1 / 11

Cloud Computing Standardization Includes Security

2 nd SG 13 Regional Workshop for Africa on “Future Networks: Cloud Computing, Energy Saving, Security & Virtualization” (Tunis, Tunisia, 28 April 2014). Cloud Computing Standardization Includes Security. Ruan HE, Senior Expert, Orange, ruan.he@orange.com Verdana 24. Outline.

avi
Download Presentation

Cloud Computing Standardization Includes Security

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. 2nd SG 13 Regional Workshop for Africa on“Future Networks: Cloud Computing, Energy Saving, Security & Virtualization” (Tunis, Tunisia, 28 April 2014) Cloud Computing Standardization Includes Security Ruan HE, Senior Expert, Orange, ruan.he@orange.com Verdana 24

  2. Outline • 1. Starting Cloud Computing Security in FGCC • 2. First Standard X.1601 • 3. Collaboration ITU-T and ISO/IEC • 4. Other On-going Works in ITU-T

  3. Starting Cloud Computing Security in FGCC • FGCC: Focus Group on Cloud Computing • Objective: to collect and document information and concepts that would be helpful for developing ITU-T Recommendations to support cloud computing services/applications from a telecommunication/ICT perspective • Period: June 2010 – Dec 2011 • Main industrial participants: China Telecom, China Unicom, Cisco, Huawei, KDDI, NTT, Microsoft, Oracle, Orange, ZTE, etc

  4. Starting Cloud Computing Security in FGCC • Release of a Technical Report on seven parts: • Introduction to the cloud ecosystem: definitions, taxonomies, use cases and high-level requirements • Functional requirements and reference architecture • Requirements and framework architecture of cloud infrastructure • Cloud resource management gap analysis • Cloud security • Overview of SDOs involved in cloud computing • Cloud computing benefits from telecommunication and ICT perspectives

  5. First Standard X.1601 • X.1601: Security framework for cloud computing • Period: April 2012 – Jan 2014 • Objective: high-level security framework to guide future standardization works on the security of cloud computing

  6. First Standard X.1601 • Security framework for cloud computing: • Security threats for cloud computing • Security challenges for cloud computing • Cloud computing security capabilities • Framework methodology • Mapping of cloud computing security threats and challenges to security capabilities

  7. Collaboration ITU-T and ISO/IEC • ITU-T X.cc-control | ISO/IEC 27017 common text: the security controls for cloud computing • Title: Information security management – Guidelines on information security controls for the use of cloud computing services based on ISO/IEC 27002 • Progress: 2nd CD April 2014, DIS 2015

  8. Collaboration ITU-T and ISO/IEC • Cloud computing security controls: • cloud sector-specific concepts • information security policies • organization of information security • human resource security • asset management • access control • cryptography • physical and environment security • operations security • communications security • system acquisition, development and maintenance • supplier relationships • information security incident management • information security aspects of business continuity management • compliance

  9. Other On-going Works in ITU-T • X.sfcse: • Security requirements for SaaS application environments • X.goscc: • Requirements of operational security for cloud computing • X.idmcc: • Requirements of IdM in cloud computing

  10. Thank You !!!

  11. References • FGCC Technical Report • http://ifa.itu.int/t/fg/cloud/docs/technical_report/ • X.1601: Security framework for cloud computing • http://www.itu.int/rec/T-REC-X.1601-201401-I/en

More Related