|
Work item:
|
X.sg-tc
|
|
Subject/title:
|
Security guidelines of trusted cloud services
|
|
Status:
|
Under study
|
|
Approval process:
|
TAP
|
|
Type of work item:
|
Recommendation
|
|
Version:
|
New
|
|
Equivalent number:
|
-
|
|
Timing:
|
2025-09 (Medium priority)
|
|
Liaison:
|
-
|
|
Supporting members:
|
Alibaba China Co., Ltd., China Telecom, China Unicom
|
|
Summary:
|
1. For trusted cloud services, previous Recommendations have proposed multiple times about its general overview and requirements, which prove the importance of trusted cloud. However, previous Recommendations did not involve the contents of security guidelines.
2. Many of the security threats can be mitigated with the application of security processes and mechanisms. However, existing security processes and mechanisms are insufficient for some scenarios.
There are corresponding trusted security mechanisms at the software and hardware levels of the platform for protection. Besides, the trusted cloud services will provide entity-based security protection mechanisms and establishes corresponding security services for various computing terminals, service applications, communication networks, and other entities.
Compared to general cloud services, trusted cloud services will achieve higher security requirements, such as enhanced trustworthiness of identity authentication, trusted exchange and sharing of information and data, etc. And to conduct much stricter security checks on physical devices, access control, security logs, resource scheduling, automated operations, and other functions. Additionally, in order to implement trusted cloud services, more types of technical support will be required, such as trusted cryptography which is an extension of traditional cryptography technology, trusted fusion verification technology, trusted computing, etc. It is essential for organizations to implement trusted cloud service to provide deep security protection for users, which is from service authorization access to the underlying hardware platform.
This Recommendation analyses the security issues of cloud computing services and provides an overview of trusted cloud service, including its background and necessity context. It also introduces the security capabilities of trusted cloud services. Furthermore, it provides specific security guidelines for CSC and CSP to ensure the security and reliability of trusted cloud services. Additionally, the Recommendation is possible to analyse different levels of trusted cloud services.
|
|
Comment:
|
-
|
|
Reference(s):
|
|
|
Historic references:
|
|
Contact(s):
|
|
| ITU-T A.5 justification(s): |
|
|
|
|
First registration in the WP:
2023-10-04 18:02:00
|
|
Last update:
2024-03-12 14:23:10
|
|
