Page 991 - Cloud computing: From paradigm to operation
P. 991

7




                                                                               Appendix I                                                                        983


                                     Mapping of cloud computing security threats and challenges to security capabilities
                                                     (This appendix does not form an integral part of this Recommendation.)

            Table I.1 shows a mapping of cloud computing security threats and challenges to some of the possible security capabilities.
            The letter 'Y' in a cell formed by the intersection of the table's columns and rows designate that a particular security threat and challenge is addressed by a
            corresponding security capability.

                                          Table I.1 – Mapping of cloud computing security threats and challenges to security capabilities
                                                                                    Clause 9 Cloud computing security capabilities
                                        Clause 9.2 Identity
                                          and access                                Clause 9.7 Data
                                         management   Clause 9.3   Clause 9.4   Clause 9.5   Clause 9.6   isolation,   Clause 9.8   Clause 9.9   Clause 9.11   Clause 9.12   Clause 9.13   Clause 9.14
                                  Clause9.1                         Computing                                  Clause 9.10 Incident   Service security   Interoperability,
                                  Trust model   (IAM),   Physical   Interface   virtualization   Network   protection and   Security   Operational   management   Disaster   assessment and   portability and   Supply chain
                                         authentication,   security   security   security   confidentiality   coordination   security   recovery        security
                                        authorization and            security         protection                                     audit   reversibility
                                         transaction audit
        Security      Clause 7.1   Clause 7.1.1   Y   Y   Y                         Y                                     Y
                           Data loss
                           and leakage
                    Security
                    threats for   Clause 7.1.2
                           Insecure
                    cloud         Y     Y                 Y       Y          Y
                    service   service
             Clause 7   customers   access
             Security   (CSCs)   Clause 7.1.3
             threats       Insider      Y         Y                                                                               Y
             for cloud     threats
             compu-
             ting          Clause 7.2.1
                    Clause 7.2   Unautho-
                    Security   rized   Y   Y      Y       Y
                    threats for   administra-
                    cloud   tion access
                    service
                    providers   Clause 7.2.2
                    (CSPs)   Insider      Y       Y                                                                               Y
                           threats
                           Clause 8.1.1
                           Ambiguity
             Clause 8   Clause 8.1   in responsi-     Y                                               Y
             Security   Security   bility
             challenge  challenges
             s for   for cloud   Clause 8.1.2   Y                                                                                 Y
             cloud   service   Loss of trust
             compu-  customers
             ting   (CSCs)   Clause 8.1.3
                           Loss of      Y         Y                                 Y                 Y        Y          Y       Y
                           governance
   986   987   988   989   990   991   992   993   994   995   996