draft-prodrigues-extar-01
draft-prodrigues-extar-01
Document | Type |
Expired Internet-Draft
(individual)
Expired & archived
|
|
---|---|---|---|
Author | Patricia Rodrigues | ||
Last updated | 2024-01-11 (Latest revision 2023-07-10) | ||
RFC stream | (None) | ||
Intended RFC status | (None) | ||
Formats | |||
Stream | Stream state | (No stream defined) | |
Consensus boilerplate | Unknown | ||
RFC Editor Note | (None) | ||
IESG | IESG state | Expired | |
Telechat date | (None) | ||
Responsible AD | (None) | ||
Send notices to | (None) |
This Internet-Draft is no longer active. A copy of the expired Internet-Draft is available in these formats:
Abstract
The shift to multi-cloud environments brought data leakage prevention challenges for organisations. The current Cross-Tenant Access Restriction (XTAR) mechanisms do not cover critical scenarios where users can connect to multiple tenants (organisational and personal), facilitating data exfiltration. The goal, similar to previously proposed, reviewed and accepted protocols that have been published as RFC standards and are now widely adopted, is to help organisations keep their data under control when using one or more Cloud Service Providers (CSPs). This can be done by incentivising CSPs to adopt the proposed protocol, Extended-Cross-Tenant Access Restriction (E-XTAR), consisting of a globally readable header specifying the allowed <CSP, tenantID> combinations allowed by the home organisation. The work gathers scenarios contributing to the importance of a cloud-agnostic, universally embraced protocol.
Authors
(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid.)