Cloud Security Alliance > Research

Research Arrow to Content

Big Data Logo

Visit the initiative page

Big Data Working Group
Big Data is a working group within the Cloud Security Alliance (CSA) created to identify best practices for security and privacy in big data.
Big Data Taxonomy

Big Data Taxonomy

September 18, 2014

Big Data, Big Concerns, and What the White House Wants to Do about It

Big Data, Big Concerns, and What the White Hou...

May 29, 2014

Comment on Big Data and the Future of Privacy

Comment on Big Data and the Future of Privacy

April 09, 2014

Top Ten Challenges in Cryptography for Big Data

Top Ten Challenges in Cryptography for Big Data

March 18, 2014

Big Data Analytics for Security Intelligence

Big Data Analytics for Security Intelligence

September 24, 2013

Show All Downloads

Cloud Controls Matrix (CCM)

Visit the initiative page

Cloud Controls Matrix (CCM)
Security controls framework for cloud provider and cloud consumers.
AOSSL and CCM Technote

AOSSL and CCM Technote

December 18, 2014

Cloud Controls Matrix v3.0.1 Info Sheet

Cloud Controls Matrix v3.0.1 Info Sheet

July 29, 2014

Cloud Controls Matrix v3.0.1

Cloud Controls Matrix v3.0.1

July 11, 2014

CCM v3.0 Info Sheet

CCM v3.0 Info Sheet

October 07, 2013

Cloud Controls Matrix v3.0

Cloud Controls Matrix v3.0

September 26, 2013

Show All Downloads

Cloud Data Governance

Visit the initiative page

Cloud Data Governance
Responsible for understanding the top requirements and needs of different stakeholders on governing and operating data in the Cloud, and prioritizing and answering the key problems and questions identified by Cloud stakeholders.

Cloud Consumer Advocacy Questionnaire and Information Survey Results (CCAQIS) v1.0

Cloud Consumer Advocacy Questionnaire and Info...

November 16, 2011

CCAQIS Survey v1.2

CCAQIS Survey v1.2

August 01, 2011

Cloud Metrics

Cloud Metrics
Metrics designed for Cloud Controls Matrix and CSA Guidance.
Cloud Vulnerabilities Working Group Logo

Visit the initiative page

Cloud Vulnerabilities Working Group
Conducting research in the area of cloud computing vulnerabilities.
Cloud Computing Vulnerability Incidents: A Statistical Overview

Cloud Computing Vulnerability Incidents: A St...

May 31, 2013

CloudAudit

Visit the initiative page

CloudAudit
The goal of CloudAudit is to provide a common interface and namespace that allows cloud computing providers to automate the Audit, Assertion, Assessment, and Assurance (A6) of their infrastructure (IaaS), platform (PaaS), and application (SaaS) environments and allow authorized consumers of their services to do likewise via an open, extensible and secure interface and methodology.
CloudCERT

Visit the initiative page

CloudCERT
Enhance the capability of the cloud community to prepare for and respond to vulnerabilities, threats, and incidents in order to preserve trust in cloud computing.
CloudCERT Report to CSA Summit 2011

CloudCERT Report to CSA Summit 2011

February 14, 2011

Cloud Trust Protocol

Visit the initiative page

CloudTrust Protocol
The CloudTrust Protocol (CTP) is the mechanism by which cloud service consumers ask for and receive information about the elements of transparency as applied to cloud service providers.
CloudTrust Protocol Information Overview Powerpoint

CloudTrust Protocol Information Overview Power...

September 01, 2011

CloudTrust Protocol Information Overview

CloudTrust Protocol Information Overview

June 01, 2011

A Precis for the CloudTrust Protocol (V2.0)

A Precis for the CloudTrust Protocol (V2.0)

September 01, 2010

Consensus Assessments Initiative

Visit the initiative page

Consensus Assessments Initiative
Research tools and processes to perform consistent measurements of cloud providers.
Consensus Assessments Initiative Questionnaire v3.0.1 Info Sheet

Consensus Assessments Initiative Questionnaire...

