+SOV-3-02-SI

1. Overview

SOV-3-02-SI

The integration of external key management systems for IaaS and PaaS is widely implemented and commonly standardized. For SaaS solutions, external encryption key management systems are less common; therefore, cloud service providers should support external encryption key management capabilities for SaaS where technically feasible and appropriate to the service architecture. If this criterion is only fulfilled for some SaaS, the cloud service provider MUST provide a list of these services to the cloud services customer.

Summary	Standard

1.1 References

1.2 Identified Requirements

1.2 Related Regulation

2. Identified Requirements

Requirements
Source	Requirement

3. Related Regulations

Regulations
Source	Regulation

BSI C3A - Criteria enabling Cloud Computing Autonomy -
Copyright by Bundesamt für Sicherheit in der Informationstechnik

C3A - Criteria enabling Cloud Computing Autonomy

Published under Creative-Commons-License CC-BY-ND 4.0 International.