The Cloud Trust Protocol (CTP) aims to provide a protocol to enable Cloud Users to query Cloud Providers in real time about the security level of their service. It aims to foster transparency and trust in the cloud supply chain, bringing greater visibility to cloud users and providing them with data on a continuous basis in order to inform their daily risk management decisions.
As a monitoring mechanism, CTP also ambitions to become the pillar of CSA’s future continuous-monitoring based certification, complementing the STAR third party certification and attestation in the Open Certification Framework.
Earlier this fall, Cloud Security Alliance launched the CTP Working Group. The goal of the Working Group is to leverage the initial idea of Ron Knode and turn CTP into close to market solution in the next 18 months, drawing both on recent research conducted by the CSA EMEA Research team and on the inputs of leading stakeholders in the cloud industry, including both providers and users.
The CTP Working Group’s mission is to refine, challenge and extend the existing CTP framework and API specification, establish standard monitored cloud security attributes, implement a pilot and assure the proper integration of CTP in the Open Certification Framework.
The CTP Working Group will be chaired by the following people:
- John DiMaria – British Standards Institute
- Tim Sandage – Amazon Web Services
- Sandeep Singh – Dell
Dr Alain Pennetrat, Senior Researcher at the CSA EMEA, will be the WG Technical Lead.
For more information, visit https://cloudsecurityalliance.org/research/ctp/. We’ll announce the official kick-off call within the next month.