Securely collaborating in clouds

This is a term used in the areas of information security, IT security, network security and computer security.

One of the current focuses of the Jericho Forum is "Securely Collaborating in Clouds", which involves applying the Collaboration Oriented Architecture COA concepts to the emerging Cloud Computing paradigm. The basic premise is that a collaborative approach is essential to gain most value from "The Clouds".

The Jericho Forum is focusing on the space not yet seen by the current cloud vendors, i.e. when users want to collaboratively share data with other cloud users.

The simplest SaaS case is the "cloud storage" (e.g. Google docs / Flickr), "cloud backup" (e.g. Carbonite), and "cloud archive" (e.g. Postini compliance) services. The Jericho Forum is looking at requirements such as protecting the data so the cloud owner cannot read it; proving this for audit/compliance by demonstrating that the cloud provider did not have the crypto keys; being able to do collaborative access control, again through key management processes.

Challenges exist when added-value processing is done by the cloud, such as how do you permit and verify collaboration.

The Jericho Forum might suggest slices of the data be shared, such as allowing your accountant to get part of your full accounting data and being allowed to send it to the tax authorities after some processing.

External links

• http://www.jerichoforum.org
• Open SOA Collaboration
• Service Component Architecture Specifications
• A collaboration-oriented software architecture modeling system
• Enterprise collaboration with Service Oriented Architecture (SOA)
• Collaboration Services in a Services Oriented Architecture