Abstract

Organizations often struggle to capture the necessary functional capabilities for each cloud-based solution adopted for their information systems. Identifying, defining, selecting, and prioritizing these functional capabilities and the security components that implement and enforce them is surprisingly challenging. This article explains recent developments by the National Institute of Standards and Technology (NIST) in addressing these challenges. The article focuses on the capability oriented methodology for orchestrating a secure cloud ecosystem proposed as part of the NIST Cloud Computing Security Reference Architecture. The methodology recognizes that risk may vary for cloud Actors within a single ecosystem, so it takes a risk-based approach to functional capabilities. The result is an assessment of which cloud Actor is responsible for implementing each security component and how implementation should be prioritized. A cloud Actor, especially a cloud Consumer, that follows the methodology can more easily make well-informed decisions regarding their cloud ecosystems.

Talk to us

Join us for a 30 min session where you can share your feedback and ask us any queries you have

Schedule a call

Similar Papers

Paper Title
Journal
Date
Author
Applying Cyber Risk Management To Medical Device Design
Robert J Caruso ... Melissa Masters
Biomedical Instrumentation & Technology | VOL. 48
Robert J Caruso, et. al.Robert J Caruso ... Melissa Masters
01 Jan 2014
Translating Research Into the Classroom: The NIST Summer Institute for Middle School Science Teachers
Mary B Satterfield ... Toby Ratcliffe
MRS Proceedings | VOL. 1583
Mary B Satterfield, et. al.Mary B Satterfield ... Toby Ratcliffe
01 Jan 2013
TU-B-224-01: Impact of the National Institute of Standards and Technology (NIST) on Radiation Dosimetry in Medical Physics
M Mitch ... M Mcewen
Medical Physics | VOL. 38
M Mitch, et. al.M Mitch ... M Mcewen
01 Jun 2011
Identification and application of security measures for petrochemical industrial control systems
H.M Leith ... John W Piper
Journal of Loss Prevention in the Process Industries | VOL. 26
H.M Leith, et. al.H.M Leith ... John W Piper
23 Oct 2013
View more papers

More From: IEEE Cloud Computing

Paper Title
Journal
Date
Author
THORIN: an Efficient Module for Federated Access and Threat Mitigation in Big Stream Cloud Architectures
Luca Davoli ... Gianluigi Ferrari
IEEE Cloud Computing | VOL. -
Luca Davoli, et. al.Luca Davoli ... Gianluigi Ferrari
01 Jan 2024
TOSCA Solves Big Problems in the Cloud and Beyond!
Paul Lipton ... Matt Rutkowski
IEEE Cloud Computing | VOL. -
Paul Lipton, et. al.Paul Lipton ... Matt Rutkowski
01 Jan 2024
Privacy-Preserving Image Processing in the Cloud
Zhan Qin ... Yong Cui
IEEE Cloud Computing | VOL. -
Zhan Qin, et. al.Zhan Qin ... Yong Cui
01 Jan 2024
A MapReduce-Based Ensemble Learning Method with Multiple Classifier Types and Diversity for Condition-based Maintenance with Concept Drifts
Chun-Cheng Lin ... Tzu-Lei Yeh
IEEE Cloud Computing | VOL. -
Chun-Cheng Lin, et. al.Chun-Cheng Lin ... Tzu-Lei Yeh
01 Jan 2024
View more papers

Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.