DMTF

Distributed Management Task Force, Inc.

DMTF enables more effective management of IT systems worldwide.

CADF Cloud Auditing Data Federation Working Group (CADF)

Workgroup Information

Workgroup Chair(s)

  • David Corlette, NetIQ Corporation
  • Matthew Rutkowski, IBM

Workgroup Description

Problem Space and Environment

Concerns over cloud provider security remain one of the top inhibitors to adoption of cloud deployment models. Potential consumers of cloud deployments understand and need assurance that the security policies they require on their applications are consistently managed and enforced “in the cloud” as they would be in their enterprise.

A cloud provider’s ability to provide specific audit event, log and report information on a per-tenant and application basis is essential. It is apparent that in order to meet these customer expectations, cloud providers must provide standard mechanisms for their tenant customers to self-manage & self audit application security that includes information about the provider’s hardware, software and network infrastructure used to run specific tenant applications.

We propose that the best way to address these requirements is by developing open standards for cloud auditing. These standards would support the submission and retrieval of normative audit event data from cloud providers in the form of customized reports and logs that can be dynamically generated for cloud customers using their criteria. Adoption of such open standards by cloud providers’ management platforms would go far to instill greater trust in “cloud hosted applications” and be a significant step forward in fulfilling the promise of an open cloud marketplace.

Visit the CADF Workspace (members-only).

Upcoming Workgroup Deliverables

DMTF Standard Publication Identifier Document Title Target Version Target Release Date
DSP2038 CADF Profile For OpenStack 1.0.0 2014Q3
DSP2039 Syslog Profile of CADF 1.0.0 TBD
DSP2040 XDAS Profile of CADF 1.0.0 TBD

DMTF Specifications

DSP # Version Title Date Comments
DSP0262 1.0.0 Cloud Auditing Data Federation (CADF) - Data Format and Interface Definitions Specification 23 Jun 2014

.pdf file. DMTF Standard

White Papers and Technical Notes

DSP # Version Title Date Comments
DSP2038 1.0.0 Cloud Audit Data Federation - OpenStack Profile (CADF-OpenStack) 17 Sep 2014

.pdf file.  DMTF Informational

Work in Progress Documents

DSP # Version Title Date Comments Expiration Date
DSP2028 1.0.0a Cloud Auditing Data Federation (CADF) Use Case White Paper 27 Jun 2012
DSP0262 1.0.0c Cloud Audit Data Federation (CADF) - Data Format and Interface Definitions Specification 24 Feb 2014

.pdf file.

DSP0262 1.0.0b Cloud Audit Data Federation (CADF) - Data Format and Interface Definitions Specification 8 Jul 2013

.pdf file.

DSP0262 1.0.0a Cloud Auditing Data Federation (CADF) - Data Format and Interface Definitions Specification 17 Oct 2012

.pdf file.

Search for Standards

DMTF Feedback Policy

The DMTF welcomes feedback on our standards, but requires that individuals submitting comments first agree to our DMTF Feedback Policy.

Subscribe to Cloud Announcements List

Subscribe to the Cloud Announcements List to receive updates on news and activity.

 

Contact CADF WG

For questions, please complete our Contact a Working Group form.

Additional CADF Information