You are here: The Open Group > The Open Group Conference, Washington DC, 2012 > Proceedings

BoF: Open Group Initiatives for Security and the Cloud

Objective of Meeting

The purpose of this session was to look at what The Open Group has delivered in the Cloud Security area and at the current and envisaged activities in various Forums and Work Groups to take this work further – including the Security for the Cloud and SOA project.


Stuart Boardman, Co-Chair of the Security for the Cloud and SOA project, gave a presentation summarizing its work, and Ian Dobson, Forum Director of the Security and Jericho Forums, gave an overview of the Cloud-related work done by these bodies.

It was noted that bodies outside The Open Group, including the Cloud Security Alliance, the US National Institute of Science and Technology (NIST), ISO, the US Government FEDRAMP initiative, and possibly the IEEE, are also doing relevant work.

Several useful potential work items were identified:

  • A set of security-related questions that enterprises procuring Cloud services should ask
  • A Cloud Security reference architecture
  • Standards and guidelines that would enable an enterprise to develop and implement a common administration policy across Cloud solutions, which typically have administration roles defined in terms of "siloed" cultures
  • Development of artifacts identified by the Jericho Forum's data protection white paper

The Security for the Cloud and SOA project has defined a set of architectural building blocks and a set of architectural principles for Cloud Security, but has not defined a full Cloud Security reference architecture.


The meeting produced no formal outputs.

Next Steps

The Security for the Cloud and SOA project should ensure that the excellent work that it has done is properly packaged and available, but is not expected to engage in further activities.

The Security and Jericho Forums will continue their work on Security, and the Cloud Work Group will continue its work on Cloud. These bodies will communicate and co-operate on Cloud Security.


   |   Legal Notices & Terms of Use   |   Privacy Statement   |   Top of Page   Return to Top of Page