[Interoperability] [WG-OSSI] Open Source Identity Cloud Computing

Neil McEvoy neil.mcevoy at l5consulting.net
Mon Nov 14 07:35:46 PST 2011 

Hi Mikael

Thanks. I would also like to share this message with the OpenNebula 
Interoperability group.

OpenNebula is an open source Cloud platform, and as defined in this article 
(http://www.infoq.com/articles/open-interoperable-cloud), there is a key 
focus on interoperability through standards like OVF, CDMI, OCCI.

It also says there is no Identity layer/standards yet defined, so I'd like 
to propose that Kantara (http://kantarainitiative.org) could be one possible 
equivalent to OCCI etc., for Identity.

"It should be noted that aspects such as authorisation and authentication 
are not dealt with in this article. These issues are somewhat orthogonal and 
dealt with by other specifications and technologies (e.g. OAuth, OpenID, 
etc). OCCI and CDMI leverage the design considerations in the HTTP protocol 
suite with respect security."

Perhaps we could encourage collaboration to build Kantara compliance into 
OpenNebula, or other similar effort for more interoperability?

Kantara is the standard being adopted by folks like Government of Canada, so 
this would enable a profile of OpenNebula that is ideal for a 'GovCloud'.

Neil.



----- Original Message ----- 
From: "Mikaël Ates" <mates at entrouvert.com>
To: "Neil McEvoy" <neil.mcevoy at l5consulting.net>
Cc: <wg-ossi at kantarainitiative.org>
Sent: Monday, November 14, 2011 9:26 AM
Subject: Re: [WG-OSSI] Open Source Identity Cloud Computing


Hello Neil,

I answered to you without copying the list by distraction. So I re
answer to bring the discussion here.

Le jeudi 03 novembre 2011 à 22:24 -0400, Neil McEvoy a écrit :
> Hi
>
> I forgot to answer the most important question...
>
> I don't know what Kantara FOSS is. That's what I'm here to find out.
>
> It could be:
>
> - Standalone software
> - A sub-module for another FOSS, ie like the OpenID module for Drupal.
>
> It would make most sense if it was a sub-module for Cloud software, like
> OpenNebula.
>
> For example in this article:
> http://www.infoq.com/articles/open-interoperable-cloud
>
> It says:
>
> ""It should be noted that aspects such as authorisation and authentication
> are not dealt with in this article. These issues are somewhat orthogonal 
> and
> dealt with by other specifications and technologies (e.g. OAuth, OpenID,
> etc)."

The OSSIWG hasn't done any foss branded Kantara yet. However, I think
that the ULX and UMA WG have done foss.

However, there are implementations of identity standards, in the scope
of Kantara, done by members of the OSSIWG.

The OSSIWG is the right place to discuss how foss implementations of
identity standards could be integrated into projects as open nebula.

Mikaël


> Neil.
>
>
>
>
> ----- Original Message ----- 
> From: "Neil McEvoy" <neil.mcevoy at l5consulting.net>
> To: <mates at entrouvert.com>
> Cc: <wg-ossi at kantarainitiative.org>
> Sent: Thursday, November 03, 2011 9:55 PM
> Subject: Re: [WG-OSSI] Open Source Identity Cloud Computing
>
>
> Hi
>
> Sure. I have signed up.
>
> I set up the 'Cloud Best Practices Network' - 
> http://CloudBestPractices.info
> ; and my principle goal with Kantara is to define the overlap between
> Kantara and Cloud Computing
>
> >>
>
> Purpose
>
> * Define the relationship between Kantara Identity standards and Cloud
> Computing services and architecture.
>
> Scope
>
> * Define how Kantara infosec classification and assurance frameworks can 
> be
> applied to enhance security of Cloud environments, particularly in line 
> with
> achieving compliance with Government standards and linked up to Government
> Privacy Audit policies.
>
> * Extend Kantara-based ICAM models across Cloud environments so that they
> can be used to regulate Cloud security too.
>
> * Identify the role third-party Cloud hosting firms can play in 
> implementing
> Federated Identity ecosystems - What configurations of software can they
> implement; How should they be audited, etc., and how this can enable 
> IDaaS -
> Identity as a Service.
>
>
>
>
> ----- Original Message ----- 
> From: "Mikaël Ates" <mates at entrouvert.com>
> To: "Neil McEvoy" <neil.mcevoy at l5consulting.net>
> Cc: <wg-ossi at kantarainitiative.org>
> Sent: Wednesday, November 02, 2011 3:35 AM
> Subject: Re: [WG-OSSI] Open Source Identity Cloud Computing
>
>
> Hi Neil,
>
> > Hi folks
> >
> > I'm new to the group, and joining
>
> Nice to hear you interest in the OSSIWG. To join the WG, the GPA of the
> WG is at: http://signup.kantarainitiative.org/?selectedGroup=28
>
> > because I'm in process of spinning up a new Kantara WG - Cloud
> > Security Best Practices.
>
> Could you sum-up the WG charter?
>
> > In short this is to define the overlap between the work of Kantara and
> > the Cloud Computing industry and technical architectures. In
> > particular I'm keen to understand what role the Cloud can play in
> > helping implement Kantara policies, and FOSS would seem a powerful
> > mode of achieving this.
> >
> > To get the ball rolling, do you think Kantara models should be built
> > directly into Cloud software itself (eg. OpenNebula) or is there
> > specific Kantara software to run within Cloud environments?
>
> It depends what you consider Kantara software and what you include in
> Cloud environments. Could you give us more details?
>
> Regards,
>
> Mikaël Ates
> Entr'ouvert
>
>
> _______________________________________________
> WG-OSSI mailing list
> WG-OSSI at kantarainitiative.org
> http://kantarainitiative.org/mailman/listinfo/wg-ossi
>

More information about the Interoperability mailing list