ГОСТ Р ИСО/МЭК 27018-2020. Национальный стандарт Российской Федерации. Информационные технологии. Методы и средства обеспечения безопасности. Свод правил по защите персональных данных (ПДн) в публичных облаках, используемых для их обработки

БИБЛИОГРАФИЯ

[1]	ISO/IEC 17789,	Information technology - Cloud computing - Reference architecture
[2]	ISO/IEC 27001,	Information technology - Security techniques - Information security management systems - Requirements
[3]	ISO/IEC 27005,	Information technology - Security techniques - Information security risk management
[4]	ISO/IEC 27035,	Information technology - Security techniques - Information security incident management
[5]	ISO/IEC 270364,	Information technology - Security techniques - Information security for supplier relationships - Part 4: Guidelines for security of cloud services
[6]	ISO/IEC 27040,	Information technology - Security techniques - Storage security
[7]	ISO/IEC 29100:2011,	Information technology - Security techniques - Privacy framework
[8]	ISO/IEC 29101,	Information technology - Security techniques - Privacy architecture framework
[9]	ISO/IEC 29134,	Information technology - Security techniques - Guidelines for privacy impact assessment
[10]	ISO/IEC 29191,	Information technology - Security techniques - Requirements for partially anonymous, partially unlinkable authentication
[11]	ISO/IEC JTC 1/SC 27, WG 5 Standing Document 2 - Part 1: Privacy References List. Latest version, available at http://www.jtc1sc27.din.de/sbe/wg5sd2
[12]	BS 10012:2009,	Data protection. Specification for a personal information management system
[13]	JIS Q 15001:2006,	Personal information protection management systems - Requirements
[14]	NIST SP 80053rev4,	Security and Privacy Controls for Federal Information Systems and Organizations, April 2013 (http://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-53r4.pdf)
[15]	NIST SP 800122,	Guide to Protecting the Confidentiality of Personally Identifiable Information (PII), April 2010 (http://csrc.nist.gov/publications/nistpubs/800-122/sp800-122.pdf)
[16]	NIST SP 800144,	Guidelines on Security and Privacy in Public Cloud Computing, December 2011 http://csrc.nist.gov/publications/nistpubs/800-144/SP800-144.pdf)
[17]	ENISA. Report on Cloud Computing: Benefits, risks and recommendations for information security, November 2009 (http://www.enisa.europa.eu/activities/risk-management/files/_deliverables/cloud-computing-risk-assessment/at_download/fullReport)
[18]	European Union, Article 29 Working Party, Opinion 05/2012 on Cloud Computing, adopted July 2012: (http://ec.europa.eu/justice/dataprotection/article-29/documentation/opinionrecommendation/files/2012/wp196_en.pdf)

УДК 006.34:004.056:004.056.5:004.056.53:006.354	ОКС 35.030
Ключевые слова: персональные данные (ПДн), защита персональных данных, меры защиты ПДн, облачные вычисления, оператор ПДн, субъект ПДн, обработка ПДн