Welcome!

Government Cloud Authors: Elizabeth White, Liz McMillan, Gopala Krishna Behara, Raju Myadam, Kevin Jackson

Blog Feed Post

Call for participation: New OASIS TC – Cloud Certification Profiles

certification1For the last couple of years I have been working extensively with different standards groups to find a way to help accelerate the intersection of open standards work and the definition of Cloud Best Practices.

To this end two main groups are being developed: The Kantara Cloud ID Security group, now launched and underway, and in the process of being launched, the ‘CCP’ working group for OASIS: Cloud Certification Profiles.

This actually began as the ‘PACR’ group, where it was initiated by a Government member who was looking for more specific guidance on how the public sector might increase the transparency of Cloud providers and also work around more specific direction for its adoption.

This would be a Cloud Certification Profile, incorporating different standards (e.g. SAML) that they may want to verify is correctly implemented by the Cloud provider.

You can see the original charter proposal here – Our plans to launch the new group is based on generalizing the approach, so it can be used for any industry not just government, and the charter will be updated to this effect.

As part of this updating I am inviting industry experts to join our OASIS project team and help finalize this charter as part of becoming involved.

Certified Cloud Computing

As discussed in this blog this approach will enable “Certified Cloud Computing“.

For a sense of the market context for this, check out this paragraph, taking from this Gartner report on Cloud hosting.

“As of April 2013, Microsoft’s “external certification position” can be summarized as:

International Organization for Standardization (ISO) 27001, Standards for Attestation Engagements (SSAE) 16 Standard on Assurance Engagements (ISAE) 3402, EU Model Clauses, and Health Insurance Portability and Accountability Act Business Associate Agreement (HIPAA BAA) certifications apply to Windows Azure core services only: Cloud Services (Web and Worker role instances), storage (Tables, blobs and Queues), virtual networks and virtual machines.

It does not currently cover the rest of Windows Azure features, including Web Sites, SQL Database, Service Bus, Caching, Access Control, CDN, Media Services or Windows Azure Active Directory.”

This last point about what it does not cover is the gap in the market we are setting out to address. Like Microsoft, we will enable any Cloud provider to also state their external certification position.

Also on the overall role of open standards to Cloud adoption, check out the USA CIO Council’s publication: ‘Creating Effective Cloud Computing Contracts for the Federal Government‘. Download here.

One of the key requirements they identify is that buying agencies should include base references from the open standards community into their own procurement RFPs:

“Standards specification: In accordance with Office of Management and Budget (OMB) Circular A-119, Federal Participation in the Development and Use of Voluntary Consensus Standards and in Conformity Assessment Activities, agencies should specify relevant voluntary consensus standards in their procurements. The NIST Standards.gov website includes a useful list of questions that agencies should consider before selecting standards for agency use”.

We have also started a presentation summarizing the role of OASIS within this context. Download : OASIS In The Cloud presentation.

If you would like to join this standards effort, please start by joining in the discussion thread in our Linkedin community, or email me directly.

The post Call for participation: New OASIS TC – Cloud Certification Profiles appeared first on Cloud Computing Best Practices.

Read the original blog entry...

More Stories By Cloud Best Practices Network

The Cloud Best Practices Network is an expert community of leading Cloud pioneers. Follow our best practice blogs at http://CloudBestPractices.net

IoT & Smart Cities Stories
Chris Matthieu is the President & CEO of Computes, inc. He brings 30 years of experience in development and launches of disruptive technologies to create new market opportunities as well as enhance enterprise product portfolios with emerging technologies. His most recent venture was Octoblu, a cross-protocol Internet of Things (IoT) mesh network platform, acquired by Citrix. Prior to co-founding Octoblu, Chris was founder of Nodester, an open-source Node.JS PaaS which was acquired by AppFog and ...
The deluge of IoT sensor data collected from connected devices and the powerful AI required to make that data actionable are giving rise to a hybrid ecosystem in which cloud, on-prem and edge processes become interweaved. Attendees will learn how emerging composable infrastructure solutions deliver the adaptive architecture needed to manage this new data reality. Machine learning algorithms can better anticipate data storms and automate resources to support surges, including fully scalable GPU-c...
Predicting the future has never been more challenging - not because of the lack of data but because of the flood of ungoverned and risk laden information. Microsoft states that 2.5 exabytes of data are created every day. Expectations and reliance on data are being pushed to the limits, as demands around hybrid options continue to grow.
JETRO showcased Japan Digital Transformation Pavilion at SYS-CON's 21st International Cloud Expo® at the Santa Clara Convention Center in Santa Clara, CA. The Japan External Trade Organization (JETRO) is a non-profit organization that provides business support services to companies expanding to Japan. With the support of JETRO's dedicated staff, clients can incorporate their business; receive visa, immigration, and HR support; find dedicated office space; identify local government subsidies; get...
René Bostic is the Technical VP of the IBM Cloud Unit in North America. Enjoying her career with IBM during the modern millennial technological era, she is an expert in cloud computing, DevOps and emerging cloud technologies such as Blockchain. Her strengths and core competencies include a proven record of accomplishments in consensus building at all levels to assess, plan, and implement enterprise and cloud computing solutions. René is a member of the Society of Women Engineers (SWE) and a m...
With 10 simultaneous tracks, keynotes, general sessions and targeted breakout classes, @CloudEXPO and DXWorldEXPO are two of the most important technology events of the year. Since its launch over eight years ago, @CloudEXPO and DXWorldEXPO have presented a rock star faculty as well as showcased hundreds of sponsors and exhibitors! In this blog post, we provide 7 tips on how, as part of our world-class faculty, you can deliver one of the most popular sessions at our events. But before reading...
If a machine can invent, does this mean the end of the patent system as we know it? The patent system, both in the US and Europe, allows companies to protect their inventions and helps foster innovation. However, Artificial Intelligence (AI) could be set to disrupt the patent system as we know it. This talk will examine how AI may change the patent landscape in the years to come. Furthermore, ways in which companies can best protect their AI related inventions will be examined from both a US and...
The challenges of aggregating data from consumer-oriented devices, such as wearable technologies and smart thermostats, are fairly well-understood. However, there are a new set of challenges for IoT devices that generate megabytes or gigabytes of data per second. Certainly, the infrastructure will have to change, as those volumes of data will likely overwhelm the available bandwidth for aggregating the data into a central repository. Ochandarena discusses a whole new way to think about your next...
Charles Araujo is an industry analyst, internationally recognized authority on the Digital Enterprise and author of The Quantum Age of IT: Why Everything You Know About IT is About to Change. As Principal Analyst with Intellyx, he writes, speaks and advises organizations on how to navigate through this time of disruption. He is also the founder of The Institute for Digital Transformation and a sought after keynote speaker. He has been a regular contributor to both InformationWeek and CIO Insight...
Bill Schmarzo, Tech Chair of "Big Data | Analytics" of upcoming CloudEXPO | DXWorldEXPO New York (November 12-13, 2018, New York City) today announced the outline and schedule of the track. "The track has been designed in experience/degree order," said Schmarzo. "So, that folks who attend the entire track can leave the conference with some of the skills necessary to get their work done when they get back to their offices. It actually ties back to some work that I'm doing at the University of ...