MEDINA: Security framework to achieve a continous audit-based certification in compliance with the EU-wide cloud security certification scheme

Part of EU Open Research Repository
Published October 18, 2021 | Version 1.0
Working paper Open

First Impressions on Experimenting with Automated Monitoring Requirements of the Upcoming EU Cybersecurity Certification Scheme for Cloud Services (Whitepaper)

Authors/Creators

  • 1. Robert Bosch GmbH
  • 2. Nixu

Description

This whitepaper reports on lessons learned related to the experimentation performed by the MEDINA team on the topic of continuous (automated) monitoring, just as required by the High Assurance baseline of the draft version of the European Cybersecurity Certification Scheme for Cloud Service (EUCS). Besides the reported process and obtained results, we also provide a set of recommendations to relevant stakeholders (in particular Cloud Service Providers and Auditors) with the goal of supporting the uptake of EUCS for High Assurance.

Files

202109_Whitepaper_ENISA PoC_MEDINA.pdf

Files (911.5 kB)

Name Size Download all
md5:06e4b1c08195626fcb4d5903d94fca37
911.5 kB Preview Download

Additional details

Funding

European Commission
MEDINA - Security framework to achieve a continuous audit-based certificationn in compliance with the EU-wide cloud security certification scheme 952633