MACE-paccman call 23-July-2009

**Attending**

Tom Dopirak, CMU (chair)
R.L. “Bob” Morgan, U. Washington
Michael Gettes, MIT
Paul Hill, MIT
Jim Repa, MIT
Paul Zablosky, UBC
Jim Green, Michigan State
Mark Scheible, North Carolina State University
Chris Hyzer, U. Penn
Ann West, EDUCAUSE/Internet2
Emily Eisbruch, Internet2 (scribe)

**New Action Items**

[AI] (R.L. "Bob") will continue to pursue clarification of the Intellectual Property Framework for materials coming out of the MACE-paccman WG.

[AI] (Paul) will continue outreach and reminders re people’s assignments in completing the taxonomy.

[AI] (TomD) will coordinate getting Sun IdM definitions in the taxonomy.

[AI] (Paul) will add to the glossary a definition of policy.

[AI] (Paul) will choose either the term “permission” or “privilege” as the preferred term for the glossary and make edits accordingly. This is based on the agreement that the terms are loose synonyms and using both can be confusing.

[AI] (Chris) will define these terms for the glossary: effective, immediate, direct, indirect.

**Carry Over Action Items**

[AI] (Rob) and (Paul) will look at Rob’s use cases and mapping to XACML.

[AI] (Rob) will put Service Interface Definitions on the MACE-paccman agenda for Thursday, Aug. 6.

[AI] (Dan) will define Kuali terms in the glossary.

[AI] (Andrew) will post his outline on uPortal Groups and Permissions on the wiki.

-- HELPFUL LINKS --

- MACE-paccman wiki:

https://spaces.internet2.edu/display/macepaccman/Home

- MACE-paccman Mailing List Archives

https://mail.internet2.edu/wws/arc/mace-paccman

*Intellection Property Framework Discussion*

http://www.internet2.edu/membership/ip.html

R.L. “Bob” spoke with Trent about the Internet2 Intellectual Property Framework. Questions were raised concerning what the terms of use would be on MACE-paccman output (such as the glossary or comparative taxonomy). It was agreed that some clarification could be beneficial. The IPR policy is a framework that outlines a standard approach and also acknowledges a number of alternative approaches.

There has been some discussion with Kantara about collaborating on some of the ongoing MACE-paccman, interfederation, and assurance work. Further conversation about this will most likely occur at the upcoming Burton Catalyst Conference.

[AI] (R.L. "Bob") will continue to pursue clarification of the Intellectual Property Framework for materials coming out of the MACE-paccman WG.

Glossary/Taxonomy

https://spaces.internet2.edu/display/macepaccman/MACE-paccman-glossary

Paul has been reminding individuals who volunteered to contribute to the taxonomy. TomD can find someone to help with Sun terminology and he may know someone who can help with Spring Framework also.

*Terminology: Permission vs Privilege*

Chris had proposed via email that the MACE-paccman glossary should define permission and privilege as synonyms.

One possible distinction: Privilege is something one has based on a higher-level affiliation, while permission is more generic concept.

Suggestions:
- Keep both “privilege” and “permission” as synonyms.
- Allow the terms to be used interchangeably.
- Pick one of the two terms (most on the call preferred “privilege”) and use it. Then explain why we are not using the other term.
- Use the chosen term with a Capital letter.

It was observed that the word “entitlement” is similar to the word “privilege,” but entitlement is often use with respect to policy.

There are other words to sub-define “privilege” such as immediate privilege and effective privilege, terms used in Grouper. There are permissions that are explicitly granted and those derived from rules. Also detailed versus higher level.

[AI] (Chris) will define these terms for the glossary: effective, immediate, direct, indirect.

*Updates from Various Projects*

Grouper: Chris reported that work continues on the attribute framework.

RolesDB/perMIT: Paul reported that they are working on porting of rolesDB/perMIT from Oracle to MySQL. There have been some performance issues and so the team is planning to evaluate the new version of MySQL 5.4.x. Should take about a week to evaluate. If anyone is running MySQL 5.4.x , please get in touch with Paul to share knowledge. It was suggested that Dave Pickens at Sun Microsystems could be a good resource.

R.L. “Bob” said that Kuali Rice would like to see movement forward with the actions decided at Advanced CAMP.
https://spaces.internet2.edu/display/ACAMPIdSummit/Action+Items+from+Advanced+CAMP.

TomD stated that people at Delta Community College and rSmart are working on porting KIM to Sun IdM. Others are working on porting KIM to Oracle.

Next Call: Thursday, Aug 6, 2009, 1pm ET