Announcements
April is Volunteer Appreciation Month! We want to thank all of our
volunteers for all the hard work they do! Join us in celebrating!
cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Showing results for 
Search instead for 
Did you mean: 
Community Champion

Open Group Jericho Cloud Cube Model: Selecting Cloud Formations for Secure Collaboration

Hello all,

In my readings on Cloud Computing security, I have stumbled across the Jericho Cloud Cube security model from the Open Group. I've been clouding around a bit recently, yet this was the first I had heard of it.

http://www.opengroup.org/subjectareas/security

https://blog.opengroup.org/2013/10/29/jericho-forum-declares-success-and-sunsets/

 

 

  • Is this model still in use (v1 April 2009!)?
  • Are there more advanced or granular models (for example from CSA, NIST, ENISA, etc.)?
  • Are you aware of how TOGAF is progressing with security architecture in general and with cloud security architecture and architectural models?
  • I very much like the style of the white paper because it addresses business issues in a focused way and it eschews the cloud gobbledygook that cause many's eyes to glaze over in confusion and frustration. Have any of you used it or have it as a reference in your cloud security initiatives?

Thanks

1 Reply
Highlighted
Contributor I

Re: Open Group Jericho Cloud Cube Model: Selecting Cloud Formations for Secure Collaboration

CCM uses four dimensions to describe different Cloud formations.

 

The model is a useful tool for categorizing Cloud services and, more importantly, in my opinion, for highlighting certain features of Cloud Computing models.

 

For example, a traditional Private Cloud could be viewed as in-sourced, internal, proprietary and perimeterised. However, a Private Cloud could also be outsourced, external, proprietary and perimeterised, if that Cloud service was to be hosted on the Cloud provider’s premises, but still dedicated to a single consumer. In this case, there is very little difference between an outsourced Private Cloud and a traditional outsourcing model.

 

So this conceptual model helps to understand consumers requirement.

 

my 2 cents

 

Cheers

 

 

 

Mouli, CISSP