OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

id-cloud message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: Only an FYI

Hi! This was sent through the NIST Security list originally (with the attachment) and then this additional information was added in the note below (from David Bernstein) .I am sending it to id-cloud merely due to the stated ‘special focus on Identity and Trust” in David’s note.


Best regards,



Michele Drgon


+1 772 678 2777


Note: New LinkedIn: cloudjurisdiction



From: cc_security@nist.gov [mailto:cc_security@nist.gov] On Behalf Of David Bernstein
Sent: Wednesday, April 27, 2011 11:28 AM
To: Multiple recipients of list
Subject: RE: Rebooting the NIST Cloud Computing Security Working Group


Greetings Colleagues


I am one of the authors of this paper. Actually we have published a series of papers on the subject of Cloud to Cloud interoperability, along with special focus in the Identity and Trust issues that go along with that problem. These take one possible approach for addressing these challenges, perhaps the thoughts are useful to the NIST discussions, we hope so.


Specific to Intercloud and for further details, I might point the team to the series of papers on this subject


·                     D. Bernstein, S. Diamond, K, Shankar, E. Ludvigson, M. Morrow, “Blueprint for the Intercloud – Protocols and Formats for Cloud Computing Interoperability”, 4th International Conference on Internet and Web Application Services – IARIA/IEEE ICIW09, Venice, Italy; May 2009

·                     D. Bernstein, D Vij, “Using Semantic Web Ontology in Intercloud Directories and Exchanges”, ICOMP'10 - The 2010 International Conference on Internet Computing, Las Vegas, NV, USA, July 2010

·                     D. Bernstein, D. Vij, “Intercloud Directory and Exchange Protocol Detail using XMPP and RDF”, 1st Workshop on Cloud-based Services and Applications (CBSA/IEEE 2010), Miami Florida, USA, July 2010

·                     D. Bernstein, D. Vij, “Simple Storage Replication Protocol (SSRP) for Intercloud”, The Second International Conference on Emerging Network Intelligence – IEEE/IARIA EMERGING 2010, Florence, Italy, October 2010

·                     D. Bernstein, D. Vij, “Intercloud Security Considerations”, The Second International Conference on Cloud Compouting Technology and Science – IEEE CloudCom 2010, Indianapolis, Indiana, December 2010

·                     D. Bernstein, D. Vij, S. Diamond, “An Intercloud Cloud Computing Economy - Technology, Governance, and Market Blueprints”, IEEE Service Research and Innovation Global Conference – SRII 2011, San Jose, California, March 2010


There have been many other good papers published on the subject and these are some specific workshops in this area as well (see below). Those researchers have gotten together in the whole area of cloud-to-cloud interoperability to work together towards a formalization of a set of protocols (like those published above) in a formalized standards working group in the “IEEE P2302™  Draft Standard for Intercloud Interoperability and Federation”. The working group is just forming, it is open to participation by all interested researchers, please see below where you can register your interest in participating:







David Bernstein


Chairman, IEEE P2301, Guide for Cloud Portability and Interoperability Profiles

Chairman, IEEE P2302, Standard for Intercloud Interoperability and Federation

Co-Chair, IEEE/ACM First International Workshop on Intercloud Federation and Convergence, Cloud and Grid (InterCloudGrid 2011), Newport Beach, May 2011

Co-Chair, IEEE Second International Workshop on Cloud Computing Interoperability and Services (InterCloud 2011), Istanbul, July 2011

Technical Program Committee, IARIA Sixth International Conference on Systems and Networks Communications (ICSNC 2011), Barcelona, October 2011

Co-Chair, IEEE/ACM Fourth International Conference on Utility and Cloud Computing (UCC 2011), Melbourne, December 2011


From: cc_security@nist.gov [mailto:cc_security@nist.gov] On Behalf Of Ramanathan, Sundararajan
Sent: Wednesday, April 27, 2011 7:41 AM
To: Multiple recipients of list
Subject: RE: Rebooting the NIST Cloud Computing Security Working Group




In terms of inter cloud directory and exchange protocols , I hope the team has reviewed this paper - http://www.cloudstrategypartners.com/resources/Intercloud+Directory+and+Exchange+Protocol+Detail+using+XMPP+and+RDF+-+Draft.pdf






Sundar Ramanathan / Capgemini / NA
Integration Architect - GM - GSSM-AIMD

Cell:  7342722040

cid:image001.gif@01C939D3.46F3B830 People matter, results count





From: cc_security@nist.gov [mailto:cc_security@nist.gov] On Behalf Of Chandramouli, Ramaswamy
Sent: Tuesday, April 19, 2011 4:15 PM
To: Multiple recipients of list
Subject: Rebooting the NIST Cloud Computing Security Working Group



Dear Security Working Group Members


We are interested in providing a new direction to the Security Working Group following the feedback we had from the recent workshop. At the outset, We would like to have your thoughts on the most fundamental questions.


(1)   What do you think should be the Deliverables or the Set of Deliverables for the Group?

(2)   What is the realistic timeline that we should commit for the Deliverable?


In terms of the kinds of activities, please provide your thoughts on the following:


(a)    Analyzing Security Issues in each Cloud Layer

(b)   Common Security Operations and how they are unique and distinct in the cloud environment?

(c)    Analyze security issues in standardized (or submitted for standardization) APIs – OCCI, OVF, CDMI etc

(d)   Analyze Security issues in the context of Target Business Use Cases identified by NIST working Group


We would like our working group members to take a proactive role by volunteering to contribute materials to an area of their expertise and interest. I invite you all to respond by sending an email either to our email list (cc_security) or to me (mouli@nist.gov) based on your preference.


Also please let us know your ideas for any other new activities (in addition to (a) – (d) above) that you feel should be part of this group’s focus.


Looking forward to hear from you all in tomorrow’s call.


Thanking you



Dr. Ramaswamy Chandramouli (Mouli)

Supervisory Computer Scientist

Computer Security Division, Information Technology Lab

NIST, Gaithersburg, MD 20899


(301) 975-5013



This message contains information that may be privileged or confidential and is the property of the Capgemini Group. It is
intended only for the person to whom it is addressed. If you are not the intended recipient, you are not authorized to
read, print, retain, copy, disseminate, distribute, or use this message or any part thereof. If you receive this message
in error, please notify the sender immediately and delete all copies of this message.


[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]