NIST – Draft SP 800-210 – General Access Control Guidance for Cloud Systems

 In NEWS, Uncategorized

This document presents cloud access control characteristics and a set of general access control guidance for cloud service models: IaaS (Infrastructure as a Service), PaaS (Platform as a Service), and SaaS (Software as a Service). Different service delivery models require managing different types of access on offered service components. Such service models can be considered hierarchical, thus the access control guidance of functional components in a lower-level service model are also applicable to the same functional components in a higher-level service model. In general, access control guidance for IaaS is also applicable to PaaS and SaaS, and access control guidance for IaaS and PaaS is also applicable to SaaS. However, each service model has its own focus with regard to access control requirements for its service.  Public comment period: April 1, 2020 to May 15, 2020

Recent Posts
Contact Us

Please send us a short message and we'll get back to you soon. Thank you.