OData Cloud Security

There is a ton of interesting innovations going on in the Cloud space – One of the most significant I think is OData, especially where it intersects with Cloud Security.

Originally invented by Microsoft, OData has since been contributed to and become an OASIS open standard, and in this series of posts it is described how and where it intersects with Identity authentication, such as via OAuth.

OASIS are increasingly becoming a force in the Cloud standards world, announcing TOSCA and most recently CAMP, among many others that each provide an individual jigsaw piece of an overall Cloud architecture.

Secure Open Data

For governments looking to adopt Cloud, OData is especially important as it provides a framework for the general regulation of access to any government data, via a number of different access models and from a multitude of data sources.

To date Open Data has mainly been about the legal licences required for data to be used by third parties, like independent software developers, but the data itself could be provided in a fairly rudimentary fashion, like dumped to an excel spreadsheet.

Due to privacy concerns it has also been restricted to non-sensitive information, meaning the scope has been limited and also the level of funding and projects too.

OData is a big evolution in that it`s more about defining open standards for a programmatic API – Based on universal RESTful methods this means access to live data at source, and also to enable Writing as well as Reading.

Combined with Identity controls this means it could provide a complete method for enabling Open Data developers to work with a larger set of more important data sources, those including sensitive personal information et al.

For example one key overlap area with Cloud Computing is where it touches on Archiving and Compliance.

One of the fundamental capabilities that CSPs need to cater for is to enable citizens to self-serve access to their own data records, via FOIA requests (Freedom of Information Act). OData, combined with Cloud security and IM best practices, would provide a solution model for how this could be accomplished, in a highly scalable manner.


Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: