ГОСТ Р ИСО/МЭК 27017-2021. Национальный стандарт Российской Федерации. Информационные технологии. Методы и средства обеспечения безопасности. Правила применения мер обеспечения информационной безопасности на основе ИСО/МЭК 27002 при использовании облачных служб

БИБЛИОГРАФИЯ

 

Recommendation ITU-T X.805 (2003) Security architecture for systems providing end-to-end communications

ISO/IEC 17203:2011 Information technology - Open Virtualization Format (OVF) specification

ISO/IEC 27001:2013 Information technology - Security techniques - Information security management systems - Requirements

ISO/IEC 27005:2011 Information technology - Security techniques - Information security risk management

ISO/IEC 27018:2014 Information technology - Security techniques - Code of practice for protection of personally identifiable information (PII) in public clouds acting as PII processors

ISO/IEC 27036-1:2014 Information technology - Security techniques - Information security for supplier relationships - Part 1: Overview and concepts

ISO/IEC 27036-2:2014 Information technology - Security techniques - Information security for supplier relationships - Part 2: Requirements

ISO/IEC 27036-3:2013 Information technology - Security techniques - Information security for supplier relationships - Part 3: Guidelines for information and communication technology supply chain security

ISO/IEC CD 27036-4 Information technology - Security techniques - Information security for supplier relationships - Part 4: Guidelines for security of cloud services - (Under development)

ISO/IEC 27040:2015 Information technology - Security techniques - Storage security

ISO 19440:2007 Enterprise integration - Constructs for enterprise modelling

ISO 31000:2009 Risk management - Principles and guidelines

NIST, SP 800-145 2011 The NIST Definition of Cloud Computing

NIST 2009 Effectively and Securely Using the Cloud Computing Paradigm

ENISA 2009 Cloud Computing Benefits, risks and recommendations for information security

Cloud Security Alliance, Security Guidance for Critical Areas of Focus in Cloud Computing V3.0

Cloud Security Alliance, Top Threats to Cloud Computing V1.0

Cloud Security Alliance, Domain 12: Guidance for Identity & Access Management V2.1

ISACA, Cloud Computing: Business Benefits With Security, Governance and Assurance Perspectives

ISACA, Cloud Computing Management Audit/Assurance Program

 

 

 

 

 

УДК 006.34:004.056:004.056.5:004.056.53:006.354	ОКС 35.040
Ключевые слова: облачные вычисления, поставщик облачных служб, потребитель облачных служб, меры обеспечения ИБ