Research

Big Data Logo

Visit the initiative page

Big Data Working Group
Big Data is a working group within the Cloud Security Alliance (CSA) created to identify best practices for security and privacy in big data.

  • Big Data Taxonomy

    Big Data Taxonomy

    September 18, 2014

  • Big Data, Big Concerns, and What the White House Wants to Do about It

    Big Data, Big Concerns, and What the White Hou...

    May 29, 2014

  • Comment on Big Data and the Future of Privacy

    Comment on Big Data and the Future of Privacy

    April 09, 2014

  • Top Ten Challenges in Cryptography for Big Data

    Top Ten Challenges in Cryptography for Big Data

    March 18, 2014

  • Big Data Analytics for Security Intelligence

    Big Data Analytics for Security Intelligence

    September 24, 2013

  • Show All Downloads

    Cloud Controls Matrix (CCM)

    Visit the initiative page

    Cloud Controls Matrix (CCM)
    Security controls framework for cloud provider and cloud consumers.

  • AOSSL and CCM Technote

    AOSSL and CCM Technote

    December 18, 2014

  • Cloud Controls Matrix v3.0.1 Info Sheet

    Cloud Controls Matrix v3.0.1 Info Sheet

    July 29, 2014

  • Cloud Controls Matrix v3.0.1

    Cloud Controls Matrix v3.0.1

    July 11, 2014

  • CCM v3.0 Info Sheet

    CCM v3.0 Info Sheet

    October 07, 2013

  • Cloud Controls Matrix v3.0

    Cloud Controls Matrix v3.0

    September 26, 2013

  • Show All Downloads

    Cloud Data Governance

    Visit the initiative page

    Cloud Data Governance
    Responsible for understanding the top requirements and needs of different stakeholders on governing and operating data in the Cloud, and prioritizing and answering the key problems and questions identified by Cloud stakeholders.

  • Cloud Consumer Advocacy Questionnaire and Information Survey Results (CCAQIS) v1.0

    Cloud Consumer Advocacy Questionnaire and Info...

    November 16, 2011

  • CCAQIS Survey v1.2

    CCAQIS Survey v1.2

    August 01, 2011

  • Cloud Metrics

    Cloud Metrics
    Metrics designed for Cloud Controls Matrix and CSA Guidance.

    Cloud Vulnerabilities Working Group Logo

    Visit the initiative page

    Cloud Vulnerabilities Working Group
    Conducting research in the area of cloud computing vulnerabilities.

  • Cloud Computing Vulnerability Incidents:  A Statistical Overview

    Cloud Computing Vulnerability Incidents: A St...

    May 31, 2013

  • CloudAudit

    Visit the initiative page

    CloudAudit
    The goal of CloudAudit is to provide a common interface and namespace that allows cloud computing providers to automate the Audit, Assertion, Assessment, and Assurance (A6) of their infrastructure (IaaS), platform (PaaS), and application (SaaS) environments and allow authorized consumers of their services to do likewise via an open, extensible and secure interface and methodology.

    CloudCERT

    Visit the initiative page

    CloudCERT
    Enhance the capability of the cloud community to prepare for and respond to vulnerabilities, threats, and incidents in order to preserve trust in cloud computing.

  • CloudCERT Report to CSA Summit 2011

    CloudCERT Report to CSA Summit 2011

    February 14, 2011

  • Cloud Trust Protocol

    Visit the initiative page

    CloudTrust Protocol
    The CloudTrust Protocol (CTP) is the mechanism by which cloud service consumers ask for and receive information about the elements of transparency as applied to cloud service providers.

  • CloudTrust Protocol Information Overview Powerpoint

    CloudTrust Protocol Information Overview Power...

    September 01, 2011

  • CloudTrust Protocol Information Overview

    CloudTrust Protocol Information Overview

    June 01, 2011

  • A Precis for the CloudTrust Protocol (V2.0)

    A Precis for the CloudTrust Protocol (V2.0)

    September 01, 2010

  • Consensus Assessments Initiative

    Visit the initiative page

    Consensus Assessments Initiative
    Research tools and processes to perform consistent measurements of cloud providers.

  • Consensus Assessments Initiative Questionnaire v3.0.1 Info Sheet

    Consensus Assessments Initiative Questionnaire...

