Welcome!

Containers Expo Blog Authors: Yeshim Deniz, Pat Romanski, Liz McMillan, Elizabeth White, Ravi Rajamiyer

News Feed Item

OASIS to Develop CloudAuthZ Standard Profiles for Managing Authorization with Contextual User Data

The OASIS international open standards consortium has launched the Cloud Authorization (CloudAuthZ) Technical Committee, a project to develop enhanced models for managing authorizations and entitlements in SaaS, PaaS, and IaaS contexts. The goal of CloudAuthZ is to provide greater control of the way cloud computing resources are used. It will enable contextual information (such as where users are, what they are doing, which device they are using, etc.) to inform authorization decisions.

CloudAuthZ will define configurations of existing standards, such as OAuth, SCIM, and XACML, to provide mechanisms for enabling the delivery of cloud contextual attributes to Policy Enforcement Points. This will allow cloud infrastructures to provide--in real time--a subset of contextual entitlements sets that can be used to authorize or deny a Consumer’s use of a specific resource.

Bank of America’s Radu Marian co-chairs the OASIS CloudAuthZ Technical Committee. He explained, “CloudAuthZ will reduce the need for customized interactions between customer and vendor systems and so decrease the overhead of supporting authorization and entitlement. It will also enhance portability across multiple systems.”

“CloudAuthZ profiles will allow cloud providers to enforce authorization policies in the most optimal way possible,” added Anil Saldhana of Red Hat, who also co-chairs the OASIS group.

Contributions of relevant use cases for CloudAuthZ are welcome. New members are encouraged to join the Technical Committee at any time. Archives of the work are accessible to both members and non-members, and OASIS invites public review and comment on the work.

Support for CloudAuthZ

Red Hat
"Security and authorization are fundamental challenges that need resolving in any system and cloud is no different. As a cloud leader, Red Hat is fully committed to addressing these problems in standards and open source. We are happy to support the creation of the CloudAuthZ Technical Committee and will be working to help it succeed."
--Mark Little, vice president, Engineering, Middleware Engineering, Red Hat

SailPoint
"Providing a flexible, extensible and open authorization model is key to the deployment of high-value applications in the cloud. The CloudAuthZ Committee will help profile the flow and use of key entitlement giving attributes. Standardizing this process will greatly enhance the governance and compliance process for secure reliable cloud-based applications."
-- Darran Rolls, CTO, SailPoint

ViewDS
"ViewDS is pleased to participate on the OASIS CloudAuthZ Technical Committee. We see the task of standardizing the management and enforcement of access to cloud resources, especially for mobile clients, as critical to the evolution of corporate computing. We look forward to applying our real-world experience with our Access Sentinel XACML authorization technology to this effort."
--Gil Kirkpatrick, CTO, ViewDS Identity Solutions

Additional information:
OASIS CloudAuthZ Technical Committee
http://www.oasis-open.org/committees/cloudauthz/

About OASIS:

OASIS (Organization for the Advancement of Structured Information Standards) is a not-for-profit, international consortium that drives the development, convergence and adoption of open standards for the global information society. OASIS promotes industry consensus and produces worldwide standards for cloud computing, security, privacy, content technologies, business transactions, the Smart Grid, emergency management, and other applications. OASIS open standards offer the potential to lower cost, stimulate innovation, grow global markets, and protect the right of free choice of technology. OASIS members broadly represent the marketplace of public and private sector technology leaders, users, and influencers. The consortium has more than 5,000 participants representing over 600 organizations and individual members in 100 countries.

http://www.oasis-open.org

More Stories By Business Wire

Copyright © 2009 Business Wire. All rights reserved. Republication or redistribution of Business Wire content is expressly prohibited without the prior written consent of Business Wire. Business Wire shall not be liable for any errors or delays in the content, or for any actions taken in reliance thereon.

IoT & Smart Cities Stories
Disruption, Innovation, Artificial Intelligence and Machine Learning, Leadership and Management hear these words all day every day... lofty goals but how do we make it real? Add to that, that simply put, people don't like change. But what if we could implement and utilize these enterprise tools in a fast and "Non-Disruptive" way, enabling us to glean insights about our business, identify and reduce exposure, risk and liability, and secure business continuity?
DXWorldEXPO LLC announced today that Telecom Reseller has been named "Media Sponsor" of CloudEXPO | DXWorldEXPO 2018 New York, which will take place on November 11-13, 2018 in New York City, NY. Telecom Reseller reports on Unified Communications, UCaaS, BPaaS for enterprise and SMBs. They report extensively on both customer premises based solutions such as IP-PBX as well as cloud based and hosted platforms.
Digital Transformation: Preparing Cloud & IoT Security for the Age of Artificial Intelligence. As automation and artificial intelligence (AI) power solution development and delivery, many businesses need to build backend cloud capabilities. Well-poised organizations, marketing smart devices with AI and BlockChain capabilities prepare to refine compliance and regulatory capabilities in 2018. Volumes of health, financial, technical and privacy data, along with tightening compliance requirements by...
We are seeing a major migration of enterprises applications to the cloud. As cloud and business use of real time applications accelerate, legacy networks are no longer able to architecturally support cloud adoption and deliver the performance and security required by highly distributed enterprises. These outdated solutions have become more costly and complicated to implement, install, manage, and maintain.SD-WAN offers unlimited capabilities for accessing the benefits of the cloud and Internet. ...
Discussions of cloud computing have evolved in recent years from a focus on specific types of cloud, to a world of hybrid cloud, and to a world dominated by the APIs that make today's multi-cloud environments and hybrid clouds possible. In this Power Panel at 17th Cloud Expo, moderated by Conference Chair Roger Strukhoff, panelists addressed the importance of customers being able to use the specific technologies they need, through environments and ecosystems that expose their APIs to make true ...
Business professionals no longer wonder if they'll migrate to the cloud; it's now a matter of when. The cloud environment has proved to be a major force in transitioning to an agile business model that enables quick decisions and fast implementation that solidify customer relationships. And when the cloud is combined with the power of cognitive computing, it drives innovation and transformation that achieves astounding competitive advantage.
DXWorldEXPO LLC announced today that "IoT Now" was named media sponsor of CloudEXPO | DXWorldEXPO 2018 New York, which will take place on November 11-13, 2018 in New York City, NY. IoT Now explores the evolving opportunities and challenges facing CSPs, and it passes on some lessons learned from those who have taken the first steps in next-gen IoT services.
"Space Monkey by Vivent Smart Home is a product that is a distributed cloud-based edge storage network. Vivent Smart Home, our parent company, is a smart home provider that places a lot of hard drives across homes in North America," explained JT Olds, Director of Engineering, and Brandon Crowfeather, Product Manager, at Vivint Smart Home, in this SYS-CON.tv interview at @ThingsExpo, held Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA.
In an era of historic innovation fueled by unprecedented access to data and technology, the low cost and risk of entering new markets has leveled the playing field for business. Today, any ambitious innovator can easily introduce a new application or product that can reinvent business models and transform the client experience. In their Day 2 Keynote at 19th Cloud Expo, Mercer Rowe, IBM Vice President of Strategic Alliances, and Raejeanne Skillern, Intel Vice President of Data Center Group and G...
The current age of digital transformation means that IT organizations must adapt their toolset to cover all digital experiences, beyond just the end users’. Today’s businesses can no longer focus solely on the digital interactions they manage with employees or customers; they must now contend with non-traditional factors. Whether it's the power of brand to make or break a company, the need to monitor across all locations 24/7, or the ability to proactively resolve issues, companies must adapt to...