Making Cloud SLAs readily usable in the EU private sector
The Cloud Trust (CT) working group aims to build confidence in the market and to accelerate secure adoption of Cloud services by promoting collaboration between Cloud customers (in particular SMEs), CSPs, international standards organisations and global regulatory authorities, all of which are considered stakeholders in the CT Working Group. The CT working group’s activities focus on the collection and validation of monitorable security and privacy metrics for Cloud SLAs, which includes the following tasks:
- Developing a catalogue of security and privacy Cloud service metrics with standardized measurement methods, based on the latest research in the field, industry practices and Cloud customers’ interests;
- Motivating and documenting the validation of the metrics catalogue by stakeholder;
- Documenting the best practices associated with the use of these metrics in the definition of SLAs, as well as their measurement and monitoring.
With the support of SLA-Ready, the CT working group aligned its activities in order to support ISO/IEC and NIST. In particular, SLA-Ready contributed to the CT’s catalogue of security/privacy metrics (partially documented in WP2). Furthermore, SLA-Ready supported the CT WG by providing feedback related to the automated catalogue of Cloud SLA security and privacy metrics being developed by the EU FP7 SPECS project. This automated catalogue system was described in a previous section, where contributions to NIST were presented.
The best practices developed in the context of the CRM will be provided to CT as part of the efforts to develop the foreseen “CSA Cloud metrics guidance” late 2016.