New DMTF WorkGroup To Address Cloud Security Concerns Through Cloud Audit Standards
Last week the Distributed Management Task Force (DMTF) formed the Cloud Audit Data Federation Work Group (CADF) to develop open standards for cloud auditing. The work group will define specifications that will enable cloud service providers to generate specific audit events, log and report information on a per-tenant and application basis. DMTF expects that the adoption of this open standard will instill in customers a greater trust in "cloudy applications". Cloud hosted application consumers can expect an interoperable cloud management system between service providers when these specifications are combined with standards from the Cloud Management Working Group (CMWG) .
The CADF charter defines the goals of the working group in terms of in-scope items:
· Data Model - that defines a normative, prescriptive audit event record and is composable into compatible log and record formats.
o Extensible Event Taxonomies - normative, prescriptive taxonomies used to categorize event resources, actions and outcomes.
· Exemplary Interface Model - that defines service methods for management and federation of the audit data model.
o Interfaces would include consideration for event Submission, Import and Export, Query and Subscription.
· Exemplary Component and Interaction Model - that demonstrates how the data and interfaces could be used by cloud providers and consumers to support general cloud auditing use cases.
· Profiles - that extends the core data and interface specifications developed to accommodate particular methods of consumption.
o Including references to specific data models (e.g. DMTF Common Information Model or CIM) and "tagging" to security compliance controls/frameworks (e.g. ISO 27000, PCI-DSS, HIPAA, etc.)
and out-of-scope items:
• Translation of event notation from other domains
• Non-‐federated, low-‐level event generation
• Message and transport protocols
• Persistence and storage of audit events, reports, and logs will not be considered.
• Inclusion of Trace, Debug and Forensic Information
Apart from aligning with the CMWG the CADF working group has planned partnerships with The Open Group (TOG) , Cloud Security Alliance (CSA), Object Management Group (OMG) and the Storage Networking Industry Alliance (SNIA). Winston Bumpus, DMTF president said that the CADF group will incoporate CSA CloudAudit's work around audit and namespace standardization. Bumpus also announced that the CADF specifications will be referenced in The Cloud Computing Standards Roadmap which is a comprehensive list of relevant cloud computing standards.
The DMTF is constituted of 16 member companies and its board includes IBM, Novell, VMWare, EMC, HP, Oracle, Cisco, Fujitsu, CA Technologies, Hitachi, Juniper, Red Hat, Citrix, Huawei.
Tom Gilb & Kai Gilb Jan 26, 2015