Page 148 - Big data - Concept and application for telecommunications
P. 148
4 Big data - Concept and application for telecommunications
NOTE 2 – In some jurisdictions, individual natural persons (i.e., human users) are treated separately from
their employers for confidentiality purposes. In such circumstances, confidentiality of the cloud service user
(CSU) will be appropriately protected in addition to that of the cloud service customer (CSC) or cloud service
tenant.
9.8 Security coordination
Since different cloud computing services imply different implementations of security controls, this security
capability coordinates heterogeneous security mechanisms to avoid protection conflicts.
Parties playing different roles in the cloud computing ecosystem, e.g., CSP, CSC, CSN, have different degrees
of control over the physical or virtual resources and services, including the control of security.
For each party, there will be various security mechanisms including hypervisor isolation, IAM, network
protection, etc.
One of the purposes of cloud computing is to enable a combination of these different parties to
collaboratively design, build, deploy and operate various physical and virtualized resources together.
Therefore, a CSP needs to be able to coordinate different security mechanisms across the different parties.
Security coordination depends on the interoperability and harmonization of diverse security mechanisms.
9.9 Operational security
This capability provides security protection for the daily operation and maintenance of cloud computing
services and infrastructure.
This operational security capability includes:
• defining sets of security policies and security activities such as configuration management, patch
upgrade, security assessment, incident response (see also clause 9.10 "Incident management"), and
ensuring these security measures are correctly enforced to fulfil the requirements of applicable laws
and contracts including any security SLA;
• monitoring the CSP's security measures and their effectiveness, and giving appropriate reports to
affected CSCs and applicable third-party auditors (acting as a CSN), which can enable the CSC to
measure whether a CSP is delivering on SLA security commitments.
In the event that the CSP's security measures or their effectiveness changes, all downstream CSPs and CSCs
will be alerted to such changes.
These reports and alerts enable authorized CSCs to see appropriate incidents, audit information, and
configuration data relating to their cloud computing services.
9.10 Incident management
Incident management provides incident monitoring, prediction, alerting and response. In order to know
whether the cloud computing service is operating as expected through the whole infrastructure, continuous
monitoring is necessary (e.g., monitoring the real-time performance of virtualized platform and virtualized
machine). This enables systems to capture the service security status, identify abnormal conditions, and
provide early warning of security system overloads, breaches, service discontinuity, etc. After the occurrence
of security incidents, the problem is identified and the incident is quickly responded to, either automatically
or with the intervention of a human administrator. Closed incidents are logged and analysed for possible
underlying patterns which can then be proactively addressed.
9.11 Disaster recovery
Disaster recovery represents the capability to respond to catastrophic disasters, to recover to a safe state
and to resume normal operations as quickly as possible. This capability provides continuity of provided
service with minimum interruption.
140 Security, privacy and data protection
