Well it's been an extremely interesting couple of weeks with respect to cloud security.
(Yes, I know there've been some other happenings in the wider world - Obama releasing TS documents, Darling admitting the UK will be broke for the next decade etc etc but let's concentrate on the really important stuff :-)
The Open Group's Jericho Forum released it's Cloud Cube paper on cloud security which describes possible cloud 'formations' according to four different dimensions - Internal/External, Proprietary/Open, Insourced/Outsourced and Perimeterised/De-Perimeterised. I don't believe that there's anything earth-shatteringly novel contained in the paper however the model itself will, I think, prove extremely valuable as a common reference point when discussing cloud computing.
The other major event has been the release of the first deliverable from the Cloud Security Alliance - a guidance paper on the critical security issues with respect to cloud computing. On first glance it looks like a fairly comprehensive paper that could perhaps be used to populate the framework provided by the Jericho Forum Cloud Cube model. And with names like Chris Hoff and Jeff Forristal (better known to some of you with memories longer than a goldfish as rfp) involved you can be sure that the content is going to be at least sensible and likely very good.
In conjunction, I think these two papers put the industry in a much better place to have sensible and informed discussions using a set of hopefully commonly understood definitions - something that's been sorely lacking in the past.
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment