|
SS584
SS 584 (also known as Multi-Tier Cloud Security (''MTCS'')) is an information security standard, published by Singapore Standard (regulatory policy), Singapore Standards. The standard was last revised in 2020. SS 584 specifies a Management system for Cloud Security, to three levels. Organizations that meet the requirements may be certified by an accredited certification body following successful completion of an audit. Rationale Although most Cloud Service Providers are certified to ISO 27000, the ISO standard does not focus on the unique risks arising from provisioning via the Cloud. Smaller customers also have difficulty assessing if a CSP's ISMS is sufficient for their needs, as ISO 27001 is risk-based, and may vary significantly between implementations. This may be a barrier to adoption by Small and medium-sized enterprises, SMEs, who would like a simpler way to decide if a CSP meets their needs. To encourage adoption of Cloud Services, the then Info-communications Media Deve ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Singapore Standard (regulatory Policy)
Singapore Standard (SS) specifies the standardization, standards used for industrial activities in Singapore. The standardization process is coordinated by Singapore Standards Council, administered by Enterprise Singapore, a Governmental body. History The Singapore Standards Council was initially administered by SPRING Singapore. This role was superseded by Enterprise Singapore in 2018 after the merger of SPRING Singapore with International Enterprise Singapore. Development As the national standards body, Enterprise Singapore administers the Singapore Standardisation Programme through an industry-led Singapore Standards Council. The Council approves the establishment, review and withdrawal of Singapore Standards and Technical References. It also advises Enterprise Singapore on the policies, strategies, initiatives and procedures for standards development and promotion. Standards are developed primarily through: * Adoption of international standards (e.g., ISO 9001 reissued as ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Information Security
Information security, sometimes shortened to InfoSec, is the practice of protecting information by mitigating information risks. It is part of information risk management. It typically involves preventing or reducing the probability of unauthorized/inappropriate access to data, or the unlawful use, disclosure, disruption, deletion, corruption, modification, inspection, recording, or devaluation of information. It also involves actions intended to reduce the adverse impacts of such incidents. Protected information may take any form, e.g. electronic or physical, tangible (e.g. paperwork) or intangible (e.g. knowledge). Information security's primary focus is the balanced protection of the confidentiality, integrity, and availability of data (also known as the CIA triad) while maintaining a focus on efficient policy implementation, all without hampering organization productivity. This is largely achieved through a structured risk management process that involves: * identifying inform ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
South Korea
South Korea, officially the Republic of Korea (ROK), is a country in East Asia, constituting the southern part of the Korea, Korean Peninsula and sharing a Korean Demilitarized Zone, land border with North Korea. Its western border is formed by the Yellow Sea, while its eastern border is defined by the Sea of Japan. South Korea claims to be the sole legitimate government of the entire peninsula and List of islands of South Korea, adjacent islands. It has a Demographics of South Korea, population of 51.75 million, of which roughly half live in the Seoul Capital Area, the List of metropolitan areas by population, fourth most populous metropolitan area in the world. Other major cities include Incheon, Busan, and Daegu. The Korean Peninsula was inhabited as early as the Lower Paleolithic period. Its Gojoseon, first kingdom was noted in Chinese records in the early 7th century BCE. Following the unification of the Three Kingdoms of Korea into Unified Silla, Silla and Balhae in the ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
International Standard
international standard is a technical standard developed by one or more international standards organizations. International standards are available for consideration and use worldwide. The most prominent such organization is the International Organization for Standardization (ISO). Other prominent international standards organizations including the International Telecommunication Union (ITU) and the International Electrotechnical Commission (IEC). Together, these three organizations have formed the World Standards Cooperation alliance. Purpose International standards may be used either by direct application or by a process of modifying an international standard to suit local conditions. Adopting international standards results in creating national standards that are equivalent, or substantially the same as international standards in technical content, but may have (i) editorial differences as to appearance, use of symbols and measurement units, substitution of a point for a com ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Amazon Web Services
Amazon Web Services, Inc. (AWS) is a subsidiary of Amazon.com, Amazon that provides Software as a service, on-demand cloud computing computing platform, platforms and Application programming interface, APIs to individuals, companies, and governments, on a metered pay-as-you-go basis. These cloud computing web services provide distributed computing processing capacity and software tools via AWS server farms. One of these services is Amazon Elastic Compute Cloud (EC2), which allows users to have at their disposal a Virtualization, virtual Computer cluster, cluster of computers, available all the time, through the Internet. AWS's virtual computers emulate most of the attributes of a real computer, including hardware central processing units (CPUs) and graphics processing units (GPUs) for processing; local/Random-access memory, RAM memory; hard-disk/Solid-state drive, SSD storage; a choice of operating systems; networking; and pre-loaded application software such as web servers, dat ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
IBM Cloud Computing
