Welcome!

News Feed Item

DMTF Releases Cloud Auditing Data Federation Standard

DMTF, the organization bringing the IT industry together to collaborate on the development, validation and promotion of infrastructure management standards, today announced release of its latest standard: the Cloud Auditing Data Federation (CADF) Data Format and Interface Definitions 1.0. More than a format, the CADF standard defines a full event model anyone can use to fill in the essential data needed to certify, self-manage and self-audit application security in cloud environments.

Potential consumers of cloud deployments need assurance that the security policies they require on their applications are as consistently managed and enforced “in the cloud” as they would be in their enterprise. CADF is an open standard that addresses this need by enabling cross-vendor information sharing via today’s newly-released data format and interface definitions. Supporting the federation of normative audit event data to and from cloud providers, CADF delivers new levels of insight into the provider’s hardware, software, and network infrastructure used to run specific tenant applications in a multi-vendor environment – whether private, public or hybrid.

With a robust query interface that can be extended to reflect the unique resources of each provider, this standard also defines a means to attach domain-specific identifiers, event classification values, and tags that can be used to dynamically generate customized logs and reports for cloud subscribers or customers. In addition, CADF goes beyond log-based periodic audits to offer the ability to perform real-time performance metering and monitoring, which can be used to assure customer Quality-of-Service.

“Organizations should be able to preserve their investments in the processes and tooling that provides them with the audit data they need, regardless of the cloud deployment model or the provider hosting the application,” said Winston Bumpus, DMTF chair of the board. “Open standards for cloud auditing data formats, along with open standardized interfaces for interacting with that data, help assuage security concerns and allow companies to easily compare the costs of hosting their application with various cloud providers without losing the ability to audit them.”

To learn more about the CADF standard and its importance to cloud infrastructures, please join today's live webinar at 9:00 a.m. US central time in the DMTF Learning Center at www.dmtf.org/education/webinars.

Industry Support for the DMTF CADF Standard

“As a DMTF board member and an active member of CADF working group, Fujitsu is pleased with the release of the CADF standard. Standardization of cloud computing technologies is important to our users, and we have contributed to the development of various standards and open-source activities. This significant milestone enables cloud vendors and open-source communities to provide interoperable auditing and monitoring of cloud services,” said Hiroshi Nagakura, VP of Strategy and Technology Division, Platform Strategic Planning Unit, Fujitsu Limited.

“We are gratified with the rapid adoption of the CADF standard in support of enhanced auditing features of cloud deployments. This is one of those features that will make cloud deployments more practical for serious business use,” said Yoshiki Matsuda, vice president, IT Platform R & D Management Division, Hitachi, Ltd.

“The release of the DMTF Cloud Auditing Data Federation (CADF) v1.0 standard is a significant step forward in providing enterprise customers an open standard to reliably audit their critical applications and data in Cloud deployments providing validation of corporate and industry compliance,” said Angel Diaz, VP Open Technology and Cloud Performance at IBM. “CADF, now integrated in OpenStack, also enables the accurate monitoring of Cloud infrastructures and resources by providing real-time, analytic data to immediately identify and dynamically adapt to operational and performance challenges.”

“NetIQ® is pleased to be a contributor to the DMTF's Cloud Auditing Data Federation standard 1.0 to help define the essential data needed to audit and certify clouds in a normative, prescriptive manner,” commented John Delk, vice president, Product Management at NetIQ. “Such standards are critical for today’s organizations seeking greater security intelligence on the complex threat landscape and how they impact security postures and organizational risk.”

Detailed information on all of DMTF standards can be found at www.dmtf.org/standards. Those interested in supporting and joining DMTF’s efforts to identify and create standards can be found at www.dmtf.org/join.

About DMTF

DMTF standards enable effective management of IT environments. The organization is comprised of industry-leading member companies that collaborate on the development, validation and promotion of infrastructure management standards. These standards specify well-defined interfaces that collectively deliver complete management capabilities. DMTF standard interfaces are critical to enabling interoperability among multi-vendor IT infrastructures, and systems and network management including cloud, virtualization, desktop, network, servers and storage. DMTF spans the globe with member companies and organizations representing varied industry sectors. The DMTF board of directors is led by 17 industry-leading technology companies including: Broadcom Corporation; CA Technologies; Cisco; Citrix Systems, Inc.; Dell; Emerson Network Power; Fujitsu; Hitachi, Ltd.; HP; Intel Corporation; Microsoft Corporation; NetApp; Oracle; Software AG; SunGard Availability Services; Telecom Italia and VMware, Inc. Information about the organization, its technologies and activities can be found at www.dmtf.org.

Copyright© 2014 NetIQ Corporation. All Rights Reserved. NetIQ and the NetIQ logo are trademarks or registered trademarks of NetIQ Corporation in the USA. All other trademarks, trade names, or company names referenced herein are used for identification only and are the property of their respective owners.

More Stories By Business Wire

Copyright © 2009 Business Wire. All rights reserved. Republication or redistribution of Business Wire content is expressly prohibited without the prior written consent of Business Wire. Business Wire shall not be liable for any errors or delays in the content, or for any actions taken in reliance thereon.

