CloudSecurity.txt

1. ISO/IEC 17789:2014, Information technology -- Cloud computing -- Reference architecture. This standard defines cloud computing roles, activities and functional components, as well as how they interact.
2. ISO/IEC 17826:2016, Information technology -- Cloud data management interface. As mentioned above, this standard pertains to systems developers implementing and using cloud storage.
3. ISO/IEC 18384:2016, Information technology -- Reference architecture for service oriented architecture (SOA). This standard defines the vocabulary, guidelines and general technical principles underlying SOA, which are often deployed in cloud platforms.
4. ISO/IEC 19086-1:2016, Information technology -- Cloud computing -- Service level agreement (SLA) framework. This standard provides the framework for preparing SLAs for cloud services.
5. ISO/IEC 19941:2017, Information technology -- Cloud computing -- Interoperability and portability. This standard specifies the interoperability and portability aspects of cloud computing.
6. ISO/IEC 19944-1:2020, Cloud computing and distributed platforms -- Data flow, data categories and data use. This standard describes how data moves among cloud service vendors and users of cloud services.
7. ISO/IEC Technical Report 22678:2019, Information technology -- Cloud computing -- Guidance for policy development. This standard provides guidance for developing cloud-focused policies.
8. ISO/IEC Technical Specification 23167:2020, Information technology -- Cloud computing -- Common technologies and techniques. This standard describes technologies and techniques used in cloud computing, including VMs, hypervisors and containers.
9. ISO/IEC 27017:2015, Information technology -- Security techniques -- Code of practice for information security controls based on ISO/IEC 27002 for cloud services. This document provides guidance on the infosec aspects of cloud computing and cloud-specific infosec controls.
10. ISO/IEC 27018:2019, Information technology -- Security techniques -- Code of practice for protection of personally identifiable information (PII) in public clouds acting as PII processors. This document specifies guidelines based on ISO/IEC 27002, focusing on the protection of PII in public cloud environments.
11.  
12. #SPICE ISO 15504
13.  
14. NIST SP 500-291 (2011), NIST cloud computing standards roadmap. This provides a compilation of available standards on cloud computing and examines standards priorities and where gaps in the standards exist.
15. NIST SP 500-293 (2011), U.S. government cloud computing technology roadmap. This provides a detailed framework and structure for cloud computing infrastructures. While designed for government applications, it can also be used in the private sector.
16. NIST SP 800-144 (2011), Guidelines on security and privacy in public cloud computing. This standard provides guidance and recommendations for implementing a secure environment in public cloud services.
17. NIST SP 800-145 (2011), The NIST definition of cloud computing. This standard describes important aspects of cloud computing and serves as a benchmark for comparing cloud services and deployment strategies. It also provides a foundation for discussions on cloud computing and how to use it.
18.  
19.