Cloud Computing Security

Cloud computing security, also called Cloud Security, is a set of control-based technologies and policies designed to adhere to regulatory compliance rules and protect information, data applications and infrastructure associated with cloud computing use.

The Trusted Computing Group was formed to develop, define, and promote open, vendor neutral, industry standards for trusted computing building blocks and software interfaces across multiple platforms. Trusted computing platforms provide five main components:

• Root of trust for measurement (RTM)

• Root of trust for storage (RTS)

• Root of trust for reporting (RTR)

• Root of trust for verification (RTV)

• Isolation technology

The core component to establishing trust in an IT system is the trusted platform module (TPM) which is bound to a platform. A TPM must be completely protected against software attacks and it must be tamper-evident; that is, provide a limited degree of protection against a physical attack. See also Trusted Computing Group

In a nutshell, cloud computing security processes should address the security controls the cloud provider will incorporate to maintain the customer's data security, privacy and compliance with necessary regulations.

References for the glossary can be viewed by clicking here.