A Framework and Improvements of the Korea Cloud Services Certification System
Table 12
Evaluation items of network and data center—security.
Evaluation criteria
Evaluation item
Network and data center—security (7 items)
(1) Whether or not physical security measures are established and carried out to protect cloud service user
(2) Whether the access control to the possessed computer system is carried out or not
(3) Whether or not activities (firewall, IDS, etc.) are carried out to prevent security incident of cloud service
(4) Whether cloud service’s vulnerabilities (virus, etc.) are periodically checked or not
(5) Whether or not the data encryption is supported to protect the transmitted information between servers and clients
(6) Whether or not the security items for network, mail, web, and server security (network, mail, web, server, and terminal and operation management) are periodically checked for cloud service security
(7) Whether or not the provider carries out periodic activities for the operation management such as periodic reporting, server room’s security operation management procedure, other management and operation method regulation, updating procedure, and so forth, for cloud service security
