Presentation is loading. Please wait.

Presentation is loading. Please wait.

Www.cloudsecurityalliance.org Copyright © 2011 Cloud Security Alliance Trusted Cloud Initiative Work Group Session.

Similar presentations


Presentation on theme: "Www.cloudsecurityalliance.org Copyright © 2011 Cloud Security Alliance Trusted Cloud Initiative Work Group Session."— Presentation transcript:

1 Copyright © 2011 Cloud Security Alliance Trusted Cloud Initiative Work Group Session

2 Copyright © 2011 Cloud Security Alliance

3 Copyright © 2011 Cloud Security Alliance Use CaseDescription End User to CloudApplications running on the cloud and accessed by end users Enterprise to Cloud to End UserApplications running in the public cloud and accessed by employees and customers Enterprise to CloudCloud applications integrated with internal capabilities

4 Copyright © 2011 Cloud Security Alliance Define protections that enable trust in the cloud. Develop cross-platform capabilities and patterns for proprietary and open-source providers. Will facilitate trusted and efficient access, administration and resiliency to the customer/consumer. Provide direction to secure information that is protected by regulations. The Architecture must facilitate proper and efficient governance, identification, authentication, authorization, administration and auditability. Centralize security policy, maintenance operation and oversight functions. Access to information must be secure yet still easy to obtain. Delegate or Federate access control where appropriate. Must be easy to adopt and consume, supporting the design of security patterns. The Architecture must be elastic, flexible and resilient supporting multi-tenant, multi-landlord platforms The Architecture must address and support multiple levels of protection, including network, operating system, and application security needs.

5 Copyright © 2011 Cloud Security Alliance Use the breadth of the Cloud Security Alliance  Adjacent initiatives will be a focus for the TCI mandate  Built upon “pillars” from the Cloud Security Alliance  Provide an end-to-end security specification for cloud security Use the depth of the Cloud Security Alliance membership  Members have credibility from the top of the application to the “bare metal”  GRC and interoperability Enable a vendor neutral reference architecture specification  All vendor products that enable an end-to-end security platform will be used Provide a exemplary reference set of implementations  Global examples so that any country can implement the architecture to their requirements  Show examples of standards and how they can be implemented across products Open source initiative  Where the TCI supports implementation under its direction the implementation is open source Note: The TCI Reference Architecture is not the same as the Cloud Computing Architectural Framework (Domain 1 of the Security Guidance for Critical Areas of Focus in Cloud Computing V2.1)

6 Copyright © 2011 Cloud Security Alliance CSA Controls Matrix

7 Copyright © 2011 Cloud Security Alliance CSA Controls Matrix

8 Copyright © 2011 Cloud Security Alliance

9 Copyright © 2011 Cloud Security Alliance

10 Copyright © 2011 Cloud Security Alliance

11 Copyright © 2011 Cloud Security Alliance Control Mapping Operational Checklists Capability mapping Strategy alignment Use Cases (OSA) Security Patterns Guidelines Vendor Certification Reference Architecture CSA Controls Matrix CSA Consensus Assessment Security Framework and Patterns

12 Copyright © 2011 Cloud Security Alliance


Download ppt "Www.cloudsecurityalliance.org Copyright © 2011 Cloud Security Alliance Trusted Cloud Initiative Work Group Session."

Similar presentations


Ads by Google