The OASIS international open standards consortium has launched the Cloud
Authorization (CloudAuthZ) Technical Committee, a project to develop
enhanced models for managing authorizations and entitlements in SaaS,
PaaS, and IaaS contexts. The goal of CloudAuthZ is to provide greater
control of the way cloud computing resources are used. It will enable
contextual information (such as where users are, what they are doing,
which device they are using, etc.) to inform authorization decisions.
CloudAuthZ will define configurations of existing standards, such as
OAuth, SCIM, and XACML, to provide mechanisms for enabling the delivery
of cloud contextual attributes to Policy Enforcement Points. This will
allow cloud infrastructures to provide--in real time--a subset of
contextual entitlements sets that can be used to authorize or deny a
Consumer's use of a specific resource.
Bank of America's Radu Marian co-chairs the OASIS CloudAuthZ Technical
Committee. He explained, "CloudAuthZ will reduce the need for customized
interactions between customer and vendor systems and so decrease the
overhead of supporting authorization and entitlement. It will also
enhance portability across multiple systems."
"CloudAuthZ profiles will allow cloud providers to enforce authorization
policies in the most optimal way possible," added Anil Saldhana of Red
Hat, who also co-chairs the OASIS group.
Contributions of relevant use cases for CloudAuthZ are welcome. New
members are encouraged to join the Technical Committee at any time.
Archives of the work are acessible to both members and non-members, and
OASIS invites public review and comment on the work.
Support for CloudAuthZ
Red Hat"Security and authorization are fundamental
challenges that need resolving in any system and cloud is no different.
As a cloud leader, Red Hat is fully committed to addressing these
problems in standards and open source. We are happy to support the
creation of the CloudAuthZ Technical Committee and will be working to
help it succeed."--Mark Little, vice president,
Engineering, Middleware Engineering, Red Hat
SailPoint"Providing a flexible, extensible and open
authorization model is key to the deployment of high-value applications
in the cloud. The CloudAuthZ Committee will help profile the flow and
use of key entitlement giving attributes. Standardizing this process
will greatly enhance the governance and compliance process for secure
reliable cloud-based applications."-- Darran Rolls, CTO,
ViewDS"ViewDS is pleased to participate on the OASIS
CloudAuthZ Technical Committee. We see the task of standardizing the
management and enforcement of access to cloud resources, especially for
mobile clients, as critical to the evolution of corporate computing. We
look forward to applying our real-world experience with our Access
Sentinel XACML authorization technology to this effort."--Gil
Kirkpatrick, CTO, ViewDS Identity Solutions
Additional information:OASIS CloudAuthZ Technical Committeehttp://www.oasis-open.org/committees/cloudauthz/
OASIS (Organization for the Advancement of Structured Information
Standards) is a not-for-profit, international consortium that drives the
development, convergence and adoption of open standards for the global
information society. OASIS promotes industry consensus and produces
worldwide standards for cloud computing, security, privacy, content
technologies, business transactions, the Smart Grid, emergency
management, and other applications. OASIS open standards offer the
potential to lower cost, stimulate innovation, grow global markets, and
protect the right of free choice of technology. OASIS members broadly
represent the marketplace of public and private sector technology
leaders, users, and influencers. The consortium has more than 5,000
participants representing over 600 organizations and individual members
in 100 countries.
[ Back To NFVZone's Homepage ]