DMTF Cloud Audit Data Federation Working Group ( CADF ) Charter WG Scope & Charter
Abstract
Concerns over cloud provider security remain one of the top inhibitors to adoption of cloud deployment models. Potential consumers of cloud deployments understand and need assurance that the security policies they require on their applications are consistently managed and enforced in the cloud as they would be in their enterprise. A cloud providers ability to provide specific audit event, log and report information on a per-tenant and application basis is essential. It is apparent that in order to meet these customer expectations, cloud providers must provide standard mechanisms for their tenant customers to self-manage & self-audit application security that includes information about the providers hardware, software and network infrastructure used to run specific tenant applications. We propose that the best way to address these requirements is by developing open standards for cloud auditing. These standards would support the submission and retrieval of normative audit event data from cloud providers in the form of customized reports and logs that can be dynamically generated for cloud customers using their criteria. Adoption of such open standards by cloud providers management platforms would go far to instill greater trust in cloud hosted applications and be a significant step forward in fulfilling the promise of an open cloud marketplace
Readership Statistics
Sign up today - FREE
Mendeley saves you time finding and organizing research. Learn more
- All your research in one place
- Add and import papers easily
- Access it anywhere, anytime
