CSA & ICS 2011 – Related Workshop: Security Parameters in Cloud Service Level Agreements
In this workshop, organized jointly by ENISA, CSA and OASIS, we want to identify, with the help of the audience, good-practices for SLAs that allow customers to manage the security of services, to allow them to address information security risks. It is important to stress that we will focus only on what level of security and resilience gets delivered, rather than on how it is delivered (firewalls, loadbalancers, access control lists, etc).
This workshop is a working session, in which we will agree and draft a set of best practices and/or considerations together with participants.
A preliminary agenda of topics is the following:
- Parameters: We will go over a wide range of security parameters (e.g.reachability, through-put, QoS, e2e availability).
- Measurement: Per security parameter we will discuss if they are suited for inclusion in SLAs, and how they can be measured by the customer, a third party or the vendor.
- SLA building: Looking at different scenarios and business cases, we will take the security parameters and focus on how they can be integrated in different SLAs for different kind of services/custom