Jump to Navigation


Glossary beginning with C

Click one of the letters above to go to the page of all terms beginning with that letter.
Chain of Evidence

A process and record that shows who obtained the evidence; where and when the evidence was obtained; who secured the evidence; and who had control or possession of the evidence. The "sequencing" of the chain of evidence follows this order: collection and identification; analysis; storage; preservation; presentation in court; return to owner.

Cloud Auditor

An entity that can conduct independent assessment of cloud services, information system operations, performance and security of the cloud implementation, with regards to a set of requirements, which may include security, data protection, information system management, regulations and ethics.

Cloud Broker

An entity that manages the use, performance and delivery of cloud services, and negotiates relationships between Cloud Providers and Cloud Customers.

Cloud Carrier

An intermediary that provides connectivity and transport of cloud services from Cloud Providers to Cloud Consumers.

Cloud Computing

Cloud computing is a model for enabling ubiquitous, convenient, on-demand network access to a shared pool of configurable computing resources (e.g., networks, servers, storage, applications, and services) that can be rapidly provisioned and released with minimal management effort or service provider interaction.

Cloud Consumer

see Cloud Customer

Cloud Customer

An entity that (a) maintains a business relationship with, and (b) uses services from a Cloud Provider. When necessary we may further distinguish: a) Individual Cloud Customer, when the entity refers to a person. b) Organisation Cloud Customer, when the entity refers to an organisation.

Cloud Distribution

The process of transporting cloud data between Cloud Providers and Cloud Consumers.

Cloud Ecosystem

A cloud computing business ecosystem (cloud ecosystem) is a business ecosystem of interacting organizations and individuals - the actors of the cloud ecosystem - providing and consuming cloud services.

Cloud Governance

Cloud governance encompasses two main areas: internal governance focuses on a provider's technical working of cloud services, its business operations, and the ways it manages its relationship with customers and other external stakeholders; and external governance consists of the norms, rules, and regulations which define the relationships between members of the cloud community and attempt to solve disputes between them.

Cloud Provider (CP)

An entitity responsible for making a [cloud] service available to cloud customers.

Cloud Service Management

Cloud Service Management includes all of the service-related functions that are necessary for the management and operation of those services required by or proposed to cloud consumers.

Cloud Service Provider (CSP)

see Cloud Provider

Cloud Subject

An entity whose data are processed by a cloud provider, either directly or indirectly. When necessary we may further distinguish: a) Individual Cloud Subject, when the entity refers to a person. b) Organisation Cloud Subject, when the entity refers to an organisation.

Cloud Supervisory Authority

An entity that oversees and enforces the application of a set of rules.

Cloud User

see Cloud Customer

Community Cloud

The cloud infrastructure is provisioned for exclusive use by a specific community of consumers from organizations that have shared concerns (e.g., mission, security requirements, policy, and compliance considerations).


Compliance entails the comparison of an organisation?s actual behaviour with the norms.


Class of information that is sensitive and/or business critical and therefore needs to be protected to a reasonable extent. It is intended for limited distribution within the organization or to specially designated third parties, on a need-to-know ('default deny') basis.


Preserving authorized restrictions on information access and disclosure, including means for protecting personal privacy and proprietary information.


Means of managing risk, including policies, procedures, guidelines, practices or organizational structures, which can be administrative, technical, management, or legal in nature.