Membership
Become a Member
Enterprises
Solution Providers
Startups
Current Members
Solution Providers
Affiliates
Assurance
STAR Program
STAR Levels
View Registry
Submit to Registry
Provide Feedback
GDPR Code of Conduct for STAR
STAR Resources
CAIQ
Cloud Controls Matrix
GDPR Code of Conduct
CAIQ-Lite
CSA-OneTrust VRM Tool
GDPR
Download the Code of Conduct
Submit Code of Conduct to the Registry
Resource Center
Global Consultancy
Become a Consulting Partner
Find a Consulting Service
Certificates & Training
Certificates
CCSK
CCAK
Trainings
CCAK (Coming Soon)
CCSK Lectures
CCSK Lectures + Labs
Advanced Cloud Security Practitioner
Register for Training
For Individuals
For Enterprises
Instructors
Become an Instructor
Training Partners
Become a Training Partner
Webinars
Cloudbytes
Research
GDPR
Events
Americas
APAC
EMEA
Research
What We Do
Research Working Groups
CSA Research Lifecycle
Research Publications
Security Guidance v4
Cloud Controls Matrix (CCM)
IoT Framework
Contribute
Open Peer Reviews
Surveys
Volunteer FAQ
Ron Knode Award
Working Groups
Internet of Things
DevSecOps
Software Defined Perimeter
Blockchain
Cloud Controls Matrix
EMEA Projects
APAC Projects
Community
Circle
Create an Account
Inner Circle Discussion
Job Board Postings
How To Get Started
Blog
Events
Americas
APAC
EMEA
Chapters
Global Chapters
Form a Chapter
About
About CSA
Board
History
CSA Staff
CSA EMEA
Press Releases
News Coverage

Working Group

Cloud Component Specifications

Join Group
Research Home
View Working Groups
Contribute
Download Publications
Home
Research
Working Groups
Cloud Component Specifications

Introduction

From a user perspective, Cloud is a service. However, for Cloud Service Providers, integrators and channel partners who construct or build the Cloud, the Cloud architecture is comprised of many Cloud computing components. Examples of these components are hypervisors, Cloud operating systems components such as “Swift”, “Glance” for OpenStack, virtual desktop infrastructure platforms, cloud dedicated firewalls and so on. How can we evaluate the security of these Cloud components? Currently, most of the security standards related to Cloud Computing focus on the information security management system. However, these standards are insufficient to evaluate cloud component security because they focus on management security rather than the technical security requirements of the components. In order to address this gap, the Cloud Component Specifications working group proposes to develop internationally recognized technical security specifications for cloud components.

Join Group

Artifacts

Cloud OS Security Specification v2.0
Cloud OS Security Specification v2.0

Currently, most of the standards related to cloud computing security focus on information security management sy...

CSA CCM v3.0.1 Addendum - Cloud OS Security Specifications
CSA CCM v3.0.1 Addendum - Cloud OS Security Specifications

This document is an addendum to the

Cloud OS Security Specification
Cloud OS Security Specification

This document builds on the foundation provided by ISO/IEC 17788, ISO/IEC 19941, ISO/IEC 27000,NIST SP 500-2...

Read the Blog

Open Peer Reviews

Artifact reviews allow security professionals from around the world to collaborate on CSA research. Provide your feedback on the following documents in progress.

Learn more

Next Meeting

No Meetings Currently Scheduled

Leadership

Xiaoyu Ge Headshot

Xiaoyu Ge is the Senior Security Standards Manager of Huawei IT Product Line which include cloud computing, big data, storage, and server products and services. He is also active as security expert...

 
Xiaoyu Ge