D8.3 Client / Intalio Service Requester ADPEP v1.2 open for public review

June 2009 version (v1.2) of deliverable D8.3 (Client / Intalio Service Requester ADPEP) is open to public comments, feedback and review !

All feedback welcome !

You could download it and publish comment from here:

http://www.tas3.eu/project/publications/download

Executive Summary

This document provides the description of the client side of the TAS3 Trusted Architecture for Securely Shared Services and its connection to the core components of the infrastructure (the TAS3 stack). The client side is also called the ServiceRequester side and the connection from the client to the TAS3 stack is called the ServiceRequester ADPEP (Application Dependent Policy Enforcement Point). As well as the general concepts for a ServiceRequester ADPEP also the first implementation of a ServiceRequester ADPEP specific adapted for Intalio|BPMS (Intalio ServiceRequester ADPEP) is presented. By using the ServiceRequester ADPEP the Intalio|BPMS and the connected web browser provide the functionality of a TAS3-client for uploading and retrieving data from a TAS3 ServiceProvider. Actually the ServiceRequester ADPEP and the Intalio ServiceRequester ADPEP do not cover security functions.

The ServiceRequester ADPEP in general is the application dependent part of the TAS3 infrastructure on the “ServiceRequester side”. Its purpose is to provide functions to connect the client-application to the TAS3 infrastructure for uploading and retrieving data. These functions are needed to realize the pilots of WP9 (Employability and Healthcare Demonstration) in the fields of employability and eHealth. The TAS3 Trusted Application Infrastructure depends on the requirements collected in WP1 (Requirements Analysis), the architecture design provided by WP2 (Framework, Architecture and Semantics) and the secured business process models developed in WP3 (Securely Adaptable Business Processes) in conjunction with WP9. It allows the application independent services developed in WP4 (Information Protection), WP5 (Trust Policy Management) and WP7 (IDIJ Authentication Authorization) to be used in the WP9 pilots. As technical basis for the demonstrators the Intalio|Designer and Intalio|BPMS from the project partner Intalio is used. Therefore the first implementation of a ServiceRequester ADPEP is created for the Intalio|BPMS and is called the ‘Intalio ServiceRequester ADPEP’. A short description of the Intalio|Designer and the Intalio|BPMS is provided in the deliverable D3.1.
Within the TAS3 trusted application infrastructure the ADPEP-components provide the application dependent connection from the ServiceRequester and the ServiceProvider to the core components of the TAS3-infrastructure. Therefore two different types of ADPEPs were designed: the ServiceRequester ADPEP (described in this document) at the ServiceRequester side and the ServiceResponder ADPEP (described in the deliverable D8.1) at the ServiceProvider side.
Later on in this document the term ADPEP is used for the ServiceRequester ADPEP.

This document describes:
• the assumptions on which the development of the ServiceRequester ADPEPcomponent is based
• the functions provided by ServiceRequester ADPEP
• the architecture of ServiceRequester ADEP
• the first implementation of a ServiceRequester ADPEP for Intalio|BPMS (Intalio ServiceRequester ADPEP)
• limitations and known issues
• Roadmap for future releases of the component (ServiceRequester ADPEP / Intalio ServiceRequester ADPEP / Intalio|BPMS, Clients) in the next phases of the TAS3 project.