Until now there has been limited research into the provision of security services in an elastic cloud model that scales as the client requirements change. This first white paper designed to provide clear definitions of the different categories of security services that can be provided via the cloud (e.g. elastic, on demand) model.
“Vendors have attempted to satisfy this demand for security by offering security services in a cloud platform, but because these services take many forms, they have caused market confusion and complicated the selection process,” said Kevin Fielder, co-chair of the working group. “This new research project aims to aid both cloud customers and cloud providers, to provide greater clarity on Security as a Service – and to help end users understand the unique nature of cloud-delivered security offerings so they can evaluate the offerings and understand if they will meet their needs.”
“The aim of this research is to enable enterprises to make use of security services in new ways, or in ways that would not be cost effective if provisioned locally,” said Cameron Smith, co-chair of the working group. “We’d like to thank Bernd Jaeger, Marlin Pohlman and Jens Laundrup, as well as our numerous other contributors, for their hard work on this project, and we look forward to continuing to produce innovative, much-needed research in this area.”
The Security as a Services Categories of Service 2011 white paper covers the following categories of service:
- Identity and Access Management
- Data Loss Prevention
- Web Security
- Email Security
- Security Assessments
- Intrusion Management
- Security Information and Event Management
- Business Continuity and Disaster Recovery
- Network Security.
The complete report can be downloaded here.