id-cloud message
[Date Prev]
| [Thread Prev]
| [Thread Next]
| [Date Next]
--
[Date Index]
| [Thread Index]
| [List Home]
Subject: Re: [id-cloud] ANNOUNCEMENT: DMTF Cloud Audit, Data Federation (CADF) WorkingGroup Formed
- From: Matt Rutkowski <mrutkows@us.ibm.com>
- To: Matt Rutkowski <mrutkows@us.ibm.com>
- Date: Tue, 22 Mar 2011 14:56:01 -0500
pardon my typos, but wanted to get this
out quickly...
From:
Matt Rutkowski/Austin/IBM@IBMUS
To:
id-cloud@lists.oasis-open.org
Date:
03/22/2011 02:51 PM
Subject:
[id-cloud] ANNOUNCEMENT:
DMTF Cloud Audit, Data Federation (CADF) Working Group Formed
Dear ID Cloud TC Members,
Given our recent discussion of Cloud Auditing use cases and its relationship
to identity management in the cloud, I am pleased to announce that
The Distributed Management Task Force (DMTF), has approved a Cloud Audit,
Data Federation (CADF) Working Group
This technical wok of this WG will enable cloud ecosystems to share audit
event data in the form of reports and logs and to tie them to meaningful,
normative audit event data.
Here is an overview of the scope of the CADF's charter:
· Data Model – that defines
a normative, prescriptive audit event record and is composable into compatible
log and record formats.
o Extensible Event Taxonomies
– normative, prescriptive taxonomies used to categorize event resources,
actions and outcomes.
· Exemplary Interface Model –
that defines service methods for management and federation of the audit
data model.
o Interfaces would include consideration
for event Submission, Import and Export, Query and Subscription.
· Exemplary Component and Interaction
Model - that demonstrates how the data and interfaces could
be used by cloud providers and consumers to support general cloud auditing
use cases.
· Profiles - that extends the
core data and interface specifications developed to accommodate particular
methods of consumption.
o Including references to specific data
models (e.g. DMTF Common Information Model or CIM) and "tagging"
to security compliance controls/frameworks (e.g. ISO 27000, PCI-DSS, HIPAA,
etc.)
The following DMTF Board and Leadership level companies actively
participated in the chartering process since January and have indicated
ongoing commitment to the work of the CADF to the DMTF Board:
- IBM, Novell, VMWare, EMC, HP, Oracle,
Cisco, Fujitsu, CA Technologies, Hitachi, Juniper, Red Hat, Citrix, Huawei
The list of DMTF General Member companies that are joining is growing daily
now that it has been approved and announced to the general membership.
The CADF WG will coordinate its work, specifically Audit APIs, with the
existing DMTF Cloud Mgmt. Working Group (CMWG) and reference the protocols
and data objects they develop over time. Additionally, we have liaisons
already planned with The Open Group (TOG) Security Forum and the
Cloud Security Alliance (CSA).
This CADF WG is a body under the DMTF Technical Committee and the Platform
Mgmt. SC:
http://dmtf.org/about/working-groups
It's approved charter is accessible here:
http://dmtf.org/sites/default/files/CADF_Charter_03-10-11.pdf
Once the DMTF publishes the announcement on their website I will sent out
another email.
Kind regards,
Matt
[Date Prev]
| [Thread Prev]
| [Thread Next]
| [Date Next]
--
[Date Index]
| [Thread Index]
| [List Home]