July 29, 2014

Consensus Assessments Initiative Questionnaire v3.0.1

Consensus Assessments Initiative Questionnaire...

July 11, 2014

Consensus Assessments Initiative Questionnaire v1.1

Consensus Assessments Initiative Questionnaire...

September 01, 2011

Consensus Assessments Initiative Questionnaire V1.0

Consensus Assessments Initiative Questionnaire...

October 12, 2010

Enterprise Architecture Working Group

Visit the initiative page

Enterprise Architecture Working Group
Secure, interoperable identity in the cloud.

Enterprise Architecture v2.0

Enterprise Architecture v2.0

February 25, 2013

Enterprise Architecture Mapping V1.9

Enterprise Architecture Mapping V1.9

November 09, 2011

Enterprise Architecture Model V1.1

Enterprise Architecture Model V1.1

October 26, 2011

Enterprise Architecture Reference Architecture Quick Guide

Enterprise Architecture Reference Architecture...

October 01, 2011

Health Information Management

Visit the initiative page

Health Information Management
Provide direct influence on how health information service providers deliver secure cloud solutions (services, transport, applications and storage) to their clients, and foster cloud awareness within all aspects of healthcare and related industries.
Incident Management and Forensics Logo

Visit the initiative page

Incident Management and Forensics
Best practices for incident management and forensics in cloud environments.
Mapping the Forensic Standard ISO/IEC 27037 to Cloud Computing

Mapping the Forensic Standard ISO/IEC 27037 to...

June 26, 2013

Incident Management and Forensics Working Group Charter

Incident Management and Forensics Working Grou...

February 13, 2013

Innovation Initiative Logo

Visit the initiative page

Innovation Initiative
The CSA Innovation Initiative is a working group within the Cloud Security Alliance (CSA) created to foster secure innovation in information technology.
Innovation Initiative Overview Powerpoint

Innovation Initiative Overview Powerpoint

February 24, 2012

Innovation Initiative Charter

Innovation Initiative Charter

February 24, 2012

Legal Information Center Logo

Visit the initiative page

CSA Legal Information Center
The CSA Legal Information Center is an expert-led community resource for global legal issues impacting cloud computing. Our mission is to provide unbiased information about the applicability of existing laws and also identify laws that are being impacted by technology trends and may require modification.
Big Data, Big Concerns, and What the White House Wants to Do about It

Big Data, Big Concerns, and What the White Hou...

May 29, 2014

Planning for E-Discovery in the Cloud

Planning for E-Discovery in the Cloud

May 21, 2013

Cloud Computing: What Damages in Case of Outages

Cloud Computing: What Damages in Case of Outages

May 21, 2013

What the Proposed EU Data Protection Regulation Means for Cloud Users

What the Proposed EU Data Protection Regulatio...

February 22, 2013

Article 29 Working Party Cloud Computing Opinion: A Blow to Safe Harbor

Article 29 Working Party Cloud Computing Opini...

February 22, 2013

Show All Downloads

Mobile Working Group Logo

Visit the initiative page

Mobile Working Group
The CSA Mobile working group will be responsible for providing fundamental research to help secure mobile endpoint computing from a cloud-centric vantage point.
Security Guidance for Critical Areas of Mobile Computing

Security Guidance for Critical Areas of Mobile...

November 08, 2012

Mobile Top Threats

Mobile Top Threats

October 04, 2012

Mobile Device Management: Key Components

Mobile Device Management: Key Components

September 20, 2012

Mobile Working Group Charter

Mobile Working Group Charter

February 21, 2012

Open Certification Framework

Visit the initiative page

Open Certification Framework
The CSA Open Certification Framework is an industry initiative to allow global, accredited, trusted certification of cloud providers.
STAR Certification Guidance Document: Auditing the Cloud Controls Matrix (CCM)

STAR Certification Guidance Document: Auditing...

