Glenna/WeeklyMeet-2015-09-25
Agenda
Meeting 25th of September at 09:30-10:30CEST
Present: Dan, Uwe
Channels: Google Hangouts: https://plus.google.com/hangouts/_/g4g5nyl5glc66wqgbqk4yjvb4ua
Live minutes at: https://docs.google.com/document/d/1Bj6I7osw0P_I14GiNlesqBA2ARIRXMOytBxLPmAsFJY/edit
1. Review of last meeting
2. Action points - progress & issues
- AP: Daniel cloud security fact finding
- AP: Daniel consider Glenna architecture
- AP: Dan & Uwe image repositories
- AP: Dan investigate Pouta Blueprints inclusion into Glenna
- AP: Daniel: Cloud Controls Matrix v3.0.1 EGI
3. Todays topics - issues to discuss:
- Daniels findings:
1. ENISA (European Union Agency for Network and Information Security)- the agency has important resources in Cloud Computing Security for SME and Governmental organizations. https://www.enisa.europa.eu/activities/Resilience-and-CIIP/cloud-computing
2. CSA (Cloud Security Alliance) with detailed information on cloud security standards and research works https://cloudsecurityalliance.org/
3. Amazon WebServices (AWS): has detailed and important information on cloud security https://aws.amazon.com/security/
The AWS also lists its Compliance with different standards like
ISO9001, ISO27001 and EU Data
Protection Directives. This can give us a pointer on which
standards to focus on for compliance.
4. Datatilsynet Norway: it's an organization responsible for data privacy in Norway and has brief information on Cloud Service Security, but it is not well detailed. www.datatilsynet.no
- Image bakery: how could that be set up?
- include Chipster image
Daniel we could use: Cloud Controls Matrix v3.0.1 cloud controls or checks, we could identify the ones that would be relevant to Glenna
Daniel: Uniwise.dk company for digital examinations and use Kalmar for authentication Leif Nixon, EGI fedcloud: https://documents.egi.eu/public/RetrieveFile?docid=47&version=11&filename=EGI-MS405-SVG-47-V12.pdf EGI Fedcloud: https://documents.egi.eu/public/RetrieveFile?docid=86&version=7&filename=EGI-SPG-SecurityPolicy-V1_0.pdf 4. Any other business
5. Next meeting