OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

Messages By Date: members message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: Proposed Charter for OASIS Identity in the Clouds TC

To OASIS Members:

A draft TC charter has been resubmitted to establish the OASIS Identity in the Clouds Technical Committee (below). In accordance with the OASIS TC Process Policy section 2.2:
(http://www.oasis-open.org/committees/process-2009-07-30.php#formation) the proposed charter is hereby submitted for comment. The comment period shall remain open until 11:45 pm ET on 6 March 2010.

OASIS maintains a mailing list for the purpose of submitting comments on proposed charters. Any OASIS member may post to this list by sending email to: mailto:oasis-charter-discuss@lists.oasis-open.org. All messages will be publicly archived at:
http://lists.oasis-open.org/archives/oasis-charter-discuss/. Members who wish to receive emails must join the group by selecting "join group" on the group home page:
http://www.oasis-open.org/apps/org/workgroup/oasis-charter-discuss/. Employees of organizational members do not require primary representative approval to subscribe to the oasis-charter-discuss e-mail.

A telephone conference will be held among the Convener, the OASIS TC Administrator, and those proposers who wish to attend within four days of the close of the comment period. The announcement and call-in information will be noted on the OASIS Charter Discuss Group Calendar.

We encourage member comment and ask that you note the name of the proposed TC (Identity in the Clouds) in the subject line of your email message.



Mary P McRae
Director, Standards Development
Technical Committee Administrator
OASIS: Advancing open standards for the information society
twitter: @fiberartisan #oasisopen
phone: 1.603.232.9090



1a. Name: 
OASIS Identity In the Clouds Technical Committee
1b. Statement of Purpose:
Cloud Computing is turning into an important IT service delivery paradigm. Many enterprises are experimenting with cloud computing, using clouds in their own data centers or hosted by third parties, and increasingly they deploy business applications on such private and public clouds.
Cloud Computing raises many challenges that have serious security  implications. Identity Management in the clouds is such a challenge.
Many enterprises avail themselves of a combination of private and public Cloud Computing infrastructures to handle their workloads. In a phenomenon known as "Cloud Bursting", the peak loads are offloaded to public Cloud computing infrastructures that offer billing based on usage. This is a use case of a Hybrid Cloud infrastructure.
 Additionally, governments around the world are evaluating the use of Cloud Computing for government applications. For instance, the US Government has started apps.gov to foster the adoption of Cloud Computing. Other governments have started or announced similar efforts.
 The purpose of the OASIS Identity in the Clouds TC is to collect and harmonize definitions, terminologies and vocabulary of Cloud Computing.
The TC will collect use cases to help identify gaps in existing Identity Management standards. The use cases will be used to identify gaps in current standards and investigate the need for profiles for achieving interoperability with in current standards.
 Additionally, the use cases will be used to perform risk and threat analyses. Suggestions to mitigate the identified risks and the threats and vulnerabilities will be provided.
The TC will focus on collaborating with industry fora such as the Cloud Security Alliance and the ITU-T in the area of clouds security and Identity Management. Liaisons will be identified with other standards bodies and working groups on Cloud Computing.  Wherever a relationship stronger than a liaison relationship exists with industry fora (such as Affiliate membership with Cloud Security Alliance), it will be utilized.
1c. Scope:
The purpose of the TC is to harmonize definitions/terminologies/vocabulary of Identity in the context of Cloud Computing. The work will define use cases and profiles to identify gaps in existing Identity Management standards as they apply in the cloud.
1. The TC will identify new and/or existing definitions, terminologies and vocabulary of Identity for Cloud Computing as the TC determines.
2. The TC will define use cases for Identity in the Clouds. These may be existing use cases or new use cases as the TC determines.
3. The TC will define interoperability profile(s) of existing protocols and formats for usage of Identity in the Clouds, based on the identified use cases. Profiles are subsets of specifications and combinations of such subsets.
4. The TC will identify gaps in existing Identity Management interoperability protocols and formats standards at OASIS and other standards bodies and utilize the OASIS liaison process for communicating the gaps.
5. In all of its work, the TC should, to the extent feasible, prefer widely implementable, widely interoperable, modular standards, extensions, profiles and methods that permit use by a variety of participants.
6. The TC will build on and use existing standards and specifications when possible. When there is a need to extend existing OASIS Standards, then the TC will not undertake that exercise but will work with the Technical Committee representing the standard to provide the extension as part of that Technical Committee. As an example, if the TC requires extensions in standards such as SAML or WS-Trust, then the work will be undertaken by the SAML or WS-Trust TC.
7. The TC will build profiles for Identity in Cloud Computing.
Out of Scope:
1. Access Control, Levels of Assurance (LOA) and Personally Identifiable Information (PII) in the context of Cloud Computing.
2. APIs or Implementations
3. Creation of new protocols or formats.
1d. List of Deliverables:
1. A document calling out in detail the specific use cases of Cloud Computing that the TC plans to address in their work product. This document will be completed and approved by the TC by July 2010.
2. A set of profiles and gaps, as described in paragraphs #3 and #4 under 'Scope', to be approved as a Committee Specification by December 2010, and the remainder if any to be approved by Committee Specifications by June 2011. The TC may elect to create one or more of such deliverables in whatever combination it deems appropriate.
3. Optionally, such other deliverables (e.g., those listed in paragraphs 1-6 under 'Scope') as the TC may elect, until the later of  June 2011 or such later date as the TC may elect to conclude.
1e. IPR Mode under which the TC will operate:
Royalty Free on Limited Terms

