mitreid-connect / trust-framework Goto Github PK
View Code? Open in Web Editor NEWTrust Framework document
trust-framework's People
Contributors
Stargazers
Watchers
Forkers
civics nadersalass bkeyes-mitre humandynamics openinnovationframework brucelyl nikijane 1eye4all global19-atlassian-net equitytrustbankxfether0xlba0ethplorer acidburn0zzz mtrackerostrust-framework's Issues
instantiating the Trust Framework as company policy, minimally, for the MITRE Partner Network (MPN)
As per #4 this is a method to achieve final and formal version.
Inject crosslinks
Document should have live hypertext crosslinks between all sections
Create list of questions for MIT / MITRE Collab
What kinds of things are we wanting to discover and test?
Clean up author and contact information
Has old info and contract info stuff
Dazza drafts email for MITRE and Human Dynamics test of integration via Handshake and Athena
Along lines of this scenario: https://github.com/mitreid-connect/trust-framework/blob/master/Scenarios/MIT-Login-to-Handshake.md
Idea is that if MITRE side is up for it then Sandy and PoC at MITRE would agree by email to try such a test such that Brian Sweat and other researchers would log in and perhaps discuss Big Data topics of mutual interest. Then we would look at how the Trust Framework suited the scenario and if any updates are revealed as needed.
Define module boundaries
Update Certification to Reflect MITRE's Kantara Certification
Extract Commentary
Either into a separate file in the repository or a GitHub Wiki
Document Online Journal scenario
Use case to allow social comments for JSMO: http://www2.mitre.org/public/jsmo/
Create Modules
Module ideas:
First Party as IdP
First Party as RP
Process for inclusion on whitelist
Process for determining compatibility with other trust frameworks
Runtime guidance
If users are going to be making runtime security decisions, then we need to be able to present them with appropriate guidance in making these decisions
"Have I made a similar decision before (modified TOFU)"
"Has anyone else made a similar decision?"
"How would one classify the action I'm taking?"
Sunset / deprecate OpenID 2.0 in documents
Move forward with OIDC
Add JSMO scenario for external hosting
get two (at least one) other organizations to sign on to MITRE’s TF for the MPN
Update version
Related to #7
Legal Review
Especially noting section [2], legal
Update Public Release case number and corresponding info
approval for continual collaboration release granted on November 22, 2013 (see: Case Number: 13-3970).
goal is to result with a complete and formal TF version
Create Template
Create a template form of the document that can be filled in with variable values for items like the primary organization and any party that signs onto the agreement (or is signed on by a user)
Identity Federation
Did we have any plan to introduce or giving support for identity federation
Evaluate and enumerate MPN scenarios
Document Handshake / MIT login scenario
Document components to allow MIT account holders to log directly into Handshake using MIT's IdP
Develop "Table-Talk" Paper-Prototype of Partner Implementations
Track to the top priority or likely scenarios for early adopters or higher priority implementations.
Document Mobile Login scenario
Document scenario around binding mobile login to other accounts in multiple factor scenario
Dazza updates relationships on Journal scenario to test needs of roles.
1.5 Business Process and Practice - Do Walkthough with System Operators
Use this to identify any key workflows, etc that may be appropriate for documentation and link from this section.
New Title
Not just about Identity anymore, and need something to capture "dynamic" nature
Define structure and framework for modules and components
Roles, relationships, definitions, key interactions, data that is flowing, services, ...
Who are the people?
What are their interactions?
What data is going back and forth?
What systems are they using?
Clean up Wiki so that the pages are linked from Home Page of Wiki.
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.