Research Advisory: Trusted Cloud Initiative Update
TCI Working Groups Announced, Domain 12 Identity Management Research Released
London, UK – April 27, 2010 (Infosecurity Europe Conference) – The Cloud Security Alliance today has announced the completion of important milestones in its Trusted Cloud Initiative, previously announced by CSA and Novell at the RSA Conference 2010 in San Francisco. The announcements include new publicly available research as well as published working group structure. More information is available at www.cloudsecurityalliance.org/trustedcloud.html.
A new white paper, "CSA Domain 12 Guidance for Identity & Access Management" is now available for download at www.cloudsecurityalliance.org/guidance/csaguide-dom12-v2.10.pdf. This whitepaper provides the research baseline for the Trusted Cloud Initiative in order to further define its certification criteria for secure and interoperable identity management in the cloud. This work was performed by CSA Working Group 5, led by Subra Kumaraswamy.
The Trusted Cloud Initiative working structure has also been announced by Liam Lynch, Chief Strategist for Identity within CSA as well as Chief Security Strategist for eBay, Inc. The structure provides existing research volunteers within CSA Working Group 5, as well as new volunteers with specific research areas to contribute within. This structure includes:
- Architecture subgroup - led by Jairo Orea, ING
- Certification subgroup - led by Nico Popp, VeriSign
- Implementation subgroup - led by Scott Matsumoto, Cigital
In addition, John Menerick, CISO for NetSuite, has been named initiative liaison with CloudAudit.org, and Liam Lynch is the initiative liaison with the OASIS IDCloud working group. Liam Lynch will be presenting cloud identity issues at the European Identity Conference in Munich on May 5, and will provide an updated progress report on the Trusted Cloud Initiative at the CSA Private/Public Cloud Summit in San Francisco on May 11.
About Cloud Security Alliance
The Cloud Security Alliance is a not-for-profit organization with a mission to promote the use of best practices for providing security assurance within Cloud Computing, and to provide education on the uses of Cloud Computing to help secure all other forms of computing. The Cloud Security Alliance is led by a broad coalition of industry practitioners, corporations, associations and other key stakeholders. For further information, the Cloud Security Alliance Web site is www.cloudsecurityalliance.org.