Working Group

Cloud Component Specifications

Join Group
Cloud Component Specifications


From a user perspective, Cloud is a service. However, for Cloud Service Providers, integrators and channel partners who construct or build the Cloud, the Cloud architecture is comprised of many Cloud computing components. Examples of these components are hypervisors, Cloud operating systems components such as “Swift”, “Glance” for OpenStack, virtual desktop infrastructure platforms, cloud dedicated firewalls and so on. How can we evaluate the security of these Cloud components? Currently, most of the security standards related to Cloud Computing focus on the information security management system. However, these standards are insufficient to evaluate cloud component security because they focus on management security rather than the technical security requirements of the components. In order to address this gap, the Cloud Component Specifications working group proposes to develop internationally recognized technical security specifications for cloud components.


CSA CCM v3.0.1 Addendum - Cloud OS Security Specifications

Release Date: 01/29/2020

This document is an addendum to the CCM V3.0....

Cloud OS Security Specification

Release Date: 05/07/2019

This document builds on the foundation provided by ISO/IEC 17788, ISO/IEC 19941, ISO/IEC 27000, NIST SP 500-299, and NIST SP 800-144 in the context of cloud...

Cloud OS Security Specification

Open Peer Reviews

Artifact reviews allow security professionals from around the world to collaborate on CSA research. Provide your feedback on the following documents in progress.

Next Meeting

No Meetings Currently Scheduled


Xiaoyu Ge Headshot
Xiaoyu Ge