May 16, 2014

Publicizing Your STAR Certification

Publicizing Your STAR Certification

September 03, 2013

Requirements for Bodies Providing STAR Certification

Requirements for Bodies Providing STAR Certifi...

September 03, 2013

OCF Vision Statement

OCF Vision Statement

August 17, 2012

PLA Logo

Visit the initiative page

Privacy Level Agreement Working Group
This working group aims at creating PLA templates that can be a powerful self-regulatory harmonization tool, which is almost impossible to achieve at global level using traditional legislative means. This will provide a clear and effective way to communicate to (potential) customers CSP’s a level of data protection, especially when trans-border data flaw is concerned.
Privacy Level Agreement Europe, v.2

Privacy Level Agreement Europe, v.2

December 04, 2014

Privacy Level Agreement (PLA) Outline Annex

Privacy Level Agreement (PLA) Outline Annex

February 24, 2013

Privacy Level Agreement (PLA) Outline for the Sale of Cloud Services in the European Union

Privacy Level Agreement (PLA) Outline for the ...

February 24, 2013

PLA Initiative Research Sponsorship Outline

PLA Initiative Research Sponsorship Outline

August 27, 2012

Security as a Service

Visit the initiative page

Security as a Service
Research for gaining greater understanding for how to deliver security solutions via cloud models.
Security Guidance for Critical Areas of Focus in Cloud Computing

Visit the initiative page

Security Guidance for Critical Areas of Focus in Cloud Computing
Foundational best practices for securing cloud computing.
Security Guidance for Critical Areas of Focus in Cloud Computing V3.0

Security Guidance for Critical Areas of Focus ...

November 14, 2011

CSA V3 Guideline: Book Excerpts

CSA V3 Guideline: Book Excerpts

July 02, 2011

Cloud Computing for Business

Cloud Computing for Business

March 02, 2011

NIST Guidelines on Security and Privacy in Public Cloud Computing

NIST Guidelines on Security and Privacy in Pub...

January 01, 2011

Security Guidance for Critical Areas of Focus in Cloud Computing V2.0

Security Guidance for Critical Areas of Focus ...

December 02, 2009

Show All Downloads

Software Defined Perimeter

Software Defined Perimeter
SDP Specification v1.0

SDP Specification v1.0

April 30, 2014

SDP Hackathon Whitepaper

SDP Hackathon Whitepaper

April 17, 2014

Software Defined Perimeter

Software Defined Perimeter

December 01, 2013

Solution Provider Advisory Council

Solution Provider Advisory Council
Corporate members providing cloud solutions or cloud security solutions. Responsible for articulating provider point of view.
Solution Provider SME Advisory Council

Solution Provider SME Advisory Council
Corporate members providing cloud solutions or cloud security solutions. Dedicated to Subject Matter Experts within our corporate members.
Telecom Working Group

Visit the initiative page

Telecom Working Group
Provide direct influence on how to deliver secure cloud solutions and foster cloud awareness within all aspects of Telecommunications.
Top Threats to Cloud Computing

Visit the initiative page

Top Threats to Cloud Computing
Provide needed context to assist organizations in making educated risk management decisions regarding their cloud adoption strategies.
The Notorious Nine: Cloud Computing Top Threats in 2013

The Notorious Nine: Cloud Computing Top Threat...

February 24, 2013

Top Threats to Cloud Computing Survey Results Update 2012

Top Threats to Cloud Computing Survey Results ...

November 07, 2012

Virtualization Working Group

Virtualization Working Group
Virtualization provides an important layer of abstraction from physical hardware, enabling the elasticity and resource pooling commonly associated with cloud.
Page Dividing Line
This website uses cookies to improve functionality and performance. If you continue browsing the site, you are giving implied consent to the use of cookies on this website. See our Cookie Policy for details.