« Security First: Security and data protection in Google data centers | Main | まもなく白浜シンポ! 今年で15回目 »

2011.05.14

NIST SP 800-146 DRAFT Cloud Computing Synopsis and Recommendations

 こんにちは、丸山満彦です。NISTが SP 800-146 DRAFT Cloud Computing Synopsis and Recommendationsを公表し、コメントを求めていますね。。。クラウド・コンピューティングの概要と推奨事項。。。
 yas_matsuさん はいつも情報がはやい。。。

 
 長いなぁ。。。

■NIST
・2011.05.12 SP 800-146 DRAFT Cloud Computing Synopsis and Recommendations
 Draft-NIST-SP800-146.pdf


===== 
Executive Summary
1. Introduction
 1.1 Authority
 1.2 Purpose and Scope
 1.3 Audience
 1.4 Document Structure
2. Cloud Computing Definition
3. Typical Commercial Terms of Service

 3.1 Promises
 3.2 Limitations
 3.3 Obligations
 3.4 Recommendations
4. General Cloud Environments
 4.1 Understanding Who Controls Resources in a Cloud
 4.2 The On-site Private Cloud Scenario
 4.3 The Outsourced Private Cloud Scenario
 4.4 The On-site Community Cloud Scenario
 4.5 The Outsourced Community Cloud Scenario
 4.6 The Public Cloud Scenario
 4.7 The Hybrid Cloud Scenario
5. Software-as-a-Service Environments
 5.1 Abstract Interaction Dynamics
 5.2 Software Stack and Provider/Subscriber Scopes of Control
 5.3 Benefits
  5.3.1 Very Modest Software Tool Footprint
  5.3.2 Efficient Use of Software Licenses
  5.3.3 Centralized Management and Data
  5.3.4 Platform Responsibilities Managed by Providers
  5.3.5 Savings in Up-front Costs
 5.4 Issues and Concerns
  5.4.1 Browser-based Risks and Risk Remediation
  5.4.2 Network Dependence
  5.4.3 Isolation vs. Efficiency (Security vs. Cost Tradeoffs)
 5.5 Candidate Application Classes
 5.6 Recommendations for Software as a Service
6. Platform-as-a-Service Cloud Environments
 6.1 Abstract Interaction Dynamics
 6.2 Software Stack and Provider/Subscriber Scopes of Control
 6.3 Benefits
  6.3.1 Facilitated Scalable Application Development and Deployment
 6.4 Issues and Concerns
  6.4.1 Lack of Portability between PaaS Clouds
  6.4.2 Event-based Processor Scheduling
  6.4.3 Security Engineering of PaaS Applications
 6.5 Candidate Application Classes
 6.6 Recommendations for Platform as a Service
7. Infrastructure-as-a-Service Cloud Environments
 7.1 Abstract Interaction Dynamics
 7.2 Software Stack and Provider/Subscriber Scope of Control
 7.3 Operational View
  7.3.1 Operation of the Cloud Manager
  7.3.2 Operation of the Cluster Managers
  7.3.3 Operation of the Computer Managers
 7.4 Benefits
  7.4.1 Full Control of the Computing Resource Through Administrative Access to VMs
  7.4.2 Flexible, Efficient Renting of Computing Hardware
  7.4.3 Portability, Interoperability with Legacy Applications
 7.5 Issues and Concerns
  7.5.1 Compatibility with Legacy Security Vulnerabilities
  7.5.2 Virtual Machine Sprawl
  7.5.3 Verifying Authenticity of IaaS Cloud Provider Web site
  7.5.4 Robustness of VM-level Isolation
  7.5.5 Features for Dynamic Network Configuration for Providing Isolation
  7.5.6 Data Erase Practices
 7.6 Recommendations for Infrastructure as a Service
8. Open Issues
 8.1 Computing Performance
  8.1.1 Latency
  8.1.2 Off-line Data Synchronization
  8.1.3 Scalable Programming
  8.1.4 Data Storage Management
 8.2 Cloud Reliability
  8.2.1 Network Dependence
  8.2.2 Cloud Provider Outages
  8.2.3 Safety-Critical Processing
 8.3 Economic Goals
  8.3.1 Risk of Business Continuity
  8.3.2 SLA Evaluation
  8.3.3 Portability of Workloads
  8.3.4 Interoperability between Cloud Providers
  8.3.5 Disaster Recovery
 8.4 Compliance
  8.4.1 Lack of Visibility
  8.4.2 Physical Data Location
  8.4.3 Jurisdiction and Regulation
  8.4.4 Support for Forensics
 8.5 Information Security
  8.5.1 Risk of Unintended Data Disclosure
  8.5.2 Data Privacy
  8.5.3 System Integrity
  8.5.4 Multi-tenancy
  8.5.5 Browsers
  8.5.6 Hardware Support for Trust
  8.5.7 Key Management
9. General Recommendations
 9.1 Management
 9.2 Data Governance
 9.3 Security and Reliability
 9.4 Virtual Machines
 9.5 Software and Applications
=====

|

« Security First: Security and data protection in Google data centers | Main | まもなく白浜シンポ! 今年で15回目 »

Comments

Post a comment



(Not displayed with comment.)


Comments are moderated, and will not appear on this weblog until the author has approved them.



TrackBack


Listed below are links to weblogs that reference NIST SP 800-146 DRAFT Cloud Computing Synopsis and Recommendations:

« Security First: Security and data protection in Google data centers | Main | まもなく白浜シンポ! 今年で15回目 »