Hybrid Cloud Security Services Working Group
Introduction to the Hybrid Cloud Security Services Working Group
As businesses are developing rapidly, and IT infrastructures are constantly diversified, a single public / private cloud or a traditional on-premises data center is no longer able to meet service requirements in terms of costs, performance, scalability, security, and compatibility. Users are more likely to choose cloud computing services combining the public cloud, private cloud, and traditional IT infrastructure to support various service requirements. Such cloud computing services can be hybrid clouds. Hybrid clouds include combinations of various clouds, as well as a cloud combined with the traditional IT infrastructure. A widely-used hybrid cloud is a combination of public and private clouds.
Hybrid clouds take advantage of various clouds and traditional IT infrastructures and work systematically to benefit the users based on their service requirements.
However, hybrid clouds pose new security risks, bringing a few challenges on security protection. Issues which need to be considered may include, but are not limited to:
- How to evaluate and implement security controls for hybrid cloud solutions offered by cloud service providers;
- How to cope with the security issues in various service scenarios, including production testing, elastic expansion, and disaster recovery;
- How to deal with the compliance and privacy protection challenges faced by hybrid cloud O&M and operations.
- Hybrid cloud governance;
- Hybrid cloud threat modeling for different threat profiles
This initiative aims to develop a security white paper specifying hybrid cloud security risks and countermeasures, helping users identify and reduce risk. This initiative proposes to provide suggestions on hybrid cloud governance, hybrid cloud threat profiles, and hybrid cloud security evaluation, guiding both users and cloud service providers to choose and provide secure hybrid cloud solutions, and promoting security planning and implementation. This initiative also hopes to provide suggestions on compliance and privacy protection for hybrid cloud O&M and operations, helping both users and cloud service providers meet security supervision requirements.
Download the Hybrid Cloud Security Services Working Group Charter
Hybrid Cloud Security Services Working Group Leadership
Dr. Kai Chen
Dr. Kai Chen is now serving as the Cybersecurity Ecosystem Specialist of Huawei Technologies Co.,Ltd., is responding for Huawei cybersecurity ecosystem development including strategy, policy and partner engagement, etc. He has over 15 years work experience in applied cryptography, information and network security technical research, standard development, policy and regulation fields; published over 20 research papers and delivered speeches in security related conferences and seminars; developed or co-developed over 10 security standards in wireless communication, DRM and trusted computing; led several information security policy and legislation research projects. He co-founded the GCRF(Great China Regional Forum) of TCG(Trusted Computing Group) and served as co-chair of the GCRF from 2008 through 2015 driving the TPM2.0 standard development and industrialization; co-founded the cybersecurity working group in USITO(United State Information Technology Office) and co-chaired the WG from 2007 through 2015 leading the dialogue and collaboration around cybersecurity policy, regulation and standard development in ICT area. Before joint Huawei, he worked for Microsoft, Intel China and Bell Labs Research China, Lucent Technologies. He is the senior member of China Computer Federation and Chinese Association for Cryptologic Research. Kai holds the Bachelor Degree in Management Engineer, Master Degree in Computer Science and Doctor Degree in Cryptography.
Hybrid Cloud Security Services Working Group Initiatives
Please contact Working Group Leadership for more information.