In a very recent post, Craig Balding, founder of cloudsecurity.org, highlights the fact that we are all concern about the security implications derived from the bunch of new and old technologies labelled as Clouds.“The problem is that there are many donkeys, and even more tails. Worse, we’re all trying to stick different tails on the same donkeys”, he claims.Indeed, he proposes security experts to join the A6 group in order to start building a common interface that allows providers to automate the Audit, Assertion, Assessment, and Assurance of their environments and allow authorized consumers of their services to do likewise via an open, extensible and secure API across SaaS, PaaS, and IaaS offerings.We believe this kind of efforts are very valuable and need strong industrial and academic support in order to become something close to a success. Success here does not come in the form of a widely used standard, but in the sense that the Cloud does not really include any disruptive technology to be afraid of with regards to its security. It is the usage we make of the combination of already existent technologies that makes the difference.From this website we will be following the progresses and contributing our two cents for such a needed API to become a reality.
