Re: [Nsaas] Some thoughts about SAAS
Linda Dunbar <linda.dunbar@huawei.com> Thu, 28 August 2014 20:48 UTC
Return-Path: <linda.dunbar@huawei.com>
X-Original-To: nsaas@ietfa.amsl.com
Delivered-To: nsaas@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4BE9F1A0099 for <nsaas@ietfa.amsl.com>; Thu, 28 Aug 2014 13:48:27 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.869
X-Spam-Level:
X-Spam-Status: No, score=-4.869 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, RP_MATCHES_RCVD=-0.668, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id vHAI3vd36-oF for <nsaas@ietfa.amsl.com>; Thu, 28 Aug 2014 13:48:25 -0700 (PDT)
Received: from lhrrgout.huawei.com (lhrrgout.huawei.com [194.213.3.17]) (using TLSv1 with cipher RC4-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id DFC4C1A0067 for <nsaas@ietf.org>; Thu, 28 Aug 2014 13:48:24 -0700 (PDT)
Received: from 172.18.7.190 (EHLO lhreml406-hub.china.huawei.com) ([172.18.7.190]) by lhrrg01-dlp.huawei.com (MOS 4.3.7-GA FastPath queued) with ESMTP id BLW71908; Thu, 28 Aug 2014 20:48:21 +0000 (GMT)
Received: from DFWEML702-CHM.china.huawei.com (10.193.5.72) by lhreml406-hub.china.huawei.com (10.201.5.243) with Microsoft SMTP Server (TLS) id 14.3.158.1; Thu, 28 Aug 2014 21:48:19 +0100
Received: from DFWEML701-CHM.china.huawei.com ([10.193.5.50]) by dfweml702-chm ([10.193.5.72]) with mapi id 14.03.0158.001; Thu, 28 Aug 2014 13:48:04 -0700
From: Linda Dunbar <linda.dunbar@huawei.com>
To: Hosnieh Rafiee <hosnieh.rafiee@huawei.com>, "nsaas@ietf.org" <nsaas@ietf.org>
Thread-Topic: Some thoughts about SAAS
Thread-Index: Ac/C2aY9o39tM7ggQpS6YIhOHJvDogAJnMqQ
Date: Thu, 28 Aug 2014 20:48:04 +0000
Message-ID: <4A95BA014132FF49AE685FAB4B9F17F645DDDC3E@dfweml701-chm>
References: <814D0BFB77D95844A01CA29B44CBF8A7A29DBF@lhreml513-mbb.china.huawei.com>
In-Reply-To: <814D0BFB77D95844A01CA29B44CBF8A7A29DBF@lhreml513-mbb.china.huawei.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [10.192.11.95]
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-CFilter-Loop: Reflected
Archived-At: http://mailarchive.ietf.org/arch/msg/nsaas/QKToHke9nOBdKOxfvKXnpHAPPS4
Subject: Re: [Nsaas] Some thoughts about SAAS
X-BeenThere: nsaas@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "*NSaaS: Network Security as a Service mailing list*" <nsaas.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/nsaas>, <mailto:nsaas-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/nsaas/>
List-Post: <mailto:nsaas@ietf.org>
List-Help: <mailto:nsaas-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/nsaas>, <mailto:nsaas-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 28 Aug 2014 20:48:27 -0000
Hosnieh, Are you saying having a way for customers to avoid being monitored by government? I can see the potential for customers to be notified when their traffic is actually monitored. But if government wants to monitor someone, can you avoid? Linda -----Original Message----- From: Nsaas [mailto:nsaas-bounces@ietf.org] On Behalf Of Hosnieh Rafiee Sent: Thursday, August 28, 2014 11:04 AM To: nsaas@ietf.org Subject: [Nsaas] Some thoughts about SAAS Hello, Since security as a service (SAAS) is really a critical role for each customers in different countries and for governments as well, I am thinking about how would be possible to also protect customers from Surveillance agents and monitoring. Because if SAAS is offered by a country that its government is known to be a surveillance agent, Is there any particular requirement should be considered in standard architectures to avoid such role? If the target customer is a government/or any important company in a country, does it accept to use a SAAS that is located in another country? (fearing of spy) How to avoid governments to force SAAS vendors/operators to access the detail information about security services so that they can monitor and access customer's data. Are these assumptions only operational issues or it might also impact the standards in this regard? Thanks, Best, Hosnieh _______________________________________________ Nsaas mailing list Nsaas@ietf.org https://www.ietf.org/mailman/listinfo/nsaas
- [Nsaas] Some thoughts about SAAS Hosnieh Rafiee
- Re: [Nsaas] Some thoughts about SAAS Linda Dunbar
- Re: [Nsaas] Some thoughts about SAAS Hosnieh Rafiee