So I think this just falls in to the “entity” category along with devices, processes, etc.
From: id-cloud@lists.oasis-open.org [mailto:id-cloud@lists.oasis-open.org]
On Behalf Of Anil Saldhana
Sent: Monday, October 24, 2011 1:20 PM
To: id-cloud@lists.oasis-open.org
Subject: Re: [id-cloud] Gap Analysis Note: Use Case 1: Application and Virtualization Security in the Cloud
This has been an interesting discussion. I guess we can agree that there is a definite gap in how the virtual machines identify themselves in a standard way, even though the general adoption has been uuid.
The gap analysis editors should take this bit, for use case 1.
On 10/20/2011 04:06 PM, Daniel Turissini wrote:
However, the challenge is how the UUID is managed/ governed.
On 10/20/11 4:29 PM, Peter F Brown wrote:
Hyper-V also uses UUID's for VMs... one issue is (or at least was, some time back) whether a new UUID is generated or not when a VM is moved to another host.
-Peter
-----Original Message-----
From: id-cloud@lists.oasis-open.org [mailto:id-cloud@lists.oasis-open.org] On Behalf Of Anil Saldhana
Sent: 20 October 2011 15:04
To: id-cloud@lists.oasis-open.org
Subject: Re: [id-cloud] Gap Analysis Note: Use Case 1: Application and Virtualization Security in the Cloud
During the last meeting, I had asked the question about whether VMs had unique identifiers. I was able to get some information on this from the Red Hat Virtualization folks.
They have listed the various identifiers for VMs here:
https://github.com/matahari/matahari/wiki/UUIDs
From what I see, there is no real standard for VM IDs. All of them use UUIDs which is fine. But I am unsure if there is any standard in virtualization that specifies how and what constitutes the VM identifiers.
On 10/17/2011 12:49 PM, Anil Saldhana wrote:
Hi All,
here is a note that is useful during the gap analysis discussion for
use case 1.
The attached diagram is a pictorial representation of the use case.
The applications may use federated identity or a local identity that
is proofed against a local cloud security service.
The virtual machines (VMs) represented as guest operating system
running on a server (with a host operating system) can have a VMID.
There can be multiple adminstrators: Server, Host OS, VM and
Application.
Specifications that may be applicable are:
1) Federated Identity Standards: SAML, WS-Trust, OpenID, oAuth.
2) Virtual Machine Standards.
3) Directory Standards.
* Cloud Directory services that may be used by the cloud provider.
4) VPN Standards.
* For secure connections into enterprise LAN for enterprise directory
access.
Regards,
Anil