Welcome!

Government Cloud Authors: Pat Romanski, Elizabeth White, Liz McMillan, Dana Gardner, Gopala Krishna Behara

Blog Feed Post

Call for participation: New OASIS TC – Cloud Certification Profiles

certification1For the last couple of years I have been working extensively with different standards groups to find a way to help accelerate the intersection of open standards work and the definition of Cloud Best Practices.

To this end two main groups are being developed: The Kantara Cloud ID Security group, now launched and underway, and in the process of being launched, the ‘CCP’ working group for OASIS: Cloud Certification Profiles.

This actually began as the ‘PACR’ group, where it was initiated by a Government member who was looking for more specific guidance on how the public sector might increase the transparency of Cloud providers and also work around more specific direction for its adoption.

This would be a Cloud Certification Profile, incorporating different standards (e.g. SAML) that they may want to verify is correctly implemented by the Cloud provider.

You can see the original charter proposal here – Our plans to launch the new group is based on generalizing the approach, so it can be used for any industry not just government, and the charter will be updated to this effect.

As part of this updating I am inviting industry experts to join our OASIS project team and help finalize this charter as part of becoming involved.

Certified Cloud Computing

As discussed in this blog this approach will enable “Certified Cloud Computing“.

For a sense of the market context for this, check out this paragraph, taking from this Gartner report on Cloud hosting.

“As of April 2013, Microsoft’s “external certification position” can be summarized as:

International Organization for Standardization (ISO) 27001, Standards for Attestation Engagements (SSAE) 16 Standard on Assurance Engagements (ISAE) 3402, EU Model Clauses, and Health Insurance Portability and Accountability Act Business Associate Agreement (HIPAA BAA) certifications apply to Windows Azure core services only: Cloud Services (Web and Worker role instances), storage (Tables, blobs and Queues), virtual networks and virtual machines.

It does not currently cover the rest of Windows Azure features, including Web Sites, SQL Database, Service Bus, Caching, Access Control, CDN, Media Services or Windows Azure Active Directory.”

This last point about what it does not cover is the gap in the market we are setting out to address. Like Microsoft, we will enable any Cloud provider to also state their external certification position.

Also on the overall role of open standards to Cloud adoption, check out the USA CIO Council’s publication: ‘Creating Effective Cloud Computing Contracts for the Federal Government‘. Download here.

One of the key requirements they identify is that buying agencies should include base references from the open standards community into their own procurement RFPs:

“Standards specification: In accordance with Office of Management and Budget (OMB) Circular A-119, Federal Participation in the Development and Use of Voluntary Consensus Standards and in Conformity Assessment Activities, agencies should specify relevant voluntary consensus standards in their procurements. The NIST Standards.gov website includes a useful list of questions that agencies should consider before selecting standards for agency use”.

We have also started a presentation summarizing the role of OASIS within this context. Download : OASIS In The Cloud presentation.

If you would like to join this standards effort, please start by joining in the discussion thread in our Linkedin community, or email me directly.

The post Call for participation: New OASIS TC – Cloud Certification Profiles appeared first on Cloud Computing Best Practices.

Read the original blog entry...

More Stories By Cloud Best Practices Network

The Cloud Best Practices Network is an expert community of leading Cloud pioneers. Follow our best practice blogs at http://CloudBestPractices.net

IoT & Smart Cities Stories
Moroccanoil®, the global leader in oil-infused beauty, is thrilled to announce the NEW Moroccanoil Color Depositing Masks, a collection of dual-benefit hair masks that deposit pure pigments while providing the treatment benefits of a deep conditioning mask. The collection consists of seven curated shades for commitment-free, beautifully-colored hair that looks and feels healthy.
The textured-hair category is inarguably the hottest in the haircare space today. This has been driven by the proliferation of founder brands started by curly and coily consumers and savvy consumers who increasingly want products specifically for their texture type. This trend is underscored by the latest insights from NaturallyCurly's 2018 TextureTrends report, released today. According to the 2018 TextureTrends Report, more than 80 percent of women with curly and coily hair say they purcha...
The textured-hair category is inarguably the hottest in the haircare space today. This has been driven by the proliferation of founder brands started by curly and coily consumers and savvy consumers who increasingly want products specifically for their texture type. This trend is underscored by the latest insights from NaturallyCurly's 2018 TextureTrends report, released today. According to the 2018 TextureTrends Report, more than 80 percent of women with curly and coily hair say they purcha...
We all love the many benefits of natural plant oils, used as a deap treatment before shampooing, at home or at the beach, but is there an all-in-one solution for everyday intensive nutrition and modern styling?I am passionate about the benefits of natural extracts with tried-and-tested results, which I have used to develop my own brand (lemon for its acid ph, wheat germ for its fortifying action…). I wanted a product which combined caring and styling effects, and which could be used after shampo...
The platform combines the strengths of Singtel's extensive, intelligent network capabilities with Microsoft's cloud expertise to create a unique solution that sets new standards for IoT applications," said Mr Diomedes Kastanis, Head of IoT at Singtel. "Our solution provides speed, transparency and flexibility, paving the way for a more pervasive use of IoT to accelerate enterprises' digitalisation efforts. AI-powered intelligent connectivity over Microsoft Azure will be the fastest connected pat...
There are many examples of disruption in consumer space – Uber disrupting the cab industry, Airbnb disrupting the hospitality industry and so on; but have you wondered who is disrupting support and operations? AISERA helps make businesses and customers successful by offering consumer-like user experience for support and operations. We have built the world’s first AI-driven IT / HR / Cloud / Customer Support and Operations solution.
Codete accelerates their clients growth through technological expertise and experience. Codite team works with organizations to meet the challenges that digitalization presents. Their clients include digital start-ups as well as established enterprises in the IT industry. To stay competitive in a highly innovative IT industry, strong R&D departments and bold spin-off initiatives is a must. Codete Data Science and Software Architects teams help corporate clients to stay up to date with the mod...
At CloudEXPO Silicon Valley, June 24-26, 2019, Digital Transformation (DX) is a major focus with expanded DevOpsSUMMIT and FinTechEXPO programs within the DXWorldEXPO agenda. Successful transformation requires a laser focus on being data-driven and on using all the tools available that enable transformation if they plan to survive over the long term. A total of 88% of Fortune 500 companies from a generation ago are now out of business. Only 12% still survive. Similar percentages are found throug...
Druva is the global leader in Cloud Data Protection and Management, delivering the industry's first data management-as-a-service solution that aggregates data from endpoints, servers and cloud applications and leverages the public cloud to offer a single pane of glass to enable data protection, governance and intelligence-dramatically increasing the availability and visibility of business critical information, while reducing the risk, cost and complexity of managing and protecting it. Druva's...
BMC has unmatched experience in IT management, supporting 92 of the Forbes Global 100, and earning recognition as an ITSM Gartner Magic Quadrant Leader for five years running. Our solutions offer speed, agility, and efficiency to tackle business challenges in the areas of service management, automation, operations, and the mainframe.