Cloud Authorization Use Cases Version 0 Committee Note 01 19 November 2014



Download 225.11 Kb.
Page1/11
Date conversion29.11.2017
Size225.11 Kb.
  1   2   3   4   5   6   7   8   9   10   11


Cloud Authorization Use Cases Version 1.0

Committee Note 01

19 November 2014



Specification URIs

This version:

http://docs.oasis-open.org/cloudauthz/CloudAuthZ-usecases/v1.0/cn01/CloudAuthZ-usecases-v1.0-cn01.doc (Authoritative)

http://docs.oasis-open.org/cloudauthz/CloudAuthZ-usecases/v1.0/cn01/CloudAuthZ-usecases-v1.0-cn01.html

http://docs.oasis-open.org/cloudauthz/CloudAuthZ-usecases/v1.0/cn01/CloudAuthZ-usecases-v1.0-cn01.pdf

Previous version:

http://docs.oasis-open.org/cloudauthz/CloudAuthZ-usecases/v1.0/cnprd01/CloudAuthZ-usecases-v1.0-cnprd01.doc (Authoritative)

http://docs.oasis-open.org/cloudauthz/CloudAuthZ-usecases/v1.0/cnprd01/CloudAuthZ-usecases-v1.0-cnprd01.html

http://docs.oasis-open.org/cloudauthz/CloudAuthZ-usecases/v1.0/cnprd01/CloudAuthZ-usecases-v1.0-cnprd01.pdf

Latest version:

http://docs.oasis-open.org/cloudauthz/CloudAuthZ-usecases/v1.0/CloudAuthZ-usecases-v1.0.doc (Authoritative)

http://docs.oasis-open.org/cloudauthz/CloudAuthZ-usecases/v1.0/CloudAuthZ-usecases-v1.0.html

http://docs.oasis-open.org/cloudauthz/CloudAuthZ-usecases/v1.0/CloudAuthZ-usecases-v1.0.pdf


Technical Committee:

OASIS Cloud Authorization (CloudAuthZ) TC

Chair:

Radu Marian (radu.marian@baml.com), Bank of America



Editors:

Anil Saldhana (anil.saldhana@redhat.com), Red Hat, Inc.

Radu Marian (radu.marian@baml.com), Bank of America

Dr. Felix Gomez Marmol (felix.gomez-marmol@neclab.eu), NEC Corporation

Chris Kappler (chris.kappler@pwc.be), PricewaterhouseCoopers LLC

Abstract:

This document is intended to provide a set of representative use cases that examine the requirements on Cloud Authorization using commonly defined cloud deployment and service models. These use cases are intended to be used for further analysis to determine if functional gaps exist in current identity management standards that additional open standards activities could address.



Status:

This document was last revised or approved by the OASIS Cloud Authorization TC on the above date. The level of approval is also listed above. Check the “Latest version” location noted above for possible later revisions of this document.

Technical Committee members should send comments on this document to the Technical Committee’s email list. Others should send comments to the Technical Committee by using the “Send A Comment” button on the Technical Committee’s web page at https://www.oasis-open.org/committees/cloudauthz/.

Citation format:

When referencing this document the following citation format should be used:



[CloudAuthZ-Usecases]

Cloud Authorization Use Cases Version 1.0. Edited by Anil Saldhana, Radu Marian, Dr. Felix Gomez Marmol, and Chris Kappler. 19 November 2014. OASIS Committee Note 01. http://docs.oasis-open.org/cloudauthz/CloudAuthZ-usecases/v1.0/cn01/CloudAuthZ-usecases-v1.0-cn01.html. Latest version: http://docs.oasis-open.org/cloudauthz/CloudAuthZ-usecases/v1.0/CloudAuthZ-usecases-v1.0.html.

Copyright © OASIS Open 2014. All Rights Reserved.

All capitalized terms in the following text have the meanings assigned to them in the OASIS Intellectual Property Rights Policy (the "OASIS IPR Policy"). The full Policy may be found at the OASIS website.

This document and translations of it may be copied and furnished to others, and derivative works that comment on or otherwise explain it or assist in its implementation may be prepared, copied, published, and distributed, in whole or in part, without restriction of any kind, provided that the above copyright notice and this section are included on all such copies and derivative works. However, this document itself may not be modified in any way, including by removing the copyright notice or references to OASIS, except as needed for the purpose of developing any document or deliverable produced by an OASIS Technical Committee (in which case the rules applicable to copyrights, as set forth in the OASIS IPR Policy, must be followed) or as required to translate it into languages other than English.

The limited permissions granted above are perpetual and will not be revoked by OASIS or its successors or assigns.

This document and the information contained herein is provided on an "AS IS" basis and OASIS DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION HEREIN WILL NOT INFRINGE ANY OWNERSHIP RIGHTS OR ANY IMPLIED WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.

Table of Contents


Introduction 5

Use Case Composition 7

Use Case Overview 16

Use Cases 18

Appendix A. Acknowledgments 34

Appendix B. Definitions 35

Appendix C. Acronyms 47

Appendix D. Revision History 49




Introduction

1.1Statement of Purpose

Cloud Computing is turning into an important IT service delivery paradigm. Many enterprises are experimenting with cloud computing, using clouds in their own data centers or hosted by third parties, and increasingly they deploy business applications on such private and public clouds. Cloud Computing raises many challenges that have serious security implications. Identity Management in the cloud is such a challenge.

Many enterprises avail themselves of a combination of private and public Cloud Computing infrastructures to handle their workloads. In a phenomenon known as "Cloud Bursting", the peak loads are offloaded to public Cloud Computing infrastructures that offer billing based on usage. This is a use case of a Hybrid Cloud infrastructure. Additionally, governments around the world are evaluating the use of Cloud Computing for government applications. For instance, the US Government has started apps.gov to foster the adoption of Cloud Computing. Other governments have started or announced similar efforts.

The purpose of the OASIS Cloud Authorization TC is to collect use cases to help identify gaps in existing Cloud Authorization standards. The use cases will be used to identify gaps in current standards and investigate the definition of entitlements.

The TC will focus on collaborating with other OASIS Technical Committees and relevant standards organizations such as The Open Group, Cloud Security Alliance and ITU-T in the area of cloud security and Identity Management. Liaisons will be identified with other standards bodies, and strong content-sharing arrangements sought where possible, subject to applicable OASIS policies.




  1   2   3   4   5   6   7   8   9   10   11


The database is protected by copyright ©hestories.info 2017
send message

    Main page