+PSS-11 Images for Virtual Machines and Containers
---+PSS-11.01B
---+PSS-11.01AC
---+PSS-11.02AC
---+PSS-11 Supplementary Information - Complementary Customer Criteria
|
1. Übersicht
PSS-11 Images for Virtual Machines and Containers
-
| Bezeichnung |
Standard |
|
PSS-11.01B
|
If cloud service customers operate virtual machines or containers with the cloud service, the cloud service provided is equipped with functionalities that ensure the following aspects:
1. Cloud service customers can restrict the selection of images of virtual machines or containers according to their specifications, so that users of the cloud service customer can only launch the images or containers released according to these restrictions;
2. If the cloud service provider provides images of virtual machines or containers to the cloud service customer, the cloud service provider appropriately informs the cloud service customer of the changes made to the previous version;
3. Images provided by the cloud service provider are labelled with information regarding their origin; and
4. Images provided by the cloud service provider are hardened according to generally accepted industry standards.
This criterion is typically not applicable to the SaaS service model.
Generally accepted industry standards are, for example, the Security Configuration Benchmark of the Centre for Internet Security (CIS) or the corresponding modules in the BSI IT-Grundschutz-Compendium.
|
|
PSS-11.01AC
|
The cloud service provider checks the integrity and authenticity of virtual machines or container images at startup and informs the cloud service customer accordingly about the results of those checks.
Typical measures for checking virtual machines or container images against integrity and authenticity include cryptographical signing.
|
|
PSS-11.02AC
|
During runtime, the cloud service provider protects the virtual machines or container images against tampering and informs the cloud service customer accordingly about the status during runtime.
|
|
PSS-11 Supplementary Information - Complementary Customer Criteria
|
Cloud service customers ensure with suitable controls that the images of virtual machines or containers they operate with the cloud service comply with their information security management requirements and that the results of the integrity checks at startup and at runtime are processed according to these requirements.
|
1.1 Referenzen
1.2 Identifizierte Anforderungen
1.2 Related Regulation
2. Identifizierte Anforderungen
Anforderungen
| Source |
Anforderung |
3. Related Regulations
Regulations
| Source |
Regulierung |
|