Circle
Events
Blog

Working Group

Cloud Component Specifications

In order to address the gap in industry best practices for cloud components this working group proposes to develop internationally recognized technical security specifications for cloud components.
Sign-Up
Cloud OS Security Specification v2.0
Cloud OS Security Specification v2.0

Download

Cloud Component Specifications
Working Group Overview

In order to address the gap in industry best practices for cloud components, this working group proposes to develop internationally recognized technical security specifications for cloud components.


Drafts & Important Docs


Working Group Leadership

Xiaoyu Ge Headshot
Xiaoyu Ge

Xiaoyu Ge

Senior Security Standards Manager of Huawei IT

Xiaoyu Ge is the Senior Security Standards Manager of Huawei IT Product Line which include cloud computing, big data, storage, and server products and services. He is also active as security expert in SDOs, He is the ISO/IEC JTC1 SC27 WG expert of China Nation Body, he is the rapporteur of several SC27 project such as “Requirements for establishing roots of trust for virtualized environment”. He participated in CSA several years ago, he is ...

Read more

Publications in ReviewOpen Until
The Six Pillars of DevSecOps - Pragmatic ImplementationOct 10, 2022
Security Guidance for Critical Areas of Focus in Cloud Computing v5 - OutlineDec 07, 2022
View all
Who can join?

Anyone can join a working group, whether you have years of experience or want to just participate as a fly on the wall.

What is the time commitment?

The time commitment for this group varies depending on the project. You can spend a 15 minutes helping review a publication that's nearly finished or help author a publication from start to finish.

Open Peer Reviews

Peer reviews allow security professionals from around the world to provide feedback on CSA research before it is published.

Learn how to participate in a peer review here.

The Six Pillars of DevSecOps - Pragmatic Implementation

Open Until: 10/10/2022

This document provides a high-level overview of the various tools and processes that should be considered when building out...

Security Guidance for Critical Areas of Focus in Cloud Computing v5 - Outline

Open Until: 12/07/2022

The proposed outline for the Cloud Security Alliance Security Guidance for Critical Areas of Focus in Cloud Computing v5 is...