1f. Anticipated Audiences:
Enterprises interested in providing or using identity management capabilities in a Cloud Computing infrastructure.
1g. Language: 
(2) Non-normative information regarding the start-up of the TC, which includes:
(2)(a) Identification of similar or applicable work that is being done in other OASIS TCs or by other organizations, why there is a need for another effort in this area and how this proposed TC will be different, and what level of liaison will be pursued with these other organizations.
The proposed “Identity In The Clouds TC” will be incorporating several definitions, terminologies, vocabulary and standards from OASIS standards bodies as well as standards work done by non-OASIS organizations. The TC will use standards from several OASIS TCs and standards from non-OASIS organizations. Liaisons will be established by concurrent work items in the cited TCs' area of expertise. The TC will also work with ISO JTC1 SC 38 and ITU-T SG 17.
(2)(b) The date, time, and location of the first meeting, whether it will be held in person or by telephone, and who will sponsor this first meeting. The first meeting of a TC shall occur no less than 30 days after the announcement of its formation in the case of a meeting held exclusively by telephone or other electronic means, and  no less than 45 days after the announcement of its formation in the case of a meeting held face-to-face (whether or not a telephone bridge is also available).
The proposed “Identity In The Clouds TC” will hold the first official meeting on April 12th, 2010 at 1pm ET by telephone and will use a free conference call service.
(2)(c) The projected on-going meeting schedule for the year following  the formation of the TC, or until the projected date of the final deliverable, whichever comes first, and who will be expected to sponsor these meetings.
The TC will meet biweekly or as otherwise agreed upon by the members of the technical committee.
(2)(d) The names, electronic mail addresses, and membership affiliations of at least Minimum Membership who support this proposal and are committed to the Charter and projected meeting schedule.
Jeff Broberg, Jeffrey.Broberg@ca.com  (CA)
Timothy Brown, timothy.brown@ca.com  (CA)
Heather Hinton, hhinton@us.ibm.com  (IBM)
Michael Waidner, wmi@us.ibm.com  (IBM)
Abbie Barbir, abarbir@live.ca  (Individual)
John Bradley, jbradley@mac.com  (Individual)
June Leung, junelsleung@gmail.com  (Individual)
Michael McIntosh, mike.g.mcintosh@gmail.com  (Individual)
Anthony Nadalin, tonynad@microsoft.com  (Microsoft)
Alan Clark; Novell, Inc. aclark@novell.com  (Novell)
Dale Olds, dolds@novell.com  (Novell)
Khaled Hussein, khaled.hussein@rackspace.com  (Rackspace)
Bret Piatt, bret.piatt@rackspace.com  (Rackspace)
Anil Saldhana, Anil.Saldhana@redhat.com   (Red Hat)
Mark Little, mark.little@jboss.com   (Red Hat)
Bill Becker, Bill.Becker@safenet-inc.com  (SafeNet)
Russ Dietz, Russell.Dietz@safenet-inc.com  (SafeNet)
Tony Rutkowski, tony@yaanatech.com  (Yaana Technologies)
(2)(e) Statements of Support
 The name, electronic mail address, membership affiliation, and statement of support for the proposed Charter from the Primary Representative
Paul Lipton, Paul.Lipton@ca.com,  CA
CA approves our participation as co-proposers for this TC.

Dave Ings, ings@ca.ibm.com, IBM
I'm happy to confirm that final approvals have now been received and so as IBM's primary rep to OASIS I'm happy to approve IBM's participation in this new TC.

Michael Champion, Michael.Champion@microsoft.com, Microsoft
I understand that I need to officially inform you of Microsoft’s intention to participate in the OASIS Identity in the Clouds TC.  As Microsoft’s voting member in OASIS, please consider this message our confirmation.

Alan Clark; Novell, Inc. aclark@novell.com
As the Primary Representative for Novell, I approve Novell's participation in this TC and Novell would like to be added as a proposer.

Bret Piatt, bret.piatt@rackspace.com, Rackspace 
I approve Rackspace's participation in the Identity in the Clouds TC. 

Mark Little, Red Hat mark.little@jboss.com
I approve of Red Hat's participation in this group and that it is very important for Cloud in general and Red Hat's activities in that area.
Bill Becker, Bill.Becker@safenet-inc.com, SafeNet
SafeNet is committed to supporting and participating in the Identity in the Clouds TC. The activities called out in the TC scope and purpose will form important groundwork for the future of cloud computing. 

Tony Rutkowski, tony@yaanatech.com, Yaana Technologies 
I support the Identity in the Clouds TC.

(2)(f) The name of the Convener who must be an Eligible Person.
Abbie Barbir.
(2)(g) The name of the Member Section with which the TC intends to affiliate, if any.
OASIS IDtrust Member Section.
(2)(h) Optionally, a list of contributions of existing technical work  that the proposers anticipate will be made to this TC. 
(2)(i) Optionally, a draft Frequently Asked Questions (FAQ) document regarding the planned scope of the TC, for posting on the TC's website.
To be provided at a later date.
(2)(j) Optionally, a proposed working title and acronym for the  specification(s) to be developed by the TC. 
To be provided at a later date.

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]