I'm forwarding this email and document on behalf of Yuri Demchenko. --------------------------- Hello Everybody, I was advised that this information might be interesting to the list. As a part of our participation in two projects GEANT3-JRA3-T3 "Composable services" and GEYSERS we found necessary to do a research on developing Security Service Lifecycle Management (SSLM) model that is required to develop consistent security services for dynamically provisioned virtualised services. The first draft of the Geysers document is attached "Services lifecycle management in on-demand services/resources provisioning: ITU-T, OASIS and other industry standards overview" More visual format, if you prefer, you can find in my presentation at the SNE group meeting "On-Demand Infrastructure Services Provisioning in Geysers Project and Security Services Lifecycle Management" SNE group meeting, February 11, 2010, UvA, Amsterdam
http://staff.science.uva.nl/~demch/presentations/sneg20100211-geysers-securi... You may find it interesting that a good piece of relevant standards is published by ITU-T and TMF. The document provides also suggestions how works in Geysers and GEANT3 on development of the on-demand infrastructure services provisioning can be positioned against other frameworks and in particular ITU-T Next Generation Network (NGN) concept. There is also a first touch in analysing Clouds security model and in particular what security mechanisms are required to secure data in the remote (Cloud) execution environment, i.e. compute or storage. BTW, this topic will be also presented and discussed at the OGF28 workshop and BOF "On-demand Infrastructure Services provisioning" scheduled on Monday 15th March from 9:00-12:30 and 16:00-17:30 Hopefully you will find this information interesting. Regards, Yuri