... need to create issue
12:39:48 <kaz> elena: explains the description
12:40:20 <kaz> ... does not contain any confidential or privacy sensitive information. however, its integrity is crucial for the system correct operation.
12:40:40 <kaz> s/description/description on Thing Description (TD)/
12:40:53 <kaz> ... let's go for asset first
12:41:14 <kaz> ... who should have access (trust model)
12:41:22 <kaz> ... TDs owner: full access
12:41:28 <kaz> ... Others: read only
12:41:34 <kaz> ... Attack poiints:
12:41:40 <kaz> s/poiints/points/
12:41:57 <kaz> ... storage on thing itself, cloud storage, in-transfer (network) including TD updates
12:42:15 <kaz> ... next
12:42:22 <kaz> ... solution user data:
12:42:46 <kaz> ... different solution users might have different level of access to this data based on the use case.
12:43:00 <kaz> ... mechanism should be flexible to configure and include also RBAC
12:43:19 <kaz> ... Others: should have no access unless specifically allowed
12:43:37 <kaz> ... storage on thing itself, solution provider storage (remote cloud or other), in-transfer (network)
12:43:52 <kaz> mm: physical asset effected by things
12:44:13 <kaz> ... it's question of affecting physical affect
12:44:21 <kaz> ... question of environment
12:44:36 <kaz> elena: good idea to add asset
12:44:47 <kaz> ... will modify this table
12:44:56 <kaz> ... next
12:45:07 <kaz> ... solution provider scripts and their configuration data:
12:45:13 <McCool> mm: things can have actuators, can affect physical world; these are also assets
12:45:13 <kaz> ... solution provider: full access
12:45:20 <kaz> ... others: no access
12:45:59 <kaz> ... storage on the thing itself, remote storage (if scripts are backed up to a remote storage), in-transfer only for initial provisioning and scripts updates
12:46:24 <kaz> mm: we should have discussion on how to manage issues
12:47:42 <kaz> kaz: why don't we have a separate repo, wot-security, so that both the IG guys and the WG guys can make contribution
12:48:12 <kaz> mm: there are 3 possibilities
12:48:23 <kaz> ... under WG, under IG or a separate repo
12:48:31 <kaz> ... need to talk with the other co-Chairs
12:48:57 <kaz> elena: would like inputs from the other WoT participants
12:49:07 <kaz> ... the more we can get inputs, the better
12:49:32 <kaz> kaz: let's send a proposal to the Chairs list
12:51:12 <kaz> ... at the moment, we can record issues here within the minutes
12:53:28 <kaz> mm: let's go through this document (AssetsThreatModelSecurityObjectives.md)
12:53:53 <kaz> ... maybe we should categorize the issues into 2 categories
12:54:13 <kaz> ... basic model and new things
12:54:26 <kaz> elena: what about updating?
12:54:34 <kaz> zk: image-based and script-based
12:55:12 <kaz> mm: good idea to talk about the basic model first
12:55:28 <kaz> elena: will update this table accordingly
12:57:08 <kaz> ... btw, do we want to support access model for co-existing providers?
12:57:29 <kaz> ... some providers might have relationship with other providers
12:57:58 <kaz> mm: if we assume only one provider, it's simpler as the starting point
12:58:35 <kaz> ... it is considered by OpenFog
12:58:47 <kaz> ... thinking about layered model next would make sense
12:59:33 <kaz> ... possibly there could be multiple things within a device
12:59:44 <kaz> ... that's one issue
13:00:07 <kaz> ... and the other issue is having more than one provider for one device
13:00:20 <kaz> ... yet another category
13:01:25 <kaz> ... we list assets within a physical device
13:02:16 <kaz> elena: think it would be better to start with a simpler model
13:02:21 <kaz> s/think/agree/
13:02:33 <kaz> mm: let's start with normal tendency
13:03:59 <kaz> elena: move forward with the table
13:04:24 <kaz> ... Thing's resources, WoT Infrastructure resources...
13:04:35 <kaz> ... the last two rows
13:04:46 <kaz> ... any behavior information we want to protect?
13:04:55 <kaz> ... todo: list all the keys/credentials...
13:05:12 <kaz> ... you have to do something extensive to hide information
13:05:27 <kaz> mm: extra APIs for that purpose?
13:06:12 <kaz> ... if things exposed information protected?
