Towards a “Permanent Certified Cloud”: Monitoring Compliance in the Cloud with CTP 3.0
Blog Article Published: 01/29/2013
Cloud services can be monitored for system performance but can they also be monitored for compliance? That’s one of the main questions that the Cloud Trust Protocol aims to address in 2013. Compliance and transparency go hand in hand. The Cloud Trust Protocol (CTP) is designed to allow cloud customers to query cloud providers in real-time about the security level of their service. This is measured by evaluating “security attributes” such as availability, elasticity, confidentiality, location of processing or incident management performance, just to name a few examples. To achieve this, CTP will provide two complementary features:
- First, CTP can be used to automatically retrieve information about the security offering of cloud providers, as typically represented by an SLA.
- Second, CTP is designed as a mechanism to report the current level of security actually measured in the cloud, enabling customers to be alerted about specific security events.