Federal Cloud Security

Abstract

When Federal government departments and agencies choose to adopt cloud computing, security is a major consideration in the planning, migrating, and operations and maintenance of critical IT systems. Agencies must consider the goals, planned cloud ecosystem, mission and business functions, processes, sensitivity of data, and processing capabilities. Agencies must fully understand the roles and responsibilities of themselves, FedRAMP, and Cloud Service Providers (CSPs). As consumers of cloud services, agencies must also fully understand the impacts of the three Service Models: Infrastructure as a Service (IaaS), Platform as a Service (PaaS) and Software as a Service (SaaS) with regard to security, as each Service Model brings different security requirements and responsibilities. As agencies transition their applications and data to cloud computing solutions, it is critically important that the level of security provided in the cloud environment be equal to or better than the security provided by its traditional IT environment.

Open PDF

Document Details

Document Type
Technical Report
Publication Date
Dec 28, 2015
Accession Number
AD1107883

Entities

People

  • Katy Warren

Organizations

  • MITRE Corporation

Tags

Communities of Interest

  • Biomedical
  • Cyber

DTIC Thesaurus Topics

  • Application Software
  • Civil Rights
  • Cloud Computing
  • Computer Network Security
  • Computer Programming
  • Computers
  • Cybersecurity
  • Data Centers
  • Department Of Homeland Security
  • Information Processing
  • Information Security
  • Information Systems
  • Law
  • Local Area Networks
  • National Governments
  • Operating Systems
  • Security Personnel

Fields of Study

  • Computer science

Readers

  • Cybersecurity.
  • Enterprise Information Systems Architecture and Joint Command Capability Interoperability Support.
  • Systems Analysis and Design

Technology Areas

  • Cyber