cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
j_M007
Community Champion

Open Group Jericho Cloud Cube Model: Selecting Cloud Formations for Secure Collaboration

Hello all,

In my readings on Cloud Computing security, I have stumbled across the Jericho Cloud Cube security model from the Open Group. I've been clouding around a bit recently, yet this was the first I had heard of it.

http://www.opengroup.org/subjectareas/security

https://blog.opengroup.org/2013/10/29/jericho-forum-declares-success-and-sunsets/

 

 

  • Is this model still in use (v1 April 2009!)?
  • Are there more advanced or granular models (for example from CSA, NIST, ENISA, etc.)?
  • Are you aware of how TOGAF is progressing with security architecture in general and with cloud security architecture and architectural models?
  • I very much like the style of the white paper because it addresses business issues in a focused way and it eschews the cloud gobbledygook that cause many's eyes to glaze over in confusion and frustration. Have any of you used it or have it as a reference in your cloud security initiatives?

Thanks

1 Reply
iluom
Contributor II

CCM uses four dimensions to describe different Cloud formations.

 

The model is a useful tool for categorizing Cloud services and, more importantly, in my opinion, for highlighting certain features of Cloud Computing models.

 

For example, a traditional Private Cloud could be viewed as in-sourced, internal, proprietary and perimeterised. However, a Private Cloud could also be outsourced, external, proprietary and perimeterised, if that Cloud service was to be hosted on the Cloud provider’s premises, but still dedicated to a single consumer. In this case, there is very little difference between an outsourced Private Cloud and a traditional outsourcing model.

 

So this conceptual model helps to understand consumers requirement.

 

my 2 cents

 

Cheers

 

 

 

Chandra Mouli, CISSP, CCSP, CSSLP