1 Scope
2 References
3 Definitions
3.1 Terms defined elsewhere
3.2 Terms defined in this Recommendation
4 Abbreviations and acronyms
5 Conventions
6 Overview
7 Security threats for cloud computing
7.1 Security threats for cloud service customers (CSCs)
7.2 Security threats for cloud service providers (CSPs)
8 Security challenges for cloud computing
8.1 Security challenges for cloud service customers (CSCs)
8.2 Security challenges for cloud service providers (CSPs)
8.3 Security challenges for cloud service partners (CSNs)
9 Cloud computing security capabilities
9.1 Trust model
9.2 Identity and access management (IAM), authentication,
authorization and transaction audit
9.3 Physical security
9.4 Interface security
9.5 Computing virtualization security
9.6 Network security
9.7 Data isolation, protection and confidentiality protection
9.8 Security coordination
9.9 Operational security
9.10 Incident management
9.11 Disaster recovery
9.12 Service security assessment and audit
9.13 Interoperability, portability and reversibility
9.14 Supply chain security
10 Framework methodology
Appendix I Mapping of cloud computing security threats and challenges to
security capabilities
Bibliography