NIST publishes cloud system guidance for IaaS, PaaS and SaaS

NIST has published “General Access Control Guidance for Cloud Systems”, which presents an initial step toward understanding security challenges in cloud systems by analyzing the access control (AC) considerations in all three cloud service delivery models: Infrastructure as a Service (IaaS), Platform as a Service (PaaS), and Software as a Service (SaaS).

Essential characteristics that would affect the Cloud’s AC design are also summarized, such as broad network access, resource pooling, rapid elasticity, measured service, and data sharing. Various guidance for AC design of IaaS, PaaS, and SaaS are proposed according to their different characteristics. Recommendations for AC design in different cloud systems are also included to facilitate future implementations. Additionally, potential policy rules are summarized for each cloud system.

Read the full guidance

Related Posts

Previous Post
“No Free Lunch” algos: from supervised learning to blackbox optimization
Next Post
ISLA: TRs accepting 95% of SFTR transactions, data volumes to peak in 2-3 months

Fill out this field
Fill out this field
Please enter a valid email address.

X

Reset password

Create an account