WoT IG - Security

28 Aug 2017

See also: IRC log


Kaz_Ashimura, Elena_Reshetova, Michael_Koster, Michael_McCool, Uday_Davuluru, Zoltan_Kis, Reshetova_Elena


<kaz> scribenick: uday

Architecture FPWD

McCool: Discusses issue 32
... WoT Interface definition clarification

<kaz> architecture issue 32

Elena: in threat model, interfaces are directly exposed

<kaz> terminlogy

McCool: no separate WoT interface


<kaz> Thing Description issue 32

McCool: change WoT API to WoT interface

<McCool> https://services.w3.org/htmldiff?doc1=https%3A%2F%2Fraw.githubusercontent.com%2Fw3c%2Fwot-thing-description%2Fmaster%2Findex.html&doc2=https%3A%2F%2Fraw.githubusercontent.com%2Fmmccool%2Fwot-thing-description%2Fsecurity%2Findex.html

<kaz> HTML diff above

<McCool> WoT API -> WoT Interface

<McCool> API -> WoT Interface

<McCool> WoT Protocol -> WoT Communication

Elena: to update changes in Threat model document

McCool: to clean content in TD document

Architecture FPWD - revisited

<kaz> Architecture issue 32

McCool: restructuring architecture document
... working on proposal of IEEE workshop

scribenick: kaz

kaz: question about restructuring

scribenick: uday

McCool: open issue about security consideration is deferred until first draft is out
... focus on current pull request on TD

kaz: should issue 32 be open? or once close it and create another issue for the second version after fpwd?

scribenick: kaz

McCool: 2 sections for "Security and Privacy" (3.3 and 4.6)

McCool: architecture- security and privacy discussion

kaz: so should we wait for first draft to close issue 32?

McCool: yes
... goes through changes in document
... will start to working on PR of architecture document once Matthias's PRs are merged (e.g., Thu/Fri)

scribenick: kaz

McCool: as Matthias mentioned, we need some more content for security consideration

scribenick: uday

Elena: to come up with outline of topics needed for security considerations in Architecture doc

scribenick: kaz

McCool: we can talk about that next week but we can't include it into the FPWD

IEEE Workshop Proposal

McCool: next week, would like to talk about the IEEE workshop as well

<McCool> Sven Schrecker from IIC Security Framework... seems willing to help with IEEE S&P "IoT Security" proposal

McCool: program committee should include people from academia

<McCool> Topics: Threat, risk models, and use cases (for IoT) Lightweight security mechanisms Challenges due to intermittent connectivity Enabling secure interoperability across ecosystems Privacy, identity, and metadata management Interplay between safety and security Integrating systems with different levels of security and trust Distributed trust systems (for example, blockchain) Security in information-centric networks

<kaz> https://www.ieee-security.org/TC/SP2018/cfworkshops.html

kaz: you'll bring this proposal to the Chairs call on 30th. right?

McCool: yes
... any other topic?

kaz: a possible IE guy from the DAS group?

McCool: need more connection between web security and WoT security

kaz: let's have some more chat during the Chairs call

McCool: to update the PR and update the TD for FPWD
... discuss IEEE S&P on Wednesday 30.08
... will update the references with corresponding items

[ adjourned ]

Summary of Action Items

Summary of Resolutions

[End of minutes]

Minutes formatted by David Booth's scribe.perl version 1.152 (CVS log)
$Date: 2017/08/28 14:30:18 $