Welcome!

News Feed Item

DMTF Releases Cloud Auditing Data Federation Standard

DMTF, the organization bringing the IT industry together to collaborate on the development, validation and promotion of infrastructure management standards, today announced release of its latest standard: the Cloud Auditing Data Federation (CADF) Data Format and Interface Definitions 1.0. More than a format, the CADF standard defines a full event model anyone can use to fill in the essential data needed to certify, self-manage and self-audit application security in cloud environments.

Potential consumers of cloud deployments need assurance that the security policies they require on their applications are as consistently managed and enforced “in the cloud” as they would be in their enterprise. CADF is an open standard that addresses this need by enabling cross-vendor information sharing via today’s newly-released data format and interface definitions. Supporting the federation of normative audit event data to and from cloud providers, CADF delivers new levels of insight into the provider’s hardware, software, and network infrastructure used to run specific tenant applications in a multi-vendor environment – whether private, public or hybrid.

With a robust query interface that can be extended to reflect the unique resources of each provider, this standard also defines a means to attach domain-specific identifiers, event classification values, and tags that can be used to dynamically generate customized logs and reports for cloud subscribers or customers. In addition, CADF goes beyond log-based periodic audits to offer the ability to perform real-time performance metering and monitoring, which can be used to assure customer Quality-of-Service.

“Organizations should be able to preserve their investments in the processes and tooling that provides them with the audit data they need, regardless of the cloud deployment model or the provider hosting the application,” said Winston Bumpus, DMTF chair of the board. “Open standards for cloud auditing data formats, along with open standardized interfaces for interacting with that data, help assuage security concerns and allow companies to easily compare the costs of hosting their application with various cloud providers without losing the ability to audit them.”

To learn more about the CADF standard and its importance to cloud infrastructures, please join today's live webinar at 9:00 a.m. US central time in the DMTF Learning Center at www.dmtf.org/education/webinars.

Industry Support for the DMTF CADF Standard

“As a DMTF board member and an active member of CADF working group, Fujitsu is pleased with the release of the CADF standard. Standardization of cloud computing technologies is important to our users, and we have contributed to the development of various standards and open-source activities. This significant milestone enables cloud vendors and open-source communities to provide interoperable auditing and monitoring of cloud services,” said Hiroshi Nagakura, VP of Strategy and Technology Division, Platform Strategic Planning Unit, Fujitsu Limited.

“We are gratified with the rapid adoption of the CADF standard in support of enhanced auditing features of cloud deployments. This is one of those features that will make cloud deployments more practical for serious business use,” said Yoshiki Matsuda, vice president, IT Platform R & D Management Division, Hitachi, Ltd.

“The release of the DMTF Cloud Auditing Data Federation (CADF) v1.0 standard is a significant step forward in providing enterprise customers an open standard to reliably audit their critical applications and data in Cloud deployments providing validation of corporate and industry compliance,” said Angel Diaz, VP Open Technology and Cloud Performance at IBM. “CADF, now integrated in OpenStack, also enables the accurate monitoring of Cloud infrastructures and resources by providing real-time, analytic data to immediately identify and dynamically adapt to operational and performance challenges.”

“NetIQ® is pleased to be a contributor to the DMTF's Cloud Auditing Data Federation standard 1.0 to help define the essential data needed to audit and certify clouds in a normative, prescriptive manner,” commented John Delk, vice president, Product Management at NetIQ. “Such standards are critical for today’s organizations seeking greater security intelligence on the complex threat landscape and how they impact security postures and organizational risk.”

Detailed information on all of DMTF standards can be found at www.dmtf.org/standards. Those interested in supporting and joining DMTF’s efforts to identify and create standards can be found at www.dmtf.org/join.

About DMTF

DMTF standards enable effective management of IT environments. The organization is comprised of industry-leading member companies that collaborate on the development, validation and promotion of infrastructure management standards. These standards specify well-defined interfaces that collectively deliver complete management capabilities. DMTF standard interfaces are critical to enabling interoperability among multi-vendor IT infrastructures, and systems and network management including cloud, virtualization, desktop, network, servers and storage. DMTF spans the globe with member companies and organizations representing varied industry sectors. The DMTF board of directors is led by 17 industry-leading technology companies including: Broadcom Corporation; CA Technologies; Cisco; Citrix Systems, Inc.; Dell; Emerson Network Power; Fujitsu; Hitachi, Ltd.; HP; Intel Corporation; Microsoft Corporation; NetApp; Oracle; Software AG; SunGard Availability Services; Telecom Italia and VMware, Inc. Information about the organization, its technologies and activities can be found at www.dmtf.org.

Copyright© 2014 NetIQ Corporation. All Rights Reserved. NetIQ and the NetIQ logo are trademarks or registered trademarks of NetIQ Corporation in the USA. All other trademarks, trade names, or company names referenced herein are used for identification only and are the property of their respective owners.

More Stories By Business Wire

Copyright © 2009 Business Wire. All rights reserved. Republication or redistribution of Business Wire content is expressly prohibited without the prior written consent of Business Wire. Business Wire shall not be liable for any errors or delays in the content, or for any actions taken in reliance thereon.

