Draft of Table of Contents for Cloud Computing Use Cases White Paper V3

Skip to first unread message


Jan 11, 2010, 7:49:43 AM1/11/10
to A6 (Audit, Assertion, Assessment, and Assurance API) Working Group
This is a copy of the post that was just made today to the Cloud
Computing Use Cases White Paper (http://groups.google.com/group/cloud-

We look forward to your comments to the original post at http://su.pr/2Be9pA
or directly to this post.


Friends, here's a proposed ToC for Version 3. As always, this is an
attempt to organize our discussions of the last couple of months.

Introduction & Motivation

A general discussion of the importance of security

Security Controls

A short discussion of the requirements we've discussed here:
- Asset Management
- Service/User Identity, Access Control and Roles/Attributes
- Security Policy
- Cryptography, Key and Certificate Management
- Network Security
- Data/Storage Security
- Endpoint Security
- Security Event/Auditing/Reporting
- Workload/Service Management
- Security Service Automation

Security Patterns & Federation

Cloud Security Roles

I think patterns and roles are a great way to organize the
discussion as it relates to the security controls mentioned above.

Security Use Cases

- The use cases we've discussed. Some use cases were discussed in
broad terms (supply chain and healthcare), it would be great if we
could flesh those out here.


- These were useful ways of summarizing the information in earlier
versions. Security Controls vs. Service Models (*aaS), Security

Controls vs. Deployment Models and Security Controls vs. Security

Patterns could be useful tables.

Let me know what you think.

As for a schedule, I plan to have a first draft posted by next Friday
(the 15th), a second draft the following Friday (the 22nd), with a
final Version 3 ready by the end of the month.



Reply all
Reply to author
0 new messages