Cloud Security Definitions

This glossary explains the meaning of key words and phrases that information technology (IT) and business professionals use when discussing cloud security and related software products. You can find additional definitions by visiting WhatIs.com or using the search box below.

  • A

    AV storm

    An AV storm is the performance degradation that occurs when antivirus software simultaneously scans multiple virtual machines (VMs) on a single physical host. 

  • AWS CloudTrail

    AWS CloudTrail is an application program interface (API) call-recording and log-monitoring Web service offered by Amazon Web Services (AWS).

  • B

    BIOS rootkit

    A BIOS-level rootkit is programming that exists in a system's memory hardware to enable remote administration. Because the rootkit lives in the computer’s BIOS (basic input/output system), it persists not only through attempts to reflash the BIOS but also through hard drive erasure or replacement.

  • BIOS rootkit attack

    A BIOS-level rootkit attack, also known as a persistent BIOS attack, is an exploit in which the BIOS is flashed (updated) with malicious code. A BIOS rootkit is programming that enables remote administration.

  • blue pill rootkit

    The blue pill rootkit is malware that executes as a hypervisor to gain control of computer resources. Joanna Rutkowska, a security researcher for Singapore-based IT security firm COSEINC, developed the Blue Pill rootkit as proof-of-concept malware, which she demonstrated at the 2006 Black Hat Briefings conference.

  • C

    CAIQ (Consensus Assessments Initiative Questionnaire)

    The Consensus Assessments Initiative Questionnaire (CAIQ) is a survey provided by the Cloud Security Alliance (CSA) for cloud consumers and auditors to assess the security capabilities of a cloud service provider.

  • clickwrap agreement (clickthrough agreement)

    A clickwrap agreement, also known as a click through, shrink-wrap, or sign-in-wrap, is an online agreement in which the user signifies his or her acceptance by clicking a button or checking a box that states “I agree.”

  • cloud access security broker (CASB)

    A cloud access security broker (CASB) is a software tool or service that sits between an organization's on-premises infrastructure and a cloud provider's infrastructure.

  • Cloud Controls Matrix

    The Cloud Controls Matrix is a baseline set of security controls created by the Cloud Security Alliance to help enterprises assess the risk associated with a cloud computing provider.

  • Cloud Security Alliance (CSA)

    The Cloud Security Alliance (CSA) is a nonprofit organization that promotes research into best practices for securing cloud computing and the use of cloud technologies to secure other forms of computing.

  • CloudAudit

    CloudAudit is a specification for the presentation of information about how a cloud computing service provider addresses control frameworks. The specification provides a standard way to present and share detailed, automated statistics about performance and security.

  • Cloudburst VM escape

    Cloudburst VM (virtual machine) escape is an exploit method, credited to research firm Kostya Kortchinsky Immunity Inc., that takes advantage of IBM's Cloudburst cloud service provisioning software for cloud providers and a flaw in VMware Workstation to enable a guest-level virtual machine to attack its host.

  • CloudTrust Protocol (CTP)

    The CloudTrust Protocol or CTP is a mechanism that helps cloud service customers request and retrieve standardized inquiries about cloud provider transparency.

  • E

    ENISA (European Network and Information Security Agency)

    The European Network and Information Security Agency (ENISA) is a European Union (EU) agency dedicated to preventing and addressing network security and information security problems.

  • G

    Google Cloud Key Management Service (KMS)

    Google Cloud Key Management Service (KMS) is a cloud service for managing encryption keys for other Google cloud services that enterprises can use to implement cryptographic functions.

  • H

    hypervisor security

    Hypervisor security is the process of ensuring the hypervisor, the software that enables virtualization, is secure throughout its life cycle, including during development, implementation, provisioning, management and de-provisioning.

  • I

    information-centric security

    Information-centric security is an approach to information security paradigm that emphasizes the security of the information itself rather than the security of networks, applications, or even simply data.

  • M

    Microsoft Cloud Security Readiness Tool (CSRT)

    The Microsoft Cloud Security Readiness Tool (CSRT) is a survey that assesses the systems, processes and productivity of an IT environment in preparation for the adoption and secure use of cloud computing services.

  • S

    Security, Trust and Assurance Registry (STAR)

    The Security, Trust and Assurance Registry (STAR) is an online registry of cloud provider security controls.

  • Soc 1 (Service Organization Control 1)

    A Service Organization Control 1 or Soc 1 (pronounced "sock one") report is written documentation of the internal controls that are likely to be relevant to an audit of a customer’s financial statements.

  • Soc 2 (Service Organization Control 2)

    A Service Organization Control 2 (Soc 2) reports on various organizational controls related to security, availability, processing integrity, confidentiality or privacy.

  • Soc 3 (Service Organization Control 3)

    A Service Organization Control 3 (Soc 3) report outlines information related to a service organization’s internal controls in security, availability, processing integrity, confidentiality or privacy.

  • software-defined perimeter (SDP)

    Software-defined perimeter (SDP) is a security framework developed by the Cloud Security Alliance (CSA) that controls access to resources based on identity.

  • SSAE 16

    The Statement on Standards for Attestation Engagements No. 16 (SSAE 16) is a set of auditing standards and guidance on using the standards, published by the Auditing Standards Board (ASB) of the American Institute of Certified Public Accountants (AICPA), for redefining and updating how service companies report on compliance controls.

  • T

    Trusted Cloud Initiative

    The Trusted Cloud Initiative is a program of the Cloud Security Alliance industry group created to help cloud service providers develop industry-recommended, secure and interoperable identity, access and compliance management configurations and practices.

  • V

    virtual firewall

    A virtual firewall is a firewall device or service that provides network traffic filtering and monitoring for virtual machines (VMs) in a virtualized environment.

-ADS BY GOOGLE

SearchSecurity

SearchCloudComputing

SearchAWS

SearchServerVirtualization

SearchVMware

ComputerWeekly.com

Close