    July 29, 2014

  • Consensus Assessments Initiative Questionnaire v3.0.1

    Consensus Assessments Initiative Questionnaire...

    July 11, 2014

  • Consensus Assessments Initiative Questionnaire v1.1

    Consensus Assessments Initiative Questionnaire...

    September 01, 2011

  • Consensus Assessments Initiative Questionnaire V1.0

    Consensus Assessments Initiative Questionnaire...

    October 12, 2010

  • Enterprise Architecture Working Group

    Visit the initiative page

    Enterprise Architecture Working Group
    Secure, interoperable identity in the cloud.

  • Enterprise Architecture v2.0

    Enterprise Architecture v2.0

    February 25, 2013

  • Enterprise Architecture Mapping V1.9

    Enterprise Architecture Mapping V1.9

    November 09, 2011

  • Enterprise Architecture Model V1.1

    Enterprise Architecture Model V1.1

    October 26, 2011

  • Enterprise Architecture Reference Architecture Quick Guide

    Enterprise Architecture Reference Architecture...

    October 01, 2011

  • Financial Services Working Group

    Visit the initiative page

    Financial Services Working Group
    Best Practices for Securing Cloud Services in Finance & Banking

  • Cloud Adoption In The Financial Services Sector Survey

    Cloud Adoption In The Financial Services Secto...

    March 05, 2015

  • Health Information Management

    Visit the initiative page

    Health Information Management
    Provide direct influence on how health information service providers deliver secure cloud solutions (services, transport, applications and storage) to their clients, and foster cloud awareness within all aspects of healthcare and related industries.

    Incident Management and Forensics Logo

    Visit the initiative page

    Incident Management and Forensics
    Best practices for incident management and forensics in cloud environments.

  • Mapping the Forensic Standard ISO/IEC 27037 to Cloud Computing

    Mapping the Forensic Standard ISO/IEC 27037 to...

    June 26, 2013

  • Incident Management and Forensics Working Group Charter

    Incident Management and Forensics Working Grou...

    February 13, 2013

  • Innovation Initiative Logo

    Visit the initiative page

    Innovation Initiative
    The CSA Innovation Initiative is a working group within the Cloud Security Alliance (CSA) created to foster secure innovation in information technology.

  • Innovation Initiative Overview Powerpoint

    Innovation Initiative Overview Powerpoint

    February 24, 2012

  • Innovation Initiative Charter

    Innovation Initiative Charter

    February 24, 2012

  • Legal Information Center Logo

    Visit the initiative page

    CSA Legal Information Center
    The CSA Legal Information Center is an expert-led community resource for global legal issues impacting cloud computing. Our mission is to provide unbiased information about the applicability of existing laws and also identify laws that are being impacted by technology trends and may require modification.

  • Big Data, Big Concerns, and What the White House Wants to Do about It

    Big Data, Big Concerns, and What the White Hou...

    May 29, 2014

  • Planning for E-Discovery in the Cloud

    Planning for E-Discovery in the Cloud

    May 21, 2013

  • Cloud Computing: What Damages in Case of Outages

    Cloud Computing: What Damages in Case of Outages

    May 21, 2013

  • What the Proposed EU Data Protection Regulation Means for Cloud Users

    What the Proposed EU Data Protection Regulatio...

    February 22, 2013

  • Article 29 Working Party Cloud Computing Opinion: A Blow to Safe Harbor

    Article 29 Working Party Cloud Computing Opini...

    February 22, 2013

  • Show All Downloads

    Mobile Working Group Logo

    Visit the initiative page

    Mobile Working Group
    The CSA Mobile working group will be responsible for providing fundamental research to help secure mobile endpoint computing from a cloud-centric vantage point.

  • Security Guidance for Critical Areas of Mobile Computing

    Security Guidance for Critical Areas of Mobile...

    November 08, 2012

  • Mobile Top Threats

    Mobile Top Threats

    October 04, 2012

  • Mobile Device Management: Key Components

    Mobile Device Management: Key Components

    September 20, 2012

  • Mobile Working Group Charter

    Mobile Working Group Charter

    February 21, 2012

  • Open Certification Framework

    Visit the initiative page

    Open Certification Framework
    The CSA Open Certification Framework is an industry initiative to allow global, accredited, trusted certification of cloud providers.

