Open Group Jericho Cloud Cube Model: Selecting Clo...

j_M007 · ‎08-21-2018

Hello all,

In my readings on Cloud Computing security, I have stumbled across the Jericho Cloud Cube security model from the Open Group. I've been clouding around a bit recently, yet this was the first I had heard of it.

http://www.opengroup.org/subjectareas/security

https://blog.opengroup.org/2013/10/29/jericho-forum-declares-success-and-sunsets/

Is this model still in use (v1 April 2009!)?
Are there more advanced or granular models (for example from CSA, NIST, ENISA, etc.)?
Are you aware of how TOGAF is progressing with security architecture in general and with cloud security architecture and architectural models?
I very much like the style of the white paper because it addresses business issues in a focused way and it eschews the cloud gobbledygook that cause many's eyes to glaze over in confusion and frustration. Have any of you used it or have it as a reference in your cloud security initiatives?

Thanks

iluom · ‎02-08-2019

CCM uses four dimensions to describe different Cloud formations.

The model is a useful tool for categorizing Cloud services and, more importantly, in my opinion, for highlighting certain features of Cloud Computing models.

For example, a traditional Private Cloud could be viewed as in-sourced, internal, proprietary and perimeterised. However, a Private Cloud could also be outsourced, external, proprietary and perimeterised, if that Cloud service was to be hosted on the Cloud provider’s premises, but still dedicated to a single consumer. In this case, there is very little difference between an outsourced Private Cloud and a traditional outsourcing model.

So this conceptual model helps to understand consumers requirement.

my 2 cents

Cheers

Chandra Mouli, CISSP, CCSP, CSSLP

Open Group Jericho Cloud Cube Model: Selecting Cloud Formations for Secure Collaboration