Presentation is loading. Please wait.

Presentation is loading. Please wait.

OASIS Cloud Authorization TC (CloudAuthZ) www.oasis-open.org Rakesh Radhakrishnan, TC Member.

Published byClifford Rogers Modified over 8 years ago

Similar presentations

Presentation on theme: "OASIS Cloud Authorization TC (CloudAuthZ) www.oasis-open.org Rakesh Radhakrishnan, TC Member."— Presentation transcript:

1 OASIS Cloud Authorization TC (CloudAuthZ) www.oasis-open.org Rakesh Radhakrishnan, TC Member

2 2 Cloud Authorization TC A new starting TC Statement of Purpose Cloud Computing is gaining traction in the industry. Cloud Providers are facing challenges from the lack of standardized profiles for authorization and entitlements. In Cloud Computing Systems there are use cases where the access policy enforcement of a cloud resource needs to be performed as close to the consumer as possible. Requires availability of attributes including contextual attributes. There are use cases where there is a need for the Policy Enforcement Point to obtain the contextual entitlements (the consumer has) with one call, rather than perform a large number of calls to the authorization set up as seen in the classic enforcement model. TC will use existing standards, to provide mechanisms for enabling the delivery of cloud contextual attributes as close as possible to Policy Enforcement Points. Enable the development of cloud infrastructures that provide in real time a subset of contextual entitlements sets that a decision point can use to authorize or deny a consumer’s use of a specific resource.

3 3 Scope of work 1.The TC will define use cases for authorization and entitlements in a Cloud Computing context. These may be existing use cases or new use cases as the TC determines. The TC will reuse use cases identified by the OASIS Identity In The Cloud (ID) TC in the context of Cloud Authorization. 2.When necessary, the TC will work on defining missing specifications for Cloud Authorization and Entitlements. The TC will reuse as a primary objective, existing standards as well as standards that are being developed in the area of scope. The TC will make an effort at not reinventing the wheel. 3.The TC will generate Cloud Authorization and Entitlements profiles for Platform As A Service (PaaS), Infrastructure As a Service (IaaS) and Software As a Service (SaaS) models of Cloud Computing. 4.In all of its work, the TC should, to the extent feasible, prefer widely implementable, widely interoperable, modular standards, extensions, profiles and methods that permit use by a variety of participants. 5.5. The TC will develop strong liaison relationships with other OASIS Technical Committees, Standards groups and Bodies in the industry. Some of these non- OASIS organizations include OASIS, IETF, ITU-T, ISO and W3C. The TC is free to adopt liaison relationships with any standards organization as it sees fit.

4 4 List of deliverables 1.A document calling out in detail the specific use cases of authorization and entitlements in a Cloud Computing context that the TC plans to address in their work product. This document will be completed and approved by the TC by January 2013. This document will be a OASIS Committee Note Track document. 2.A document detailing the configuration of relevant standards in order to allow enforcement of authorization policies to be carried out as close to the consumer as possible, using the Cloud Computing Models of IaaS, PaaS and SaaS as examples in this document. This document will be completed and approved by the TC by June 2013. This document will be a OASIS Committee Specification Track document. 3.A document detailing the configuration and specifications to define the download of contextual entitlements in a single call to a Policy Enforcement Point, using the Cloud Computing Models of IaaS, PaaS and SaaS as examples in this document. This document will be completed and approved by the TC by December 2013. This document will be a OASIS Committee Specification Track document. IPR Mode under which the TC will operate The Cloud Authorization TC will operate under the Non Assertion IPR mode TC will collaborate with ID cloud TC, ISO, ITU and CSA among others

5 5 Next Steps TC Convener Abbie Barbir, abbie.barbir@bankofamerica.com abbie.barbir@bankofamerica.com Convener call will be announced soon We do encourage all of you to participate

6 6 Use Cases and Examples

7 7 Integrated Enterprise Security Architecture for Distributed models

8 8 Integrated Net Security

9 9 Integrated Info Sec

10 10 Integrated Info Sec

11 11 Integrated Info Sec

12 12 ABAC vs TBAC

Download ppt "OASIS Cloud Authorization TC (CloudAuthZ) www.oasis-open.org Rakesh Radhakrishnan, TC Member."

Similar presentations

Integrating the Healthcare Enterprise IHE Overview Keith W. Boone Interoperability Architect, GE Healthcare Co-chair, IHE Patient Care Coordination PC.

Integrating the Healthcare Enterprise IHE Overview Keith W. Boone Interoperability Architect, GE Healthcare Co-chair, IHE Patient Care Coordination PC.
Connected Health Framework

Connected Health Framework
Practical Digital Signature Issues. Paving the way and new opportunities. www.oasis-open.org Juan Carlos Cruellas – DSS-X co-chair Stefan Drees - DSS-X.

