1. Report from Breakout Session 1.2 Secure Consumerization: the Genuine Trustworthiness Revolution Chair: Craig Lee Rapporteur: Paolo Mazzetti

2. Programme Robert Bohn: «NIST Cloud Federation and Cyberspace Identity Efforts» Daniel S. Katz: «Social Cloud: Facilitating “Trustworthy” Compute & Data Resource Sharing» Craig Lee: «Managing Disaster Response through On-Demand Resource Federation» Discussion

3. Federated clouds Many cloud infrastructure available now and even more in the future: how can we seamlessly access them? functionality, resources, and capabilities from one system is made available to another Two main issues: Technical interoperability Several approaches: central authority, common APIs Mistrust Delegation of Trust

4. Federation management Federation management needed to be generalized to manage any type of service endpoint (including cloud infrastructure services) A Virtual Organization Management System: Maintains member identity attributes and authorization attributes Enables resource (service) discovery Enables validation of VO member authorization credentials on service invocation

5. Trust aspects In a Virtual Organization approach: trust relationships and common semantic understandings should be established ahead of need: roles, attributes, name space, governance agreements The right set of trustmarks captures the full set of trust and interoperability requirements for any monolithic trust framework

6. Social clouds “Social Clouds are a scalable, dynamic and user-centric resource sharing framework in which computational resources, services and information are shared amongst members on the premise of the relationships encoded in a social network.”

7. Social clouds Main characteristics: Edge Devices (Set Top Box, Media Centres, Home PCs), not Data Centers Level of trust inferred from social networks Social platforms enable incentives and market Tested on a content distribution use case (involving national labs as participants)

8. Main points Different cloud federation models exists; they have a solid base of standard specifications, technological solutions, demonstrations Different approaches are appropriate in different application scenarios The organizational, regulatory, legal, political issues surrounding federation can be far more difficult than the technical issues Top-down (Virtual Organization) vs. bottom-up (Web of Trust from social networks) models proposed for trust management

9. Discussion Next GEOSS will live in a world of clouds, and it will need to interact with clouds, so cloud federation will be an issue Is the social cloud model applicable to GEOSS? Content distribution use case Maybe in relationship with Citizen Science? And is the social cloud incentives approach applicable to engage citizens? (see other breakout sessions) Could SBAs and CoPs use social cloud approach for sharing resources in a trusted environment? Could the Web of Trust model of social clouds be related to (users’ provided) quality information?

10. Conclusions Participants found a general agreement that many topics would worth an investigation. Communities of Practice could be the right entry point to start experimenting with cloud federation and different trust models GEO Architecture Implementation Pilots are an opportunity for conducting these experiments in the GEOSS context.