Join the Trusted Cloud Initiative and participate in the creation of trustworthy cloud computing with the Cloud Security Alliance.
To join simply send an e-mail to email@example.com
Specify if you prefer to be a member of the Architecture, Certification, or Implementation groups. For more detail visit: http://www.cloudsecurityalliance.org/trustedcloud.html
After joining you will receive e-mail communications, access to the collaboration site where we post documentation and meeting materials, and invitations to meetings to collaborate with cloud computing experts in security and privacy from multiple industries and geographies. The Cloud Security Alliance has busily created extremely useful guides and best practices, and we’re leveraging the work of each of the CSA groups, for example the Security Controls matrix of 100 key security requirements that are mapped and traced back to PCI, HIPAA, COBIT, NIST, and ISO standards.
Topics discussed to date include:
- XDAS Distributed Audit Service
- Open Auth (OAuth) and the decision by Twitter to disable Basic Authentication in favor of OAuth for it’s web services API… note that the gift to switch is double the I/O (the OAuth api.twitter.com PEP now permits 350 requests/hour)
- When it is or isn’t appropriate to use OpenID for Web 2.0 style single sign-on
- Using a privately signed SAML token for federated x-cloud authentication
- Wrappers for XACML (Extensible Access Control Markup Language)
- Enterprise User Directories vs Cloud User Directories
- Choosing the right Identity Provider for the use case.
- OAuth V2 IETF Draft Specification
- XACML Policy Enforcement, Policy Administration, and Policy Decision Point application integration
- Key Management Infrastructures: Discussion on the Security Benefits of Cloud Tenants to control their own Root Certificate Authority for SSH/SFTP/SSL and strong mutual authentication.
- Physical Access Controls to Data Center Facilities hosting Cloud Services
- Carrier Neutral Facilities for “Private Cloud” Service Providers with demands for Dark Fibre connectivity
- Federated Authentication with Cloud Services
- Cloud Powered DMZs & Private Cloud HoneyPots