ITU members have agreed to new international standards outlining security considerations essential to cloud computing.
Recommendation ITU-T X.1600 “Security framework for cloud computing”, having reached first-stage approval and now undergoing a final review, describes security threats in the cloud computing environment and, through a framework methodology, matches threats with the security capabilities advised to be specified in mitigating them.
ITU-T X.1600 will act as a ‘handbook’ guiding the future standardization of identified threat-mitigation techniques; in addition providing an implementation reference for systems-level cloud security.
Recommendation ITU-T X.1255 “Framework for the discovery of identity management information”, approved and soon to be freely available on ITU’s website, details an open architecture framework in which identity management (IdM) information – identifying ‘digital objects’ and enabling information sharing among entities including subscribers, users, networks, network elements, software applications, services and devices – can be discovered, accessed and represented by heterogenous IdM systems representing IdM information in different ways, supported by a variety of trust frameworks and employing different metadata schemes.
ITU-T X.1255 lays out a framework that enables discovery of identity-related information and its provenance; identity-related information attributes, including but not limited to visual logos and human-readable site names; and attributes and functionality of applications. The framework, in addition, describes a data model and protocol to enable meta-level interoperability in the management of this information across heterogeneous IdM environments.
The Recommendation is a first step towards the Digital Object Architecture (DOA) advocated by the Corporation for National Research Initiatives (CNRI), which is intended to achieve the “universal information access” possible with uniquely identifiable digital objects structured so as to ensure their machine and platform independence.
The new Recommendations were agreed at a meeting of ITU-T Study Group 17 (Security) in Geneva.