Oasis Identity In The Cloud Technical Committee

I am pleased to have ignited the establishment of a new Technical Committee called as "Oasis Identity In The Cloud" at the Oasis standards consortium. Prominent security experts in the industry were gracious to participate in the initial brainstorming group I created.

You can read more on the charter here: IDCloud Charter

Apart from Red Hat, the proposers of the TC include Microsoft, IBM, CA, Novell, Rackspace, SafeNet, Yaana Technologies along with a few prominent individuals in the security/identity space. I am sure the proposer list will grow in a few days.

If you are an Oasis member or your company is an Oasis member, you should definitely look at joining this effort.

More details and a call for participation will be announced by the Oasis consortium in a few days.

Keywords: Oasis Cloud Security.

UPDATE: The Oasis Call For Participation is here.

IIW 2009: Identity And Cloud Computing Session

I had the privilege of attending the Internet Identity Workshop (2009) at the Computer History Museum in Mountain View, CA at the beginning of November.

I conducted a session called "Identity and Cloud Computing" at IIW.

The session notes are here:

=========================
Session: Identity And Cloud Computing

* General Concerns around identity Management get compounded in the Cloud.
* There is potential proliferation of Identities.
* Data and artifacts of a company can be tied to identities which is a threat during decommission of identity. It can be lost.
* SLA of Identity As A Service.
* Transfer of Passwords or Password Hashes from Local Data Centers to Cloud environments for migrated applications.
* Users resistance to change with new cloud usage.
* Identity Assurance.
==================