Andreas Krohn from Dopter provided a cool writeup of the Cloud Security panel at infosec over at programmableweb in case people missed it.

Indeed the lesson that stood out most of all is that organisations are used to having close control over the clients for their internal assets but that with many APIs now powering mobile applications and third party access this control is dissipated, requiring new levels of care for user level security. Protocols such as openAuth are key to this shift but their adoption means clear thinking is needed as to who the parties are, where they come from and how to structure access rights.

(Participants in the panel were Travis Spencer from Ping Identity, Steven Willmott from 3Scale, Per Hägerö from Technology Nexus and Andreas Krohn from Dopter. Moderator was David Terrar from Eurocloud UK).