id-cloud message
[Date Prev]
| [Thread Prev]
| [Thread Next]
| [Date Next]
--
[Date Index]
| [Thread Index]
| [List Home]
Subject: ANNOUNCEMENT: DMTF Cloud Audit, Data Federation (CADF) Working Group Formed
- From: Matt Rutkowski <mrutkows@us.ibm.com>
- To: id-cloud@lists.oasis-open.org
- Date: Tue, 22 Mar 2011 14:49:49 -0500
Dear ID Cloud TC Members,
Given our recent discussion of Cloud
Auditing use cases and its relationship to identity management in the cloud,
I am pleased to announce that
The Distributed Management
Task Force (DMTF),
has approved a Cloud
Audit, Data Federation (CADF) Working Group
This technical wok of this WG will enable
cloud ecosystems to share audit event data in the form of reports and logs
and to tie them to meaningful, normative audit event data.
Here is an overview of the scope of
the CADF's charter:
·
Data Model – that defines a normative, prescriptive audit event record
and is composable into compatible log and record formats.
o Extensible
Event Taxonomies – normative, prescriptive taxonomies used to categorize
event resources, actions and outcomes.
· Exemplary
Interface Model – that defines service methods for management and
federation of the audit data model.
o Interfaces
would include consideration for event Submission, Import and Export, Query
and Subscription.
· Exemplary
Component and Interaction Model - that demonstrates how
the data and interfaces could be used by cloud providers and consumers
to support general cloud auditing use cases.
· Profiles
- that extends the core data and interface specifications developed to
accommodate particular methods of consumption.
o Including
references to specific data models (e.g. DMTF Common Information Model
or CIM) and "tagging" to security compliance controls/frameworks
(e.g. ISO 27000, PCI-DSS, HIPAA, etc.)
The following DMTF Board and Leadership
level companies actively participated in the chartering process since
January and have indicated ongoing commitment to the work of the CADF to
the DMTF Board:
- IBM, Novell, VMWare, EMC, HP, Oracle,
Cisco, Fujitsu, CA Technologies, Hitachi, Juniper, Red Hat, Citrix, Huawei
The list of DMTF General Member companies
that are joining is growing daily now that it has been approved and announced
to the general membership. The CADF WG will coordinate its work, specifically
Audit APIs, with the existing DMTF Cloud Mgmt. Working Group (CMWG) and
reference the protocols and data objects they develop over time. Additionally,
we have liaisons already planned with The Open Group (TOG) Security
Forum and the Cloud Security Alliance (CSA).
This CADF WG is a body under the DMTF
Technical Committee and the Platform Mgmt. SC:
http://dmtf.org/about/working-groups
It's approved charter is accessible
here:
http://dmtf.org/sites/default/files/CADF_Charter_03-10-11.pdf
Once the DMTF publishes the announcement
on their website I will sent out another email.
Kind regards,
Matt
[Date Prev]
| [Thread Prev]
| [Thread Next]
| [Date Next]
--
[Date Index]
| [Thread Index]
| [List Home]