Wave Systems Corp. (fka WAVXQ)

[Fullmoon]

TCG launches framework for cloud computing security

http://www.telecompaper.com/news/article.aspx?cid=756591

Published: Tuesday 14 September 2010 | 16:36 CET, Telecompaper

Trusted Computing Group, which develops industry standards for hardware-based security, has launched an effort to extend trust to cloud-based computing. The effort will be led by the organisation's new Trusted Multi-Tenant Infrastructure work group. The formation and member support of the new Trusted Multi-Tenant Infrastructure work group extends hardware-based trust to all aspects of computing and enables secure computing whether local or cloud-based. TCG also has updated its IF-MAP (Metadata Access Protocol) used to enable standardised data sharing among a variety of devices and applications, including cloud security. Multi-tenant infrastructure refers to unrelated users of shared computing infrastructure, a fundamental characteristic of cloud computing.

The new work group will develop a framework for enabling trust in the cloud. Targeting vendors, providers, consumers and integrators of multi-tenant infrastructure services, the framework will assess the trustworthiness of provider systems, enable real-time assessment of compliance as part of the provisioning process. The framework will provide implementation guidance, identify and address gaps in standards to enable trust. The actual framework will consist of policies, best practices, standards and conformance criteria that will be used by product vendors, integrators and IT users to create and evaluate multi-tenant infrastructure. TCG expects to deliver the first parts of the framework in early 2011, and it will be available free of charge on the TCG website. Trusted Multi-Tenant Infrastructure work group participants include AMD, CESG (UK National Technical Authority for Information Assurance), HP, IBM, Infoblox, Juniper Networks, Microsoft, Wave Systems, and others.

IF-MAP is being used curently to support network security applications using equipment from different vendors, and is expected to be used in cloud computing to enable real-time communication among devices including network infrastructure devices and servers. It also has been used to integrate physical security devices, Scada networks and UC platforms. The updated IF-MAP specification, version 2.0, adds new features to the publish/subscribe client/server protocol, designed to make IF-MAP compatible with existing, vendor-specific approaches. The new specification separates the base protocol from the metadata definitions that standardise how different types of information are represented. The first such metadata specification, released along with version 2.0 of the IF-MAP base protocol, addresses network security, and covers elements such as user identities, devices, network addresses, threats and events. Other industry groups can use the IF-MAP framework to define and standardise metadata for other cases, including factory automation, building automation, cloud computing and smart grid.