Practical Digital Signature Issues. Paving the way and new opportunities. Juan Carlos Cruellas – DSS-X co-chair Stefan Drees - DSS-X.
UDDI v3.0 (Universal Description, Discovery and Integration)

UDDI v3.0 (Universal Description, Discovery and Integration)
Adopting Provenance-based Access Control in OpenStack Cloud IaaS October, 2014 NSS Presentation Institute for Cyber Security University of Texas at San.

Adopting Provenance-based Access Control in OpenStack Cloud IaaS October, 2014 NSS Presentation Institute for Cyber Security University of Texas at San.
Gregg McGilvray Chief Technical Strategist election.com.

Gregg McGilvray Chief Technical Strategist election.com.
Russ Housley IETF Chair 23 July 2012 Introduction to the IETF Standards Process.

Russ Housley IETF Chair 23 July 2012 Introduction to the IETF Standards Process.
Architecture Decision Group Group Organization & Processes April 7, 2015 | Tuesday.

Architecture Decision Group Group Organization & Processes April 7, 2015 | Tuesday.
GS1 Industry & Standards Event 26-30 September 2011 Cologne, Germany Creating value together with global standards Cloud Computing Time of Session: 09:00.

GS1 Industry & Standards Event September 2011 Cologne, Germany Creating value together with global standards Cloud Computing Time of Session: 09:00.
SOA Update from The Open Group OMG Technical Meeting 4 December 2006 Dr Christopher J Harding Forum Director Tel +44 118 902 3018 Mobile +44 774 063 1520.

SOA Update from The Open Group OMG Technical Meeting 4 December 2006 Dr Christopher J Harding Forum Director Tel Mobile
Ken Laskey, co-editor 5th SOA for E-Government Conference 1 May 2008

Ken Laskey, co-editor 5th SOA for E-Government Conference 1 May 2008
Obstacles to PKI Deployment and Usage - Survey Results and Draft Action Plan Steve Hanna, Co-chair, OASIS PKI TC.

Obstacles to PKI Deployment and Usage - Survey Results and Draft Action Plan Steve Hanna, Co-chair, OASIS PKI TC.
12006/9/26 Emerging Grid Standards Mark Baker, Amy Apon, Clayton Ferner, Jeff Brown. IEEE Computer Society,Vol. 38, Issue 4, pp. 43 - 50, Year of Publication:

12006/9/26 Emerging Grid Standards Mark Baker, Amy Apon, Clayton Ferner, Jeff Brown. IEEE Computer Society,Vol. 38, Issue 4, pp , Year of Publication:
Cloud Usability Framework

Cloud Usability Framework
11 World-Leading Research with Real-World Impact! Role and Attribute Based Collaborative Administration of Intra-Tenant Cloud IaaS (Invited Paper) Xin.

11 World-Leading Research with Real-World Impact! Role and Attribute Based Collaborative Administration of Intra-Tenant Cloud IaaS (Invited Paper) Xin.
DOCUMENT #:GSC15-PLEN-08 FOR:Presentation SOURCE:ISACC AGENDA ITEM:Opening Plenary (4.5) CONTACT(S):Jim MacFie ISACC Activities Since GSC-14 Jim MacFie.

DOCUMENT #:GSC15-PLEN-08 FOR:Presentation SOURCE:ISACC AGENDA ITEM:Opening Plenary (4.5) CONTACT(S):Jim MacFie ISACC Activities Since GSC-14 Jim MacFie.
OASIS OASIS Digital Signature Services www.oasis-open.org Juan Carlos Cruellas Juan Carlos Cruellas Andreas Kuehne Stefan Drees Ernst Jan van Nigtevecht.

OASIS OASIS Digital Signature Services Juan Carlos Cruellas Juan Carlos Cruellas Andreas Kuehne Stefan Drees Ernst Jan van Nigtevecht.
Halifax, 31 Oct – 3 Nov 2011ICT Accessibility For All ITU-T Focus Group on Cloud Computing Olivier Colas, ITU-T FGCC Vice-Chairman Document No: GSC16-PLEN-45.

Halifax, 31 Oct – 3 Nov 2011ICT Accessibility For All ITU-T Focus Group on Cloud Computing Olivier Colas, ITU-T FGCC Vice-Chairman Document No: GSC16-PLEN-45.
Information Sharing Puzzle: Next Steps Chris Rogers California Department of Justice April 28, 2005.

Information Sharing Puzzle: Next Steps Chris Rogers California Department of Justice April 28, 2005.
● Problem statement ● Proposed solution ● Proposed product ● Product Features ● Web Service ● Delegation ● Revocation ● Report Generation ● XACML 3.0.

● Problem statement ● Proposed solution ● Proposed product ● Product Features ● Web Service ● Delegation ● Revocation ● Report Generation ● XACML 3.0.

Similar presentations

Ads by Google