1 / 11

Trust Framework for the Intercloud

Trust Framework for the Intercloud. Buzz. Cloud Computing Today. Cloud Computing Today. Desired State. What is Missing?. How do I know who is who? Not all one enterprise (e.g., AD) Not a single customer-provider relationship (e.g., static provisioning)

julius
Télécharger la présentation

Trust Framework for the Intercloud

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Trust Framework for the Intercloud

  2. Buzz

  3. Cloud Computing Today

  4. Cloud Computing Today

  5. Desired State

  6. What is Missing? • How do I know who is who? • Not all one enterprise (e.g., AD) • Not a single customer-provider relationship (e.g., static provisioning) • Potentially many legitimate participants • Nearly unlimited attackers • Identity work somewhat addresses this, but… • What does it mean to the visited network to have a particular identity? • Resource access and manipulation • Strong authentication, yet how to do authorization?

  7. Current Attempts: IEEE P2302 • P2302 is IEEE Intercloud effort • Simple inter-cloud messaging protocol • Broker services for naming, directories, and data marshaling • Requires everyone to agree on everything for every application • Rich individual trust model, but limited in practice • Huawei-led to last year

  8. P2302 Approaches Centralized Federated ? Nice Research Project • All requests and data held by neutral third-party broker • Looking towards IANA or IGTF as a model or home • But enterprises do not really trust their data in their own networks, no less in someone else’s

  9. Project: Intercloud Identity • Work out semantics for cloud federation • Policy-driven • Provide tailored trustworthy space for cloud computing • Cryptographic foundation for intercloud data assurance • Tailored directory access for resources and data • Goal: Apply to IEEE P2302, IETFSCIM, IRTF SDNRG

  10. Plan: Intercloud Identity • Evaluate state of the art and gap analysis with CBPP, Law Center, Department of Government • Interim Deliverable: Report on gaps • Prototype peer-to-peer identity management system with tailored trust that meets operational & legal requirements • Time: 15 months • Budget: $120,000; $65,000 to get started

  11. Image Attributions: Nexus 4S by GNUtoo iPhone by HereToHelp All others: Microsoft & their partners

More Related