Publications
July 19, 2023: URLs for CSRC publication details pages have changed. Legacy URLs should automatically redirect to the new URLs. However, links to the actual publications have NOT changed (e.g., DOIs and PDFs on nvlpubs.nist.gov). Please send inquiries to
csrc-inquiry@nist.gov.
Further development of this draft has ceased (May 05, 2018).
NIST Cloud Computing Security Reference Architecture
Documentation
Topics
Date Published: May 2013
Comments Due:
Email Comments to:
Author(s)
National Institute of Standards and Technology
Announcement
The NIST Cloud Computing Security Working Group (NCC-SWG) issued Draft SP 500-299, NIST Cloud Computing Security Reference Architecture, in May 2013.
The purpose of this document is to define a NIST Cloud Computing Security Reference Architecture (NCC-SRA)--a framework that: i) identifies a core set of Security Components that can be implemented in a Cloud Ecosystem to secure the environment, the operations, and the data migrated to the cloud; ii) provides, for each Cloud Actor, the core set of Security Components that fall under their responsibilities depending on the deployment and service models; iii) defines a security-centric formal architectural model that adds a security layer to the current NIST SP 500-292, "NIST Cloud Computing Reference Architecture"; and iv) provides several approaches for analyzing the collected and aggregated data.
The purpose of this document is to define a NIST Cloud Computing Security Reference Architecture (NCC-SRA)--a framework that: i) identifies a core set of Security Components that can be implemented in a Cloud Ecosystem to secure the environment, the operations, and the data migrated to the cloud;...
See full abstract
The purpose of this document is to define a NIST Cloud Computing Security Reference Architecture (NCC-SRA)--a framework that: i) identifies a core set of Security Components that can be implemented in a Cloud Ecosystem to secure the environment, the operations, and the data migrated to the cloud; ii) provides, for each Cloud Actor, the core set of Security Components that fall under their responsibilities depending on the deployment and service models; iii) defines a security-centric formal architectural model that adds a security layer to the current NIST SP 500-292, "NIST Cloud Computing Reference Architecture"; and iv) provides several approaches for analyzing the collected and aggregated data.
Hide full abstract
Keywords
computer security; cloud computing
Control Families
None selected
Documentation
Publication:
No Download Available
Supplemental Material:
None available
Document History:
05/05/13: SP 500-299 (Draft)
) or https:// don't prove our archive is authentic, only that you securely accessed it. Note that we are working to fix that :)
