A “trusted front door” needs to be hung on the cloud before the computing trend can be considered secure.
So says Nico Popp, vice president of product development, authentication and trust services for VeriSign. He will detail what it takes to construct such a door between enterprises and cloud providers during his presentation, which is aptly named “Trusted Front Door to the Cloud,” at July’s Cloud Identity Summit.
Popp will discuss a trust infrastructure model: a common set of policies as part of a certification program and a shared infrastructure of trust brokers. The model will enable such functions as identity and access management interoperability, security and monitoring.
“Trust is the big issue in the cloud and we think identity is the linchpin of trust when it comes to the cloud,” said Popp. “We need to enable federation because the old model of creating an identity at each cloud provider just does not work.”
And there are other materials that must go into building the trusted front door. In addition, the cloud needs to enable layered security, multi-factor authentication, privacy, governance, compliance, audit trails, reporting, provisioning, policy enforcement and reliability,” he says.
Popp says there are opportunities to combine some of these elements. And all of them become part of the trusted front door. “In the cloud, policy setting mechanisms are primitive, audit and controls are minimal, monitoring remains adhoc, and certification programs are missing,” he says.
A key step is to develop policy frameworks, namely trust.
But what the trust framework should look like is still an open question, Popp says. “We need to start with a certificate program as a common baseline for security. “ The Open Identity Exchange is one example where trust framework efforts are under way. One goal is to ensure where liability is tethered. Popp says Visa is an example of a trust model to emulate.
“To solve trust in the cloud we have to solve the identity issues, the infrastructure issues. We have to decide what the infrastructure looks like, we need new trust frameworks and we need to determine if it all will be enough,” he says.