Glossary beginning with C

A process and record that shows who obtained the evidence; where and when the evidence was obtained; who secured the evidence; and who had control or possession of the evidence. The "sequencing" of the chain of evidence follows this order: collection and identification; analysis; storage; preservation; presentation in court; return to owner.

An entity that can conduct independent assessment of cloud services, information system operations, performance and security of the cloud implementation, with regards to a set of requirements, which may include security, data protection, information system management, regulations and ethics.

An entity that manages the use, performance and delivery of cloud services, and negotiates relationships between Cloud Providers and Cloud Customers.

An intermediary that provides connectivity and transport of cloud services from Cloud Providers to Cloud Consumers.

Cloud computing is a model for enabling ubiquitous, convenient, on-demand network access to a shared pool of configurable computing resources (e.g., networks, servers, storage, applications, and services) that can be rapidly provisioned and released with minimal management effort or service provider interaction.

see Cloud Customer

An entity that (a) maintains a business relationship with, and (b) uses services from a Cloud Provider. When necessary we may further distinguish: a) Individual Cloud Customer, when the entity refers to a person. b) Organisation Cloud Customer, when the entity refers to an organisation.

The process of transporting cloud data between Cloud Providers and Cloud Consumers.

A cloud computing business ecosystem (cloud ecosystem) is a business ecosystem of interacting organizations and individuals - the actors of the cloud ecosystem - providing and consuming cloud services.

Cloud governance encompasses two main areas: internal governance focuses on a provider's technical working of cloud services, its business operations, and the ways it manages its relationship with customers and other external stakeholders; and external governance consists of the norms, rules, and regulations which define the relationships between members of the cloud community and attempt to solve disputes between them.

An entitity responsible for making a [cloud] service available to cloud customers.

Cloud Service Management includes all of the service-related functions that are necessary for the management and operation of those services required by or proposed to cloud consumers.

see Cloud Provider

An entity whose data are processed by a cloud provider, either directly or indirectly. When necessary we may further distinguish: a) Individual Cloud Subject, when the entity refers to a person. b) Organisation Cloud Subject, when the entity refers to an organisation.

An entity that oversees and enforces the application of a set of rules.

see Cloud Customer

The cloud infrastructure is provisioned for exclusive use by a specific community of consumers from organizations that have shared concerns (e.g., mission, security requirements, policy, and compliance considerations).

Compliance entails the comparison of an organisation?s actual behaviour with the norms.

Class of information that is sensitive and/or business critical and therefore needs to be protected to a reasonable extent. It is intended for limited distribution within the organization or to specially designated third parties, on a need-to-know ('default deny') basis.

Preserving authorized restrictions on information access and disclosure, including means for protecting personal privacy and proprietary information.

Means of managing risk, including policies, procedures, guidelines, practices or organizational structures, which can be administrative, technical, management, or legal in nature.