Security TF

From MemberWiki

Jump to: navigation, search

Contents

Background

The members of OpenAjax Alliance decided during its October 2006 face-to-face meeting that there should be a Security Task Force, which resulted in various people signing up, preparatory discussions, selection of a Chair (Larry Koved), and then a kick-off teleconference Security_Minutes_2007-06-15.

Task Force Schedule

Phone calls on Mashup Authentication and Authorization

Upcoming phone calls:

  • Next phone call will probably happen in April 2009. We are waiting for updated samples that show how to do authentication within a widgets.

Current topic of discussion: Mashup authentication and authorization, focused on single-signon issues. As we discussed at the face-to-face meeting last fall, the Security Task Force will be exploring how to address mashup authentication and authorization, particularly focused at single sign-on requirements. The short-term goal is to have a conversation among the OpenAjax members about target use cases, identification of requirements, and gap analysis versus what exists in the industry today. Ultimately, this initiative will produce recommendations about formal activities (if any) that OpenAjax Alliance should pursue to address industry gaps.

Ongoing meeting frequency and standard time slot

TBD at the kick-off phone call

Chair and membership

Larry Koved chairs this task force. The following list is the current members in this task force:

  • Alex Russell <alex(at)dojotoolkit.org>
  • Bertrand Le Roy <bleroy (at) microsoft.com>
  • David Boloker <boloker(at)us.ibm.com>
  • Frank Nimphius <frank.nimphius(at)oracle.com>
  • Gideon Lee <glee(at)openspot.com>
  • Howard Weingram <weingram (at)tibco.com>
  • Joe Walker <joe(at)getahead.org>
  • John Crupi <john.crupi(at)jackbe.com>
  • Jon Ferraiolo <jferrai(at)us.ibm.com>
  • Larry Koved <koved(at)us.ibm.com>
  • Naohiko Uramoto <uramoto(at)jp.ibm.com>
  • Ondrej Zara <ozara(at)openlinksw.com>
  • Paddy Byers <paddy.byers(at)gmail.com> (Aplix)
  • Shel Finkelstein <shel.finkelstein(at)sap.com>
  • Steve Hunt <steve.hunt(at)coradiant.com>
  • Ted Thibodeau <tthibodeau(at)openlinksw.com>
  • Todd Kaplinger <todkap(at)us.ibm.com>
  • Yuecel Karabulut <yuecel.karabulut (at) sap.com>
  • Xiaofeng Fan <xiaoffan(at)exchange.microsoft.com>
  • Samuel Santos <ssantos(at)present-technologies.com>

Email list

The email list for the Security Task Force is security@openajax.org. Archives can be found at: http://openajax.org/pipermail/security/. To subscribe to this list, fill out the form at: http://openajax.org/mailman/listinfo/security.

Work in progress

Documents

Meeting minutes


Personal tools