IBM cloud computing is a set of cloud computing services for business offered by the information technology company IBM. IBM Cloud includes infrastructure as a service (IaaS), software as a service (SaaS) and platform as a service (PaaS) offered through public, private and hybrid cloud delivery models, in addition to the components that make up those clouds. Overview IBM offers three hardware platforms for cloud computing. These platforms offer built-in support for virtualization. IBM also offers a virtualization application infrastructure, Websphere, which supports programming models and open standards for virtualization. The management layer of the IBM cloud framework includes IBM Tivoli middleware. Management tools provide capabilities to regulate images with automated provisioning and de-provisioning, monitor operations and meter usage while tracking costs and allocating billing. The last layer of the framework provides integrated workload tools. Workloads (in the co ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
ISO/IEC 27001
ISO/IEC 27001 is an international standard to manage information security. The standard was originally published jointly by the International Organization for Standardization (ISO) and the International Electrotechnical Commission (IEC) in 2005, revised in 2013, and again most recently in 2022. There are also numerous recognized national variants of the standard. It details requirements for establishing, implementing, maintaining and continually improving an information security management system (ISMS) – the aim of which is to help organizations make the information assets they hold more secure. Organizations that meet the standard's requirements can choose to be certified by an accredited certification body following successful completion of an audit. The effectiveness of the ISO/IEC 27001 certification process and the overall standard has been addressed in a large-scale study conducted in 2020. How the standard works Most organizations have a number of information security c ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Software As A Service
Software as a service (SaaS ) is a software licensing and delivery model in which software is licensed on a subscription basis and is centrally hosted. SaaS is also known as "on-demand software" and Web-based/Web-hosted software. SaaS is considered to be part of cloud computing, along with infrastructure as a service (IaaS), platform as a service (PaaS), desktop as a service (DaaS), managed software as a service (MSaaS), mobile backend as a service (MBaaS), data center as a service (DCaaS), integration platform as a service (iPaaS), and information technology management as a service (ITMaaS). SaaS apps are typically accessed by users of a web browser (a thin client). SaaS became a common delivery model for many business applications, including office software, messaging software, payroll processing software, DBMS software, management software, CAD software, development software, gamification, virtualization, accounting, collaboration, customer relationship management (CR ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Platform As A Service
Platform as a service (PaaS) or application platform as a service (aPaaS) or platform-based service is a category of cloud computing services that allows customers to provision, instantiate, run, and manage a modular bundle comprising a computing platform and one or more applications, without the complexity of building and maintaining the infrastructure typically associated with developing and launching the application(s); and to allow developers to create, develop, and package such software bundles. Development and uses PaaS can be delivered in three ways: * As a public cloud service from a provider, where the consumer controls software deployment with minimal configuration options, and the provider provides the networks, servers, storage, operating system (OS), middleware (e.g. Java runtime, .NET runtime, integration, etc.), database and other services to host the consumer's application. * As a private service (software or appliance) behind a firewall. * As software deploy ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Infrastructure As A Service
The first major provider of infrastructure as a service (IaaS) was Amazon in 2008. IaaS is a cloud computing service model by means of which computing resources are supplied by a cloud services provider. The IaaS vendor provides the storage, network, servers and virtualization (which mostly refers, in this case, to emulating computer hardware). This service enable users to free themselves from maintaining an on-premise data center. The IaaS provider is hosting these resources in either a public cloud (meaning users share the same hardware, storage, and network devices with other users), private cloud (meaning users does not share these resources), or hybrid cloud (combination of both). It provides the customer with high-level APIs used to dereference various low-level details of underlying network infrastructure like backup, data partitioning, scaling, security, physical computing resources, etc. A hypervisor, such as Xen, Oracle VirtualBox, Oracle VM, KVM, VMware ESX/ESXi, or ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Enterprise Singapore
Enterprise Singapore (ESG) is a statutory board under the Ministry of Trade and Industry of the Government of Singapore. It was formed on 1 April 2018 to support Singapore small and medium enterprise (SMEs) development, upgrade capabilities, innovate, transform, and internationalise. It also supports the growth of Singapore as a trading and startup hub, and continues to be the national standards and accreditation body. History Enterprise Singapore was formed through the merger of International Enterprise Singapore (IE) and SPRING Singapore. It is an integration of IE Singapore and SPRING Singapore’s functions. SPRING Singapore was responsible for helping startups and SMEs in financing, capability and management development, technology and innovation. It was the national body for standards and accreditation, responsible for helping companies achieve international standards and conformity requirements. International Enterprise Singapore promoted international trade and helped ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Accreditation
Accreditation is the independent, third-party evaluation of a conformity assessment body (such as certification body, inspection body or laboratory) against recognised standards, conveying formal demonstration of its impartiality and competence to carry out specific conformity assessment tasks (such as certification, inspection and testing). Accreditation bodies are established in many economies with the primary purpose of ensuring that conformity assessment bodies are subject to oversight by an authoritative body. Accreditation bodies, that have been peer evaluated as competent, sign regional and international arrangements to demonstrate their competence. These accreditation bodies then assess and accredit conformity assessment bodies to the relevant standards. An authoritative body that performs accreditation is called an 'accreditation body'. The International Accreditation Forum (IAF) and International Laboratory Accreditation Cooperation (ILAC) provide international recognitio ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
