CSA Logo2 300x115 Cloud Security Alliance and FIDO Team Up On Cloud and Mobile Authentication StandardsPayPal, Nok Nok Labs, Agnitio, Validity Sensors, Lenovo and Infineon Technologies formed a coalition called the Fast Identity Online (FIDO) Alliance to develop a standards-based open approach that automatically detects when a FIDO-enabled device is present and offers users the option to replace passwords with more secure authentication techniques such as biometrics. Google, Microsoft, Salesforce.com, RSA, SafeNet and others later joined the alliance.

For mobile and cloud, FIDO’s open approach provides a fantastic potential and has the ability to solve a lot of the security issues. The Cloud Security Alliance (CSA) identified authentication and the broader issue of identity as one of the critical areas for cloud computing.  With the increasing use of mobile services in the cloud, the authentication security issue is expected to increase in future. CSA identified the need to provide scalable authentication and for that reason it has signed a Memorandum of Understanding with the FIDO Alliance to promote the need for a standards approach to authentication when tackling the needs of large-scale cloud services.

CSA says the last 12 months has seen a shift in the cloud authentication landscape as more and more providers are looking to add additional layers of protection. The security and usability challenges this creates means that a standards-based approach is the only practical direction. The alliance with FIDO Alliance will encourage greater understanding of the requirements of modern authentication systems and to help companies to reduce the burden on their customers. By working together, the CSA and the FIDO Alliance will be able to ensure that these emerging standards meet these needs.

Data theft is one of the great plagues of the Web. Tons of stolen address or characteristics foment distrust of the online shopping. The existing protection methods are usually eventually cracked. A full, open-standards-based solution is an extremely effective way of building a security ecosystem. The authentication method used in FIDO approach is either done completely without password and or through a process in which a password is combined with a dongle that is attached to the unit (U2F, Universal Factor Second Protocol). The authentication process is service-and terminal-specific, but always uses the existing techniques in the mobile device.

Open FIDO specifications will support a full range of authentication technologies, including biometrics such as fingerprint and iris scanners, voice and facial recognition, as well as further enabling existing solutions and communications standards, such as Trusted Platform Modules (TPM), USB Security Tokens, embedded Secure Elements (eSE), Smart Cards, Bluetooth Low Energy (BLE), and Near Field Communication (NFC). The open specifications are being designed to be extensible and to accommodate future innovation, as well as protect existing investments.

Last year, CSA announced a new project called Software Defined Perimeter (SDP) Initiative to develop an architecture that can be created with safe and trust entities between with certain end-to-end networks IP addresses, allowing you to create systems that are extremely resistant to network attacks. In addition, the non-profit organization also updated its “Security Guidance for Critical Areas of Focus in Cloud Computing version 3.0” guidelines that addresses information security risks over the access of, transfer to, and securing of cloud data in the mobile security; supply chain management, transparency and accountability; interoperability and portability; encryption and key management domain.

Hottest IT Skills in 2013 – Cloud, Mobile and BI
In 2012, more than 1.7 million jobs in the field of cloud computing remained unoccupied, according to analysts firm IDC. READ MORE
How Cloud Computing Influences Digital Marketing
Cloud marketing has the ability to drastically change the ways in which they reach and engage their audience, particularly with regard to distributing and storing mission-critical data. READ MORE
Gartner: BYOD to Take Center Stage For Mobile App Use by 2017
More and more companies encourage their employees to work on their devices, thus reducing the cost of computer equipment, but also increase the cost to maintain licenses and safety. READ MORE
Maturity in the Cloud: Start Thinking Like a Grown-Up
Despite the inclination to wait until all of the cloud’s kinks have been worked out, holding off on cloud initiatives until the industry matures won’t guarantee success. READ MORE
PwC: Cloud, SaaS and Mobile Are Changing Software Industry
The software industry is undergoing major changes by trends such as cloud, SaaS, mobile technology and the “consumerization of IT”. READ MORE
10 Cloud Computing Game Changers
Here are the ten most influential cloud computing companies, and the reason why. READ MORE