VidMid VC - BoF Internet2 Spring Member Meeting April 5th 2004

[AI] Tyler will write up the security scenarios and mail them to the list.

VidMid VC Conference Call April 5, 2004

*Attendees*
Nadim El-Khoury, UNC
Tyler Johnson, UNC
Tarun Abhichandani, CGU
Jill Gemmill, UAB
Paul Hill, MIT
Lisa Hogeboom, Internet2
Steve Olshansky, Internet2

*Discussion*
The BoF session at the Internet2 Member meeting is scheduled for Monday -
April 19th from 1 -2: 30 PM. Jill will talk about the cookbook.

Tyler stated that the end of the month is the deadline for submission for the
ITU-T study group 16 raconteur meeting in Beijing in May. This is an
opportunity to present something to the expert group meeting and get feedback
and buy in on scenarios and design goals. Tyler will discuss the scenarios
and design goals at the BoF.

Real Time Communications Summit at the member meeting will cover two
back-to-back sessions. The participating working groups will present their
views and panelists will respond and discuss during two hour-long
back-to-back sessions. More information is available at:
http://events.internet2.edu/2004/spring-mm/sessionDetails.cfm?session=1313&event=203

Jill gave an update on the H.350 workshop. 60 people attended with 15 - 20
from industry, including Cisco, and Polycom. University attendees were
interested in deploying H.350 once they returned to campus, so there might be
visible deployment as a result of the workshop. Most of the interest in H.350
was from VoIP and service providers.

Jill also indicated that the directory of directories software is now
working. It stores an index with pointers back to the original data and
provides more scalable search capability.

Scenarios for Shibboleth:
The goal is to work towards a standard and includes three areas of focus.
1. Scenarios
2. Design goals
3. Principles. For example, there are multiple autonomous institutions
operating and there are no prearranged security policies between them, or
even prior knowledge of existence but must accomplish this application in
that environment.

One scenario is a service provider that can share with multiple institutions.
Is it a requirement that the service provider have an arrangement ahead of
time with those multiple institutions? Or can the provider determine on the
fly that he is going to authorize someone from a different security realm to
access the resource? Service providers want the ability to have anybody to be
able to use the service without a pre-existing arrangement if they can pay
for it at the time of the usage. Similar to a payphone, you don't have to
have an ongoing or pre-existing relationship to use one. It also may be the
case that all devices are not on an IP network.

Another scenario is multi point authentication. On a multi-point call we may
not know who all is on, and if people need to be authorized to join a call,
how will that be handled? By a moderator or can callers "sponsor" new callers
on their own authorization? A policy might be set on the MCU about who would
be let into a call. Almost like a person with pre-arranged ideas about
authorization. Ad hoc ability to admit callers would need to be
supported/configurable as well. There is no one size fits all solution.
Configurability is the key.

A third scenario is a Grandmother goes to Circuit City and buys a
conferencing system to talk to her grandkids. She wants to be able to do it
securely but doesn't have a service provider, a gatekeeper, or call server.
How can that be provided? An alternate example might be using a wireless
network at Starbucks, where there is no identity service provider or
middleware infrastructure. There may be many users that want to use this type
of technology and have very little access to high-end middleware. To be
successful, there needs to be a way to do this with no infrastructure. It may
need to be a capability of the device to take a name or other info and create
a self-signed lightweight token for use that provides some level of secure
authentication and might be discarded at the end of the call.

There is also the consideration that video is done over a different port than
the web browser. And there may be a firewall as well. How will a port be
opened for the call? How would credentials, if needed, be presented to make
that call? There may be a need to share credentials at intermediate points
along the path as well as at the endpoints. Examples include the wireless
access point, firewall, service provider, and in-between.
Gatekeepers.

The processing requirements have to be low enough to run on devices like a
cell phone or PDA. Other requirements are very little memory, low latency,
and low processing speed.

Architecture comes into play as well, in H.235 a lot of time is spent
authenticating because it's stateless.