login | About | Contact Us  

Cloud Security Alliance (CSA)


The Cloud Security Alliance is a non-profit organization formed to promote the use of best practices for providing security assurance within Cloud Computing, and provide education on the uses of Cloud Computing to help secure all other forms of computing.

The Cloud Security Alliance is comprised of many subject matter experts from a wide variety disciplines, united in their objective:
  • Promote a common level of understanding between the consumers and providers of cloud computing regarding the necessary security requirements and attestation of assurance.
  • Promote independent research into best practices for cloud computing security.
  • Launch awareness campaigns and educational programs on the appropriate uses of cloud computing and cloud security solutions
  • Create consensus lists of issues and guidance for cloud security assurance.


  •   Contributors  
  •   Research  
  •   Resources  
Contributors

Research Projects
Cloud Standards Coordination Overview and Contributing Organizations
Cloud-standards.org is a Wiki site for Cloud Standards Coordination. The goal of the wiki is to document the activities of the various SDOs working on Cloud Standards. Cloud-standards.org is an initiative for editing and sharing a general cloud computing standardization positioning, in which more relevant cloud standardization initiatives can be seen and related. The first informal proposal of the positioning can be seen at cloud standards positioning.

Resources
Paper: Domain 10: Guidance for Application Security V2.1 PDF
September 22 2010

Picking up from the latest Cloud Security Alliance papers, Domain 10: Guidance for Application Security V2.1 explores some of the challenges that organizations have encountered with application security for cloud computing. Domain 10 provides an upfront analysis, covering the traditional aspects of managing information confidentiality, integrity and availability, as it is central to documenting the classification of data handled by the application and will influence many of the design decisions. It also elaborates on situations for existing applications that are migrated to the cloud, as it can serve as an opportunity to address outstanding fundamental problems that have been overlooked or underrepresented during their development.


Paper: Top Threats to Cloud Computing PDF
March 23 2010

The purpose of this document is to provide needed context to assist organizations in making educated risk management decisions regarding their cloud adoption strategies. In essence, this threat research document should be seen as a companion to "Security Guidance for Critical Areas in Cloud Computing". As the first deliverable in the CSA's Cloud Threat Initiative, this document will be updated regularly to reflect expert consensus on the probable threats which customers should be concerned about.


Paper: Security Guidance for Critical Areas of Focus in Cloud Computing v2 PDF
December 19 2009

The Cloud Security Alliance's initial report, outlining areas of concern and guidance for organizations adopting cloud computing. The intention is to provide security practitioners with a comprehensive roadmap for being proactive in developing positive and secure relationships with cloud providers. Much of this guidance is also quite relevant to the cloud provider to improve the quality and security of their service offerings. As with any initial foray, there will certainly be guidance that we could improve upon. We will quite likely modify the number of domains and change the focus of some areas of concern. We seek your help to improve this guidance to make version 2.0 of this document an even better asset to the security practitioner and cloud provider. We will be kicking off numerous online activities and in-person regional events to share our findings and connect with experts to increase our knowledge base.


Presentation: Cloud Security
September 21 2009

Cloud Security


Copyright © 2013 cloudbook: The Cloud Computing & SaaS Information Resource. All Rights Reserved.