Report from Breakout Session 1.2

Secure Consumerization: the Genuine Trustworthiness Revolution

Chair: Craig LeeRapporteur: Paolo Mazzetti

Programme

• Robert Bohn: «NIST Cloud Federation and Cyberspace Identity Efforts»

• Daniel S. Katz: «Social Cloud: Facilitating “Trustworthy” Compute & Data Resource Sharing»

• Craig Lee: «Managing Disaster Response through On-Demand Resource Federation»

• Discussion

Federated clouds

• Many cloud infrastructure available now and even more in the future: how can we seamlessly access them?• functionality, resources, and capabilities from one system is made available to

another

• Two main issues:• Technical interoperability

• Several approaches: central authority, common APIs• Mistrust

• Delegation of Trust

Cloud of clouds

Federation management

• Federation management needed to be generalized to manage any type of service endpoint (including cloud infrastructure services)

• A Virtual Organization Management System:• Maintains member identity attributes and authorization attributes• Enables resource (service) discovery• Enables validation of VO member authorization credentials on service

invocation

Trust aspects

• In a Virtual Organization approach:• trust relationships and common semantic

understandings should be established ahead of need: roles, attributes, name space, governance agreements• The right set of trustmarks captures the

full set of trust and interoperability requirements for any monolithic trust framework

Social clouds

• “Social Clouds are a scalable, dynamic and user-centric resource sharing framework in which computational resources, services and information are shared amongst members on the premise of the relationships encoded in a social network.”

Social clouds

• Main characteristics:• Edge Devices (Set Top Box, Media

Centres, Home PCs), not Data Centers• Level of trust inferred from social

networks• Social platforms enable incentives and

market• Tested on a content distribution use case

(involving national labs as participants)

Main points

• Different cloud federation models exists; they have a solid base of standard specifications, technological solutions, demonstrations• Different approaches are appropriate in different application

scenarios• The organizational, regulatory, legal, political issues surrounding

federation can be far more difficult than the technical issues• Top-down (Virtual Organization) vs. bottom-up (Web of Trust from

social networks) models proposed for trust management

Discussion

• Next GEOSS will live in a world of clouds, and it will need to interact with clouds, so cloud federation will be an issue• Is the social cloud model applicable to GEOSS?• Content distribution use case• Maybe in relationship with Citizen Science? And is the social cloud incentives

approach applicable to engage citizens? (see other breakout sessions)• Could SBAs and CoPs use social cloud approach for sharing resources in a

trusted environment?

• Could the Web of Trust model of social clouds be related to (users’ provided) quality information?

Conclusions

• Participants found a general agreement that many topics would worth an investigation.

• Communities of Practice could be the right entry point to start experimenting with cloud federation and different trust models• GEO Architecture Implementation Pilots are an opportunity for

conducting these experiments in the GEOSS context.