Comparison of Cloud-Specific Applications Security
Frameworks and Standards

Many organizations are turning to cybersecurity frameworks to implement a baseline of their security roadmap. With the adoption of cloud computing and the migration of many applications to the cloud, it becomes important to review some of the most used frameworks, and how to apply them to enforce security principles.

Cloud-specific security frameworks and standards reviewed include:

  1. National Institute of Standards and Technology - NIST
    2. NIST
  2. Federal Risk and Authorization Management Program - FedRAMP
    3. FedRamp
  3. Cloud Security Alliance – CSA STAR
    4. csa
  4. OWASP 10 for the Cloud
    5. owasp

A use case scenario on how Amazon Web Services - AWS - leverages on these frameworks with their security pillar.

This study paper was conducted as part of the Special Topics in Cybersecurity Course Spring 2023, for the postgraduate program in Cyberbesecurity at the University of Maryland Baltimore County

Download the study (PDF - 671KB) calendar

We will do a quick review of the challenges of cloud environments before diving into frameworks. We will end up with a use case scenario on how AWS leverages on these frameworks for their clients.

Your contributions and comments are much welcome.

Linkedin Github