13:06:22 <kaz> elena: non-directly exposed information
13:06:44 <kaz> mm: information itself shouldn't be confidential
13:07:03 <kaz> ... only the basic information may be exposed
13:07:53 <kaz> ... it's a broader responsibility for the protocol level
13:08:47 <kaz> ... get the rest of the group to clarify what to be added
13:09:00 <kaz> ... protocol binding may hide information
13:09:47 <kaz> zk: if we have multiple authentication capabilities, we can choose one of them
13:09:58 <kaz> ... we can postpone this point
13:10:18 <kaz> mm: we need to get concrete proposals for protocol binding
13:10:52 <kaz> elena: you might have to communicate with something
13:11:12 <kaz> mm: which form of authentication is used?
13:11:20 <kaz> ... should I protect that?
13:11:26 <kaz> ... there are 2 levels
13:12:58 <kaz> ... we should stop discussion about this for today
13:13:24 <kaz> ... will add references
13:13:29 <kaz> topic: f2f planning
13:13:45 <kaz> -> https://www.w3.org/WoT/IG/wiki/F2F_meeting,_May_2017,_Osaka,_Japan Osaka f2f
13:14:14 <kaz> mm: make sure the agenda makes sense
13:14:38 <kaz> ... I proposed this:
13:14:39 <kaz> [McCool] Security [afternoon, remote participants from Europe]
13:14:39 <kaz>     [Elena] Threat and Asset models
13:14:39 <kaz>     Review of related models, i.e. from IETF
13:15:14 <kaz> mm: and will cover OCF security model and IIC one separately
13:15:45 <kaz> ... 1 hour for Elena's Threat and Asset model
13:16:37 <kaz> ... having a 2-hour session would be difficult for people to digest
13:16:51 <kaz> ... so maybe we should have 2 separate 1h sessions?
13:18:07 <kaz> ... 1. stakeholders, assets, threats (1h)
13:18:14 <kaz> ... 2. discussion (1h)
13:18:49 <kaz> s/threats/threats, attack surfaces/
13:19:13 <kaz> ... or discussion separately on the topics
13:19:22 <kaz> zk: we need input from participants
13:19:55 <kaz> (discussion on the plan)
13:20:42 <kaz> kaz: maybe it would make sense to have a breakout discussion as well
13:21:32 <kaz> ... and wrap-up as a plenary session as well
13:21:45 <kaz> mm: overview plenary
13:22:49 <kaz> s/mm: overview plenary//
13:23:12 <kaz> zk: security is important for everybody, so all the talks should be plenary
13:23:20 <kaz> kaz: right
13:23:32 <kaz> ... plenary talks, breakout discussion and then l
13:23:43 <kaz> s/then l/then plenary wrap-up/
13:24:25 <kaz> (some more discussion)
13:27:05 <kaz> 1. stakeholders, assets (45m, plenary)
13:27:24 <kaz> 2. threats, attack surfaces (45m, plenary)
13:27:42 <kaz> 3. classification and prioritization (45m, breakout)
13:27:50 <kaz> 4. summary and next steps (30m, plenary)
13:28:24 <kaz> i/stakeholders/0. security process (15m)/
13:28:50 <kaz> zk: the security process talk could be given as part of the keynote session
13:29:28 <kaz> elena: wondering about the timing
13:30:17 <kaz> kaz: I think we'll start the afternoon session at 2pm in Japan, and it's 7am in Europe
13:30:21 <kaz> elena: perfect
13:30:50 <kaz> s/15m)/15m, keynote day)/
13:31:34 <kaz> mm: updates the "Future Agenda Items" on the Security TF wiki: https://www.w3.org/WoT/IG/wiki/IG_Security_WebConf#Agenda
13:31:58 <kaz> ... presentation materials for f2f
13:32:08 <kaz> ... review of IETF-ACE and IIC-SF and CoAP and others
13:32:11 <kaz> [ adjourned ]
13:32:32 <kaz> rrsagent, draft minutes
13:32:32 <RRSAgent> I have made the request to generate http://www.w3.org/2017/05/05-wot-sec-minutes.html kaz
13:34:06 <kaz> Meeting: WoT IG - Security
13:34:17 <kaz> Chair: McCool
13:34:21 <kaz> rrsagent, draft minutes
13:34:21 <RRSAgent> I have made the request to generate http://www.w3.org/2017/05/05-wot-sec-minutes.html kaz
14:57:15 <Zakim> Zakim has left #wot-sec
16:57:25 <zkis> zkis has joined #wot-sec
21:48:06 <zkis> zkis has joined #wot-sec