Page 1068 - Cloud computing: From paradigm to operation
P. 1068

7                                                     Security


                          Cloud service customer                          Cloud service provider
             –  specifications of the key management system,
                including procedures for each stage of the key life-
                cycle, i.e., generating, changing or updating, storing,
                retiring, retrieving, retaining and destroying;
             –  recommended key management procedures for use
                by the cloud service customer.
             The cloud service customer should not permit the cloud
             service provider to store and manage the encryption
             keys for cryptographic operations when the cloud
             service customer employs its own key management or a
             separate and distinct key management service.


            11      Physical and environmental security

            11.1    Secure areas

            The objective specified in clause 11.1 of ISO/IEC 27002 applies.
            11.1.1  Physical security perimeter

            Control 11.1.1 and the associated implementation guidance and other information specified in ISO/IEC 27002
            apply.

            11.1.2  Physical entry controls

            Control 11.1.2 and the associated implementation guidance and other information specified in ISO/IEC 27002
            apply.

            11.1.3  Securing offices, rooms and facilities
            Control 11.1.3 and the associated implementation guidance and other information specified in ISO/IEC 27002
            apply.

            11.1.4  Protecting against external and environmental threats
            Control 11.1.4 and the associated implementation guidance and other information specified in ISO/IEC 27002
            apply.

            11.1.5  Working in secure areas
            Control 11.1.5 and the associated implementation guidance and other information specified in ISO/IEC 27002
            apply.
            11.1.6  Delivery and loading areas

            Control 11.1.6 and the associated implementation guidance and other information specified in ISO/IEC 27002
            apply.


            11.2    Equipment
            The objective specified in clause 11.2 of ISO/IEC 27002 applies.

            11.2.1  Equipment siting and protection
            Control 11.2.1 and the associated implementation guidance and other information specified in ISO/IEC 27002
            apply.
            11.2.2  Supporting utilities

            Control 11.2.2 and the associated implementation guidance and other information specified in ISO/IEC 27002
            apply.


            1060
   1063   1064   1065   1066   1067   1068   1069   1070   1071   1072   1073