By Stuart Boardman, Getronics; and Omkhar Arasaratnam, IBM
The Open Group recently published a whitepaper, An Architectural View Of Security For Cloud, which is the first in a series being produced by the Security For The Cloud and SOA project. In this whitepaper we introduce a method that helps organizations to model and therefore understand the security aspects of their Cloud initiatives.
Security is still often cited as the biggest concern about the Cloud. This topic was even raised during the recent survey by The Open Group on Cloud Computing. But does the concern reflect a genuine level of risk? If so, in what way and under what circumstances? It would be irresponsible not to take this seriously, but right now we’re suffering from a “here be dragons” mentality. Despite all the good work done by The Open Group, the Cloud Security Alliance (CSA) and others, we still see far too much discussion of this kind: “The biggest single security threat in the Cloud is…” This helps no one, because these are generalizations and every organization’s situation is specific (This is borne out by other surveys, by the way). The result is FUD (fear, uncertainty and doubt) and therefore stagnation. And as people lose patience with that, the reaction is sometimes the taking of inappropriate risks.
One of the challenges in understanding Cloud-based architectures is that each party, whether it is primarily a consumer or primarily a provider, is part of an ecosystem of different entities, providing and consuming Cloud services. The view of the architecture for each player may be different but each of them must take the entire ecosystem into account and not just its own part. When you couple this with the fact that there are so many possible types of Cloud service and delivery, and so many different kinds of data one might expose in the Cloud, it’s clear that there is no one generic model for Cloud. You need to understand the particular situation you are in or can foresee being in. That can be quite complex.
The Open Group’s Security for the Cloud and SOA project is developing a security reference architecture, which will help architects and security specialists to develop their view and understanding of their situations. Using the architecture and the associated method and combining this with the advice coming from other groups such as CSA or The Open Group Jericho Forum®, you can create a comprehensible view of a complex situation, determine risks, test your solution options and set up controls to manage all this in a production situation.
The fundamentals of our approach are architectural building blocks, security principles and a scenario-driven modeling method. We have defined a set of principles but also take into account identity principles from the CSA – and in the future, will work to combine all these effectively with the recently published Jericho Foundation Identity Commandments. Policy-driven security is for us a basic principle and itself is how most other principles are supported. By using the method to model responsibility for the building blocks, you can understand how policy is managed across the ecosystem and make an informed analysis of risks, mitigations and opportunities.
In the whitepaper, we illustrate the approach for the area of identity, entitlement and access management policy. We use a scenario involving one consumer organization and three SaaS providers supporting travel booking. We look at three situations which might apply depending on the capabilities and flexibility of the various parties. Here’s an example of how responsibility for the building blocks is distributed in one of these situations and how open standards can help to support that.
This happens to be the situation which best supports the principles we highlight in the whitepaper. In other situations you can see exactly how principles are compromised. That helps an organization weigh up risks and benefits. Take a look at the whitepaper and let us know what you think. We’re happy with any input we receive. More whitepapers will follow soon extending the method to other areas of security. Later on we’ll start building realizations that will, we hope, help to promote the use of open standards and bring us closer to Boundaryless Information Flow™. We’re also running an “architectural decisions rodeo” at The Open Group Conference, Austin (July 18-22) during which we will discuss and document key architectural decisions regarding Cloud security.
Omkhar Arasaratnam is a Certified Senior Security Architect with IBM. He is a member of the IBM Security Architecture Board, the IBM Cloud Computing Security Architecture Board, and co-leads The Open Group Cloud Computing Work Group’s Security for the Cloud and SOA project. He is also actively involved in the International Standards Organization (ISO) JTC1/SC38 Study Group on Cloud Computing. Omkhar is also an accomplished author and technical editor of several IBM, John Wiley & Sons, and O’Reilly publications. He also has five pending patents in the field of information technology. Omkhar has worldwide responsibility for security architecture in some of IBM’s Cloud Computing services.
Stuart Boardman is a Senior Business Consultant with Getronics Consulting where he co-leads the Enterprise Architecture practice as well as the Cloud Computing solutions group. He is co-lead with Omkhar Arasaratnam of The Open Group Cloud Computing Work Group’s Security for the Cloud and SOA project and a founding member of both The Open Group Cloud Computing Work Group and The Open Group SOA Work Group. Stuart is the author of publications by the Information Security Platform (PvIB) in The Netherlands and of his previous employer, CGI. He is a frequent speaker at conferences on the topics of Cloud, SOA, and Identity.