Nist Cloud Security Policy

Nist sp 800 145 the nist definition of cloud computing cloud computing saas paas iaas on demand self service reserve pooling rapid elasticity measured service software as a service platform as a service infrastructure as a service created date.

Nist cloud security policy.

Cloud security guidelines and recommendations described in open source literature such as nist or fedramp that address known or theorized cloud security concerns or considerations that have the potential to impact cloud data security. Nist cloud computing program cloud computing is a model for enabling convenient on demand network access to a shared pool of configurable computing resources e g networks servers storage applications and services that can be rapidly provisioned and released with minimal management effort or service provider interaction. The policy can be included as part of the general information security policy for organizations or conversely can be represented by multiple policies reflecting the complex nature of certain organizations. Cloud security guidelines and recommendations found in public private sources such as.

Nist cloud computing public security working group white paper challenging security requirements for us government cloud computing adoption december 2012 c. Security program policies and procedures at the organization level may make the need for system specific policies and procedures unnecessary. Nist cloud computing standards roadmap xi foreword this is the second edition of the nist cloud computing standards roadmap which has been developed by the members of the public nist cloud computing standards roadmap working group. Nist has published special publication sp 800 210 general access control guidance for cloud systems which presents an initial step toward understanding security challenges in cloud systems by analyzing the access control ac considerations in all three cloud service delivery models infrastructure as a service iaas platform as a service paas and software as a service saas.

Cloud computing has been defined by nist as a model for enabling convenient on demand network access to a shared pool of configurable computing resources e g networks servers storage applications and services that can be rapidly provisioned and released with minimal. The nist cloud computing security reference architecture provides a case study that walks readers through steps an agency follows using the cloud adapted risk management framework while deploying a typical application to the cloud migrating existing email calendar and document sharing systems as a unified cloud based messaging system. The nist definition of cloud computing author. Nist computer security division csd keywords.

1 athens greece pp.