Latest Stories
The next XaaS is CICDaaS. Why? Because CICD saves developers a huge amount of time. CD is an especially great option for projects that require multiple and frequent contributions to be integrated. But… securing CICD best practices is an emerging, essential, yet little understood practice for DevOps teams and their Cloud Service Providers. The only way to get CICD to work in a highly secure environment takes collaboration, patience and persistence. Building CICD in the cloud requires rigorous ar...
Transforming cloud-based data into a reportable format can be a very expensive, time-intensive and complex operation. As a SaaS platform with more than 30 million global users, Cornerstone OnDemand’s challenge was to create a scalable solution that would improve the time it took customers to access their user data. Our Real-Time Data Warehouse (RTDW) process vastly reduced data time-to-availability from 24 hours to just 10 minutes. In his session at 21st Cloud Expo, Mark Goldin, Chief Technolo...
In this strange new world where more and more power is drawn from business technology, companies are effectively straddling two paths on the road to innovation and transformation into digital enterprises. The first path is the heritage trail – with “legacy” technology forming the background. Here, extant technologies are transformed by core IT teams to provide more API-driven approaches. Legacy systems can restrict companies that are transitioning into digital enterprises. To truly become a lead...
SYS-CON Events announced today that CAST Software will exhibit at SYS-CON's 21st International Cloud Expo®, which will take place on Oct 31 - Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. CAST was founded more than 25 years ago to make the invisible visible. Built around the idea that even the best analytics on the market still leave blind spots for technical teams looking to deliver better software and prevent outages, CAST provides the software intelligence that matter ...
SYS-CON Events announced today that Daiya Industry will exhibit at the Japanese Pavilion at SYS-CON's 21st International Cloud Expo®, which will take place on Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. Ruby Development Inc. builds new services in short period of time and provides a continuous support of those services based on Ruby on Rails. For more information, please visit https://github.com/RubyDevInc.
When it comes to cloud computing, the ability to turn massive amounts of compute cores on and off on demand sounds attractive to IT staff, who need to manage peaks and valleys in user activity. With cloud bursting, the majority of the data can stay on premises while tapping into compute from public cloud providers, reducing risk and minimizing need to move large files. In his session at 18th Cloud Expo, Scott Jeschonek, Director of Product Management at Avere Systems, discussed the IT and busine...
Is advanced scheduling in Kubernetes achievable? Yes, however, how do you properly accommodate every real-life scenario that a Kubernetes user might encounter? How do you leverage advanced scheduling techniques to shape and describe each scenario in easy-to-use rules and configurations? In his session at @DevOpsSummit at 21st Cloud Expo, Oleg Chunikhin, CTO at Kublr, will answer these questions and demonstrate techniques for implementing advanced scheduling. For example, using spot instances ...
As businesses evolve, they need technology that is simple to help them succeed today and flexible enough to help them build for tomorrow. Chrome is fit for the workplace of the future — providing a secure, consistent user experience across a range of devices that can be used anywhere. In her session at 21st Cloud Expo, Vidya Nagarajan, a Senior Product Manager at Google, will take a look at various options as to how ChromeOS can be leveraged to interact with people on the devices, and formats th...
First generation hyperconverged solutions have taken the data center by storm, rapidly proliferating in pockets everywhere to provide further consolidation of floor space and workloads. These first generation solutions are not without challenges, however. In his session at 21st Cloud Expo, Wes Talbert, a Principal Architect and results-driven enterprise sales leader at NetApp, will discuss how the HCI solution of tomorrow will integrate with the public cloud to deliver a quality hybrid cloud e...
SYS-CON Events announced today that Yuasa System will exhibit at the Japan External Trade Organization (JETRO) Pavilion at SYS-CON's 21st International Cloud Expo®, which will take place on Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. Yuasa System is introducing a multi-purpose endurance testing system for flexible displays, OLED devices, flexible substrates, flat cables, and films in smartphones, wearables, automobiles, and healthcare.
Companies are harnessing data in ways we once associated with science fiction. Analysts have access to a plethora of visualization and reporting tools, but considering the vast amount of data businesses collect and limitations of CPUs, end users are forced to design their structures and systems with limitations. Until now. As the cloud toolkit to analyze data has evolved, GPUs have stepped in to massively parallel SQL, visualization and machine learning.
The session is centered around the tracing of systems on cloud using technologies like ebpf. The goal is to talk about what this technology is all about and what purpose it serves. In his session at 21st Cloud Expo, Shashank Jain, Development Architect at SAP, will touch upon concepts of observability in the cloud and also some of the challenges we have. Generally most cloud-based monitoring tools capture details at a very granular level. To troubleshoot problems this might not be good enough.
DevOps is under attack because developers don’t want to mess with infrastructure. They will happily own their code into production, but want to use platforms instead of raw automation. That’s changing the landscape that we understand as DevOps with both architecture concepts (CloudNative) and process redefinition (SRE). Rob Hirschfeld’s recent work in Kubernetes operations has led to the conclusion that containers and related platforms have changed the way we should be thinking about DevOps and...
When it comes to cloud computing, the ability to turn massive amounts of compute cores on and off on demand sounds attractive to IT staff, who need to manage peaks and valleys in user activity. With cloud bursting, the majority of the data can stay on premises while tapping into compute from public cloud providers, reducing risk and minimizing need to move large files. In his session at 18th Cloud Expo, Scott Jeschonek, Director of Product Management at Avere Systems, discussed the IT and busine...
SYS-CON Events announced today that Dasher Technologies will exhibit at SYS-CON's 21st International Cloud Expo®, which will take place on Oct 31 - Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. Dasher Technologies, Inc. ® is a premier IT solution provider that delivers expert technical resources along with trusted account executives to architect and deliver complete IT solutions and services to help our clients execute their goals, plans and objectives. Since 1999, we'v...