  • STAR Certification Guidance Document: Auditing the Cloud Controls Matrix (CCM)

    STAR Certification Guidance Document: Auditing...

    May 16, 2014

  • Publicizing Your STAR Certification

    Publicizing Your STAR Certification

    September 03, 2013

  • Requirements for Bodies Providing STAR Certification

    Requirements for Bodies Providing STAR Certifi...

    September 03, 2013

  • OCF Vision Statement

    OCF Vision Statement

    August 17, 2012

  • PLA Logo

    Visit the initiative page

    Privacy Level Agreement Working Group
    This working group aims at creating PLA templates that can be a powerful self-regulatory harmonization tool, which is almost impossible to achieve at global level using traditional legislative means. This will provide a clear and effective way to communicate to (potential) customers CSP’s a level of data protection, especially when trans-border data flaw is concerned.

  • Privacy Level Agreement – Version 2

    Privacy Level Agreement – Version 2

    June 02, 2015

  • Privacy Level Agreement (PLA) Outline Annex

    Privacy Level Agreement (PLA) Outline Annex

    February 24, 2013

  • Privacy Level Agreement (PLA) Outline for the Sale of Cloud Services in the European Union

    Privacy Level Agreement (PLA) Outline for the ...

    February 24, 2013

  • PLA Initiative Research Sponsorship Outline

    PLA Initiative Research Sponsorship Outline

    August 27, 2012

  • QSS

    Visit the initiative page

    Quantum-Safe Security Working Group
    Stimulate the adoption and application of quantum-safe cryptography.

  • What is Quantum Safe Security

    What is Quantum Safe Security

    May 19, 2015

  • Quantum-Safe Security Working Group Charter

    Quantum-Safe Security Working Group Charter

    December 12, 2014

  • Security as a Service

    Visit the initiative page

    Security as a Service
    Research for gaining greater understanding for how to deliver security solutions via cloud models.

    Security Guidance for Critical Areas of Focus in Cloud Computing

    Visit the initiative page

    Security Guidance for Critical Areas of Focus in Cloud Computing
    Foundational best practices for securing cloud computing.

  • FedRAMP Cloud Controls Matrix v3.0.1 Candidate Mapping

    FedRAMP Cloud Controls Matrix v3.0.1 Candidate...

    May 05, 2015

  • New Security Guidance for Early Adopters of the IoT

    New Security Guidance for Early Adopters of th...

    April 20, 2015

  • Security Guidance for Critical Areas of Focus in Cloud Computing V3.0

    Security Guidance for Critical Areas of Focus ...

    November 14, 2011

  • CSA V3 Guideline: Book Excerpts

    CSA V3 Guideline: Book Excerpts

    July 02, 2011

  • Cloud Computing for Business

    Cloud Computing for Business

    March 02, 2011

  • Show All Downloads

    Software Defined Perimeter

    Software Defined Perimeter

  • SDP Specification v1.0

    SDP Specification v1.0

    April 30, 2014

  • SDP Hackathon Whitepaper

    SDP Hackathon Whitepaper

    April 17, 2014

  • Software Defined Perimeter

    Software Defined Perimeter

    December 01, 2013

  • Solution Provider Advisory Council

    Solution Provider Advisory Council
    Corporate members providing cloud solutions or cloud security solutions. Responsible for articulating provider point of view.

    Solution Provider SME Advisory Council

    Solution Provider SME Advisory Council
    Corporate members providing cloud solutions or cloud security solutions. Dedicated to Subject Matter Experts within our corporate members.

    Telecom Working Group

    Visit the initiative page

    Telecom Working Group
    Provide direct influence on how to deliver secure cloud solutions and foster cloud awareness within all aspects of Telecommunications.

    Top Threats to Cloud Computing

    Visit the initiative page

    Top Threats to Cloud Computing
    Provide needed context to assist organizations in making educated risk management decisions regarding their cloud adoption strategies.

  • The Notorious Nine: Cloud Computing Top Threats in 2013

    The Notorious Nine: Cloud Computing Top Threat...

    February 24, 2013

  • Top Threats to Cloud Computing Survey Results Update 2012

    Top Threats to Cloud Computing Survey Results ...

    November 07, 2012

  • Virtualization Working Group

    Virtualization Working Group
    Virtualization provides an important layer of abstraction from physical hardware, enabling the elasticity and resource pooling commonly associated with cloud.