[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Gap Analysis Use Case 3: Identity Audit
--- This discussion thread is to start an on-list discussion on the Gap Analysis of individual use cases. Use case numbers refer to the use cases as described in the 'OASIS Identity in the Cloud TC Use Cases' Version 1.0, Working Draft 02, 15 December 2011, which is available at http://www.oasis-open.org/committees/document.php?document_id=44915&wg_abbre v=id-cloud The information below describes the current state. You are invited to respond on-list to this thread with any comments, insights, additions, etc. All input will be gathered from the list and consolidated into the next revision of the Gap Analysis document. --- Use Case 3: Identity Audit Short description: Feature the importance of auditing/logging of sensitive operations performed by users and administrators in the cloud. Relevant applicable standards: - CloudAudit Analysis notes: - When speaking about auditing, we need to be clear on what type of auditing, e.g. technical, business, policy, etc. - Policy auditing: notion of trying to show there is a relation between policies. Possible GAPs identified: The following possible GAPs have been identified: - No real standards on auditing for the cloud space; applicable to all auditing elements in use cases so far. ---
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]