Cloud industry group releases guidelines on security

Staff writer
16 Dec 2013

The Cloud Security Alliance (CSA) has released new guidance for the secure development of cloud applications

The CSA, a not-for-profit organization, will be working with the Software Assurance Forum for Excellence in Code (SAFECode) for the new initiative.

The partnership aims to provide practical secure development recommendations in the context of critical threats specific to cloud computing.

SAFECode and CSA partnered to determine whether additional software security guidance was needed to address unique threats to cloud computing, and if so, to identify specific security practices in the context of identified threats.

While the working group’s efforts confirmed that each practice identified by SAFECode as fundamental to software security applied equally to cloud software, it also identified additional practices that should be adopted by those developing software for the cloud, given the unique threats faced in that domain.

This new report represents the product of that collaboration and is intended to help readers better understand and implement best practices for secure cloud software development.

It offers practical secure development guidance in the areas of multi-tenancy, trusted compute pools, tokenization of sensitive data, data encryption and key management, authentication and identity management, shared-domain issues and securing APIs.


Related content

Follow Telecom Asia Sport!
No Comments Yet! Be the first to share what you think!
This website uses cookies
This provides customers with a personalized experience and increases the efficiency of visiting the site, allowing us to provide the most efficient service. By using the website and accepting the terms of the policy, you consent to the use of cookies in accordance with the terms of this policy.