Latest Stories
WebRTC is about the data channel as much as about video and audio conferencing. However, basically all commercial WebRTC applications have been built with a focus on audio and video. The handling of “data” has been limited to text chat and file download – all other data sharing seems to end with screensharing. What is holding back a more intensive use of peer-to-peer data? In her session at @ThingsExpo, Dr Silvia Pfeiffer, WebRTC Applications Team Lead at National ICT Australia, looked at differ...
Without a clear strategy for cost control and an architecture designed with cloud services in mind, costs and operational performance can quickly get out of control. To avoid multiple architectural redesigns requires extensive thought and planning. Boundary (now part of BMC) launched a new public-facing multi-tenant high resolution monitoring service on Amazon AWS two years ago, facing challenges and learning best practices in the early days of the new service. In his session at 19th Cloud Exp...
For basic one-to-one voice or video calling solutions, WebRTC has proven to be a very powerful technology. Although WebRTC’s core functionality is to provide secure, real-time p2p media streaming, leveraging native platform features and server-side components brings up new communication capabilities for web and native mobile applications, allowing for advanced multi-user use cases such as video broadcasting, conferencing, and media recording.
With major technology companies and startups seriously embracing IoT strategies, now is the perfect time to attend @ThingsExpo 2016 in New York. Learn what is going on, contribute to the discussions, and ensure that your enterprise is as "IoT-Ready" as it can be! Internet of @ThingsExpo, taking place June 6-8, 2017, at the Javits Center in New York City, New York, is co-located with 20th Cloud Expo and will feature technical sessions from a rock star conference faculty and the leading industry p...
"Plutora provides release and testing environment capabilities to the enterprise," explained Dalibor Siroky, Director and Co-founder of Plutora, in this SYS-CON.tv interview at @DevOpsSummit, held June 9-11, 2015, at the Javits Center in New York City.
Security, data privacy, reliability and regulatory compliance are critical factors when evaluating whether to move business applications from in-house client hosted environments to a cloud platform. In her session at 18th Cloud Expo, Vandana Viswanathan, Associate Director at Cognizant, In this session, will provide an orientation to the five stages required to implement a cloud hosted solution validation strategy.
SYS-CON Events announced today that CA Technologies has been named "Platinum Sponsor" of SYS-CON's 20th International Cloud Expo®, which will take place on June 6-8, 2017, at the Javits Center in New York City, New York, and 21st International Cloud Expo, which will take place in November in Silicon Valley, California.
The security needs of IoT environments require a strong, proven approach to maintain security, trust and privacy in their ecosystem. Assurance and protection of device identity, secure data encryption and authentication are the key security challenges organizations are trying to address when integrating IoT devices. This holds true for IoT applications in a wide range of industries, for example, healthcare, consumer devices, and manufacturing. In his session at @ThingsExpo, Lancen LaChance, vic...
SYS-CON Events announced today that delaPlex will exhibit at SYS-CON's @CloudExpo, which will take place on June 6-8, 2017, at the Javits Center in New York City, NY. delaPlex pioneered Software Development as a Service (SDaaS), which provides scalable resources to build, test, and deploy software. It’s a fast and more reliable way to develop a new product or expand your in-house team.
Wooed by the promise of faster innovation, lower TCO, and greater agility, businesses of every shape and size have embraced the cloud at every layer of the IT stack – from apps to file sharing to infrastructure. The typical organization currently uses more than a dozen sanctioned cloud apps and will shift more than half of all workloads to the cloud by 2018. Such cloud investments have delivered measurable benefits. But they’ve also resulted in some unintended side-effects: complexity and risk. ...
The explosion of new web/cloud/IoT-based applications and the data they generate are transforming our world right before our eyes. In this rush to adopt these new technologies, organizations are often ignoring fundamental questions concerning who owns the data and failing to ask for permission to conduct invasive surveillance of their customers. Organizations that are not transparent about how their systems gather data telemetry without offering shared data ownership risk product rejection, regu...
When you focus on a journey from up-close, you look at your own technical and cultural history and how you changed it for the benefit of the customer. This was our starting point: too many integration issues, 13 SWP days and very long cycles. It was evident that in this fast-paced industry we could no longer afford this reality. We needed something that would take us beyond reducing the development lifecycles, CI and Agile methodologies. We made a fundamental difference, even changed our culture...
More and more brands have jumped on the IoT bandwagon. We have an excess of wearables – activity trackers, smartwatches, smart glasses and sneakers, and more that track seemingly endless datapoints. However, most consumers have no idea what “IoT” means. Creating more wearables that track data shouldn't be the aim of brands; delivering meaningful, tangible relevance to their users should be. We're in a period in which the IoT pendulum is still swinging. Initially, it swung toward "smart for smart...
The Internet of Things can drive efficiency for airlines and airports. In their session at @ThingsExpo, Shyam Varan Nath, Principal Architect with GE, and Sudip Majumder, senior director of development at Oracle, discussed the technical details of the connected airline baggage and related social media solutions. These IoT applications will enhance travelers' journey experience and drive efficiency for the airlines and the airports.
In his keynote at @ThingsExpo, Chris Matthieu, Director of IoT Engineering at Citrix and co-founder and CTO of Octoblu, focused on building an IoT platform and company. He provided a behind-the-scenes look at Octoblu’s platform, business, and pivots along the way (including the Citrix acquisition of Octoblu).