Nist Cloud Security Standards

This is the second edition of the nist cloud computing standards roadmap which has been developed by the members of the public nist cloud computing standards roadmap working group.

Nist cloud security standards.

This cloud model is composed of five essential characteristics three service. Gaithersburg md 20899 8930. Nist cloud computing standards roadmap. Nist is responsible for developing information security standards and guidelines including minimum requirements for federal information systems but such standards and guidelines shall not apply to national security systems without the express approval of appropriate federal officials exercising policy authority over such systems.

The nist definition of cloud computing peter mell timothy grance. Cloud security guidelines and recommendations described in open source literature such as nist or fedramp that address known or theorized cloud security concerns or considerations that have the potential to impact cloud data security. Such identification is not intended to imply recommendation or endorsement by the national institute of standards and technology. Cloud computing is a model for enabling ubiquitous convenient on demand network access to a shared pool of configurable computing resources e g networks servers storage applications and services that can be rapidly provisioned and released with minimal management effort or service provider interaction.

C o m p u t e r s e c u r i t y computer security division information technology laboratory. Certain commercial entities equipment or material may be identified in this document in order to describe a concept adequately. Cloud computing has been defined by nist as a model for enabling convenient on demand network access to a shared pool of configurable computing resources e g networks servers storage applications and services that can be rapidly provisioned and released with minimal. Cloud security guidelines and recommendations found in public private sources such as.

Application container technologies also known as containers are a form of operating system virtualization combined with application software packaging. Nist has published special publication sp 800 210 general access control guidance for cloud systems which presents an initial step toward understanding security challenges in cloud systems by analyzing the access control ac considerations in all three cloud service delivery models infrastructure as a service iaas platform as a service paas and software as a service saas. This publication explains the potential security concerns associated with the use of containers and provides recommendations for addressing these. Nist and describes standards research in support of the nist cloud computing program.

Containers provide a portable reusable and automatable way to package and run applications.