Page 402 - Cloud computing: From paradigm to operation
P. 402

1                                    Framework and requirements for cloud computing




                                            Table 10-1– ITU-T SG17 deliverables

                                                                                      Starting
                            Title of deliverable                  Current status                 Target date
                                                                                        date
             ITU-T X.1602, Security requirements for software as a   Recommendation   04/2011    03/2016
             service application environments
             ITU-T X.1641, Guidelines for cloud service customer data  Recommendation   09/2014   09/2016
             security
             ITU-T X.1603, Data security requirements for the   Recommendation       09/2015     03/2018
             monitoring service of cloud computing
             ITU-T X.SRIaaS, Security requirements of public   Draft Recommendation   03/2016    09/2019
             infrastructure as a service (IaaS) in cloud computing
             ITU-T X.SRNaaS, Security requirements of Network as a   Draft Recommendation   09/2016   09/2019
             Service (NaaS) in cloud computing
             ITU-T X.SRCaaS, Security requirements for        Draft Recommendation   09/2016     109/2019
             Communication as a Service application environments
             ITU-T X.GSBDaaS, Guidelines on security of Big Data as a   Draft Recommendation   09/2016   09/2019
             Service
             ITU-T X.sgcc, Security guidelines for container in cloud   Draft Recommendation   09/2018   Q4/2020
             computing environment
            •       ITU-T X.1601: This Recommendation provides guidelines for cloud service customer data security in
                    cloud computing, for those cases where the cloud service provider (CSP) is responsible for ensuring
                    that the data is handled with proper security. This is not always the case, since for some cloud
                    services the security of the data will be the responsibility of the cloud service customers (CSCs)
                    themselves. In other cases, the responsibility may be mixed.
                    For example, in some cases the CSP may be responsible for restricting access to the data, while the
                    CSC remains responsible for deciding which cloud service users (CSUs) should have access to it, and
                    the behaviour of any scripts or applications with which the CSU processes the data.
                    This Recommendation identifies security controls for cloud service customer data that can be used
                    in different stages of the full data life cycle. These security controls may differ when the security
                    level  of  the  cloud  service  customer  data  changes.  Therefore,  the  Recommendation  provides
                    guidelines on when each control should be used for best security practice.

                    URI: http://www.itu.int/ITU-T/recommendations/rec.aspx?id=12613
            •       ITU-T X.1631 | ISO/IEC 27017: Recommendation ITU-T X.1631 | ISO/IEC 27017 provides guidelines
                    for information security controls applicable to the provision and use of cloud services by providing:
                    –   additional implementation guidance for relevant controls specified in ISO/IEC 27002;
                    –   additional controls with implementation guidance that specifically relate to cloud services.
                    This Recommendation | International Standard provides controls and implementation guidance for
                    both cloud service providers and cloud service customers.
                    URI: http://www.itu.int/ITU-T/recommendations/rec.aspx?rec=12490
            •       ITU-T X.1642: This Recommendation provides guideline of operational security for cloud computing,
                    which includes guidance on service level agreements (SLAs) and daily security maintenance for cloud
                    computing.  The  target  audiences  of  this  Recommendation  are  cloud  service  providers,  such  as
                    traditional telecommunication operators, ISPs and ICPs.
                    URI: http://www.itu.int/ITU-T/recommendations/rec.aspx?rec=12616
            •       ITU-T X.1602: This Recommendation provides a generic functional description for a secure service
                    oriented Software as a Service (SaaS) application environment that is independent of network types,
                    operating  systems,  middleware,  vendor  specific  products  or  solutions.  In  addition,  this

            394
   397   398   399   400   401   402   403   404   405   406   407