Cisco Intercloud Fabric Provider Platform Architecture Document
Trust Framework for the Intercloud. Buzz Cloud Computing Today.
-
Upload
benjamin-booker -
Category
Documents
-
view
221 -
download
4
Transcript of Trust Framework for the Intercloud. Buzz Cloud Computing Today.
![Page 1: Trust Framework for the Intercloud. Buzz Cloud Computing Today.](https://reader035.fdocuments.net/reader035/viewer/2022070415/5697bf9d1a28abf838c93b19/html5/thumbnails/1.jpg)
Trust Framework for the Intercloud
![Page 2: Trust Framework for the Intercloud. Buzz Cloud Computing Today.](https://reader035.fdocuments.net/reader035/viewer/2022070415/5697bf9d1a28abf838c93b19/html5/thumbnails/2.jpg)
Buzz
![Page 3: Trust Framework for the Intercloud. Buzz Cloud Computing Today.](https://reader035.fdocuments.net/reader035/viewer/2022070415/5697bf9d1a28abf838c93b19/html5/thumbnails/3.jpg)
Cloud Computing Today
![Page 4: Trust Framework for the Intercloud. Buzz Cloud Computing Today.](https://reader035.fdocuments.net/reader035/viewer/2022070415/5697bf9d1a28abf838c93b19/html5/thumbnails/4.jpg)
Cloud Computing Today
![Page 5: Trust Framework for the Intercloud. Buzz Cloud Computing Today.](https://reader035.fdocuments.net/reader035/viewer/2022070415/5697bf9d1a28abf838c93b19/html5/thumbnails/5.jpg)
Desired State
![Page 6: Trust Framework for the Intercloud. Buzz Cloud Computing Today.](https://reader035.fdocuments.net/reader035/viewer/2022070415/5697bf9d1a28abf838c93b19/html5/thumbnails/6.jpg)
• How do I know who is who?– Not all one enterprise (e.g., AD)– Not a single customer-provider relationship (e.g.,
static provisioning)– Potentially many legitimate participants– Nearly unlimited attackers– Identity work somewhat addresses this, but…
• What does it mean to the visited network to have a particular identity?– Resource access and manipulation– Strong authentication, yet how to do
authorization?
What is Missing?
![Page 7: Trust Framework for the Intercloud. Buzz Cloud Computing Today.](https://reader035.fdocuments.net/reader035/viewer/2022070415/5697bf9d1a28abf838c93b19/html5/thumbnails/7.jpg)
• P2302 is IEEE Intercloud effort• Simple inter-cloud messaging protocol• Broker services for naming, directories,
and data marshaling• Requires everyone to agree on
everything for every application• Rich individual trust model,
but limited in practice• Huawei-led to last year
Current Attempts: IEEE P2302
![Page 8: Trust Framework for the Intercloud. Buzz Cloud Computing Today.](https://reader035.fdocuments.net/reader035/viewer/2022070415/5697bf9d1a28abf838c93b19/html5/thumbnails/8.jpg)
P2302 Approaches
Centralized• All requests and data
held by neutral third-party broker
• Looking towards IANA or IGTF as a model or home
• But enterprises do not really trust their data in their own networks, no less in someone else’s
Federated
?• Nice Research
Project
![Page 9: Trust Framework for the Intercloud. Buzz Cloud Computing Today.](https://reader035.fdocuments.net/reader035/viewer/2022070415/5697bf9d1a28abf838c93b19/html5/thumbnails/9.jpg)
• Work out semantics for cloud federation– Policy-driven
• Provide tailored trustworthy space for cloud computing– Cryptographic foundation for intercloud data
assurance– Tailored directory access for resources and
data
• Goal: Apply to IEEE P2302, IETFSCIM, IRTF SDNRG
Project: Intercloud Identity
![Page 10: Trust Framework for the Intercloud. Buzz Cloud Computing Today.](https://reader035.fdocuments.net/reader035/viewer/2022070415/5697bf9d1a28abf838c93b19/html5/thumbnails/10.jpg)
• Evaluate state of the art and gap analysis with CBPP, Law Center, Department of Government– Interim Deliverable: Report on gaps
• Prototype peer-to-peer identity management system with tailored trust that meets operational & legal requirements
• Time: 15 months• Budget: $120,000; $65,000 to
get started
Plan: Intercloud Identity
![Page 11: Trust Framework for the Intercloud. Buzz Cloud Computing Today.](https://reader035.fdocuments.net/reader035/viewer/2022070415/5697bf9d1a28abf838c93b19/html5/thumbnails/11.jpg)
Image Attributions:Nexus 4S by GNUtooiPhone by HereToHelpAll others: Microsoft & their partners