7.5. Standards
PCI DSS
- Payment Card Industry Data Security Standard
- security standard for organizations that handle cash-less payments: debit, credit, prepaid, e-purse, ATM, point of sale
- comprehensive data security standard
- implementation of strong data protection for system building and continuous security monitoring
- https://www.pcisecuritystandards.org/security_standards/
IIA
- the Institute of Internal Auditors
- guides for diverse security issues, not directly focused on cloud computing
- self-evaluation
- voluntary industrial action aiming to combat cybercrime
- shared view: cloud providers and customers share responsibility
- openness: necessity of informing about the risks and security breaches
- https://na.theiia.org/standards-guidance/recommended-guidance/practice-guides/Pages/Practice-Guides.aspx
Cloud Security Alliance
- non-profit US body
- aim: provide security assurance within cloud systems
- output: research papers, guides, standards
- Security Guidance for Critical Areas of Focus in Cloud Computing link
- Top Threats to Cloud Computing link
- CCSK: Certificate of Cloud Security Knowledge - online examination link
- https://cloudsecurityalliance.org/
ENISA
- The European Network and Information Security Agency
- mandate: Regulation (EC) No 460/2004 of the European Parliament
- mission: provide information about best practices in security
- Cloud Security and Resilience Group of ENISA: link
- Cloud Computing Risk Assessment link
- https://www.enisa.europa.eu/
Projekt Cloud Computing – nowe technologie w ofercie dydaktycznej Politechniki Wrocławskiej (UDA.POKL.04.03.00-00-135/12)jest realizowany w ramach Programu Operacyjnego Kapitał Ludzki, Priorytet IV. Szkolnictwo wyższe i nauka, Działanie 4.3. Wzmocnienie potencjału dydaktycznego uczelni w obszarach kluczowych w kontekście celów Strategii Europa 2020, współfinansowanego ze środków Europejskiego Funduszu Społecznego i budżetu Państwa