At the RSA Conference today, two industry titans laid out what appear to be competing efforts to build an array of security controls for cloud-based service providers.
Art Coviello, president of RSA, the security division of EMC, and Enrique Salem, president and CEO of Symantec, each delivered keynote addresses at the conference today about future endeavors that sounded quite similar in terms of their goals in cloud-based security.
MORE FROM THE SHOW: Hot products from RSA 2011
Symantec is calling its effort O3, described by Salem as a "layer above the clouds" that could be used by cloud-service providers to gain and provide to their customers security and compliance. The service might include functions such as password single sign-on.
In his keynote Coviello alluded to an effort by RSA and VMware, which is part of EMC, to make use of owned technologies such as the Archer GRC platform to build a software-based framework that cloud-service providers could use to protect software-as-a-service applications. The RSA and VMware teams are calling that effort "Project Horizon."
Coviello also introduced a related concept, "Cloud Trust Authority," that would provide control of identity resources. Neither effort has an announced time to deliver specific products or services.
Symantec also doesn't have a specific timeframe for O3 delivery, Salem said.
"When we acquired the VeriSign security business, we thought it was critical in delivering against this," Salem said during a meeting with press after his keynote. He acknowledged the RSA/VMware effort sounds quite similar to what Symantec is undertaking.
When asked about the importance of the Cloud Security Alliance, the organization trying to bring the industry together for standards-based controls related to visibility, security and governance for cloud-service providers, Salem said Symantec is a "big Believer" in what CSA is doing. "We absolutely will support them."