Defined Categories of Service 2011 - Cloud Security Alliance

More documents

Recommendations

Info

Foreword CLOUD SECURITY ALLIANCE SecaaS | DEFINED CATEGORIES OF SERVICE 2011 Welcome to the Cloud Security Alliance’s “Security as a Service,” Version 1.0. This is one of many research deliverables CSA will release in 2011. There is currently a lot of work regarding the security of the cloud and data in the cloud, but until now there has been limited research into the provision of security services in an elastic cloud model that scales as the client requirements change. This paper is the initial output from research into how security can be provided as a service (SecaaS). Also, we encourage you to download and review our flagship research, “Security Guidance for Critical Areas of Focus in Cloud Computing,” which you can download at: http://www.cloudsecurityalliance.org/guidance Best Regards, Jerry Archer Alan Boehme Dave Cullinane Nils Puhlmann Paul Kurtz Jim Reavis The Cloud Security Alliance Board of Directors Copyright © 2011 Cloud Security Alliance 4
Acknowledgments Co-chairs Kevin Fielder: GE, Cameron Smith: Zscaler Working Group Leaders CLOUD SECURITY ALLIANCE SecaaS | DEFINED CATEGORIES OF SERVICE 2011 Runa Desai Delal: Agama Consulting, Ulrich Lang: ObjectSecurity, Atul Shah: Microsoft, Aaron Bryson: Cisco, Mark Hahn: TCB Technologies, Wolfgang Kandek: Qualys, John Hearton: Secure Mission Solutions, Justin Foster: Trend Micro, Ben Chung: HP, Jens Laundrup: Emagined Security, Geoff Webb: Credant Technologies, Kevin Fielder: GE, Cameron Smith: Zscaler, Ken Owens: Savvis Steering Committee Scott Chasin: McAfee, Kevin Fielder: GE Global, Patrick Harding: Ping Indentity, John Hearton: Secure Mission Solutions, Bernd Jager: Colt, Joe Knape: AT&T, Marlin Pohlman: EMC, Jim Reavis: Cloud Security Alliance, Archie Reed: HP, J.R. Santos: Cloud Security Alliance, Cameron Smith: Zscaler, Michael Sutton: Zscaler, Brian Todd: ING SecaaS Members Lenin Aboagye: Apollo Group Inc., Ravikanth Anisingaraju: Nexus Informatics, Dave Asprey: Trend Micro, Karim Benzidane, Aaron Bryson: Cisco, Ben Chung: HP, Joel Cort: Xerox, Ricardo Costa: ESTG, Runa Desai Dalal: Agama Consulting, Jeff Finch: Interoute, Justin Foster: Trend Micro, Matthew Gardiner: CA Technologies, Suptrotik Ghose: Microsoft, Mark Hahn: TCB Technologies, Jeff Huegel: AT&T, Wolfgank Kandek: Qualys, Tuhin Kumar, Vijay Kumar Teki: HCL Technologies, Taiye Lambo: eFortresses, Jens Laundrup: Emagined Security, David Lingenfelter: Fiberlink, Drew Maness: Technicolor, Ken Owens: Savvis, Naynesh Patel: Simeio Solutions, Mike Qu, Kanchanna Ramasamy Balraj, Atul Shah: Microsoft, Said Tabet: EMC, Hassan Takabi: University of Pittsburgh, Danielito Vizcayno: E*Trade, Geoff Webb: Credant Technologies, Arnold Webster: EC-Council University, Nick Yoo: McKesson Corp. Contributors Jim Beadel: AT&T, Cheng-Yin Lee: CSA, Jie Wang: Converging Stream Technologies, Inc, Kapil Assudani: HCSC, Valmiki Mukherjee: (ISC)2, JP Morgenthal: Smartronix Cloud Security Alliance DC Chapter, Vladimir Jirasek: Nokia, Amol Godbole: Cisco Systems, Tuhin Kumar: Oracle Corp., Martin Lee: Symantec.cloud, Andrey Dulkin: Cyber-Ark Software, John Hearton: Secure Mission Solutions, Nandakumar: Novell, Bernd Jaeger: Colt Technology Services, Tyson Macaulay: Bell Canada, Lenin Aboagye: Apollo Group, David Treece: Edgile, Benzidane Karim: NTIQual, Atul Shah: Microsoft, Mark Hahn: TCB Technologies, Inc., Bradley Anstis: M86 Security, JD Hascup: Weyerhaeuser, Balaji Ramamoorthy: TCG, Hassan Takabi: University of Pittsburgh, Henry St. Andre: inContact, Faud Khan: TwelveDot, Inc., MS Prasad: Rediffmail, Gaurav Godhwani: Student, Ang Puay Young, Singapore Ministry of Health Holdings, Ted Skinner, Harris Corporation Copyright © 2011 Cloud Security Alliance 5
Page 1 and 2: Defined Categories of Service 2011
Page 3: Table of Contents CLOUD SECURITY AL
Page 7 and 8: Executive Summary CLOUD SECURITY AL
Page 9 and 10: Continued from the previous page…
Page 27: Continued from the previous page…

Defined Categories of Service 2011 - Cloud Security Alliance

Create successful ePaper yourself

Delete template?

Save as template?