Welcome!

Between Cloud, Mobility and the Enterprise is the API Middle Ground

Scott Morrison

Subscribe to Scott Morrison: eMailAlertsEmail Alerts
Get Scott Morrison via: homepageHomepage mobileMobile rssRSS facebookFacebook twitterTwitter linkedinLinkedIn


Top Stories by Scott Morrison

Cloud Security Journal on Ulitzer Two weeks ago, I delivered a webinar about new security models in the cloud with Anne Thomas Manes from Burton Group. Anne had one slide in particular, borrowed from her colleague Dan Blum, which I liked so much I actually re-structured my own material around it. Let me share it with you: This graphic does the finest job I have seen of clearly articulating where the boundaries of control lie under the different models of cloud computing. Cloud, after all, is really about surrendering control: we delegate management of infrastructure, applications, and data to realize the benefits of commoditization. But successful transfer of control implies trust–and trust isn’t something we bestow easily onto external providers. We will only build this trust if we change our approach to managing cloud security. Cloud’s biggest problem isn’t securi... (more)

End-to-End Web Services Security

I recently had a great, freewheeling discussion with Daniel Raskin, Sun’s Chief Identity Strategist. Daniel runs the Identity Buzz podcasts. We talked about issues in identity and entitlement enforcement in SOA, compliance, and the problems you run into as you move into new environments like the cloud. Daniel’s post about our podcast is on his blog. You can download the podcast directly right here.  ... (more)

eBizQ: SOA in This Year and the Next

SOA in the Cloud It’s that time when we look back on one year and forward to the next. Over at the eBizQ forum Peter Schooff asked about SOA’s past and future: What Developments in SOA Are You Most Thankful For This Year? What Do You Think Will be the Biggest Trend or Development for SOA in 2010? ... (more)

Cloud Security Alliance Guidance v2 Released

Security at Cloud Expo Last week, the Cloud Security Alliance (CSA) released its Security Guidance for Critical Areas of Focus in Cloud Computing V2.1. This is a follow-on to first guidance document released only last April, which, gives you a sense of the speed at which cloud technology and techniques are moving. I was one of the contributors to this project. The guidance explores the issues in cloud security from the perspective of 13 different domains: Cloud Architecture Domain 1: Cloud Computing Architectural Framework Governing in the Cloud Domain 2: Governance and Enterpri... (more)

Cloud Security Alliance Identifies Top Cloud Security Threats

Security, Management & Compliance Track at Cloud Expo Register Today and Save $550 ! Explore Sponsorship Opportunities ! Today marks the beginning of RSA conference in San Francisco, and the Cloud Security Alliance (CSA) has been quick out of the gate with the release of its Top Threats to Cloud Computing Report. This peer-reviewed paper characterizes the top seven threats to cloud computing, offering examples and remediation steps. The seven threats identified by the CSA are: Abuse and Nefarious Use of Cloud Computing Insecure Application Programming Interfaces Malicious Insider... (more)