Click on the interactive map below or utilise the filtering interface on the side to browse the items that are currently in our Standards Watch*.
The Standards Watch of StandICT.eu monitors the status of ICT standards at international level, starting from the five priority areas of the Digital Single Market: 5G communications,cloud computing,cybersecurity,data technology, and IoT – Internet of Things.
In particular, special attention is given to the rapidly evolving ICT topics of: Artificial Intelligence, Big Data, IoT.
Gradually, the Standards Watch will be expanded to other ICT domains and topics, with the aim of better identifying gaps, needs & opportunities and consequently stimulating European Experts to pursue the openings granted by the StandICT.eu initiative.
The shift from traditional client/server to service-based models is transforming the way technology departments think about, designing, and delivering computing technology and applications.
Cloud Security Alliance’s Security Guidance for Critical Areas of Focus in Cloud Computing seeks to establish a stable, secure baseline for cloud operations. This effort provides a practical, actionable roadmap to managers wanting to adopt the cloud paradigm safely and securely. Domains are reviewed to emphasize security, stability, and privacy in a multi-tenant environment. The CSA’s Security Guidance for Critical Areas of Focus in Cloud Computing builds on previous iterations through dedicated research, public participation from CSA members, working groups, and industry experts.
The purpose of this research will be to identify consensus definitions of what Security as a Service means, to categorize the different types of Security as a Service and to provide guidance to organizations on reasonable implementation practices.
The CSA Quantum Safe Security Working Group's goal is to address key generation and transmission methods that will aid the industry in understanding quantum-safe methods for protecting their data through quantum key distribution (QKD) -- a physics‐based technology to securely deliver keys-- and post-quantum cryptography (PQC) -- mathematical algorithms that are resistant to quantum computing. The goal of the working group is to support the quantum‐safe cryptography community in development and deployment of a framework to protect data whether in movement or at rest.
Businesses are now requiring a stronger collaboration between the development, security and operational functions. This addition of security creates DevSecOps. In the past, the security needs were either skipped or only addressed after the deployment of applications, or worse after security vulnerabilities were exploited. Such an approach increased risks to the deployment and contributed towards a more hostile relationship between security and the development and operations teams.
‘Vanilla’ cloud environments were typically not made to handle harsh environments like that of High Performance Computing (HPC) Cloud Security. Technical concerns for HPC are further complicated by the complex and ever-evolving threat landscape. As we increasingly see cases of pure HPC bare metal infrastructure interacting with the cloud such as I/O interfaces and processes, it brings along more ‘opportunities’ for malicious attacks.
As businesses are developing rapidly, and IT infrastructures are constantly diversified, a single public / private cloud or a traditional on-premises datacenter is no longer able to meet service requirements in terms of costs, performance, scalability, security, and compatibility. Users are increasingly choosing hybrid clouds to meet their needs.
The Mobile Application Security Testing (MAST) initiative aims to create a safer cloud ecosystem for mobile applications by creating systematic approaches to application testing and vetting that helps integrate and introduce quality control and compliance to mobile application development and management. This initiative hopes that more research into mobile application security vetting and testing will help reduce the risk and security threats that organizations and individuals expose themselves to using mobile applications.
Collaboration and coordination among all stakeholders are critical to secure the cloud platform. The current gap is that there is no defined guideline dividing the security roles and responsibilities between the Cloud Service Providers (CSPs) and Cloud customers; on how to secure Cloud services in different Cloud deployment models. This is especially the case for those who have little cloud security knowledge.
With today’s fast-evolving threat landscape, a holistic cloud incident response framework that considers an expansive scope of factors for cloud outages is necessary. The working group aims to develop a holistic Cloud Incident Response (CIR) framework that comprehensively covers key causes of cloud incidents (both security and non-security related), and their handling and mitigation strategies.