Term Description
Creating a team - checklist

Creating a team- team checklist

See the image:

The data life cycle

- Create
- Store
- Use
- Share
- Archive
- Destroy


An organizational normative framework (ONF) is a framework of so-called containers of application security best practices catalogued and leveraged by the organization and contains at least one or more sub-components known as application normative frameworks (ANFs).

NIST SP 800-14

NIST 800-14 provides a baseline that organizations can use to establish and review their IT security programs. 

Object Storage

In object storage, files or objects are stored with additional metadata (content type, redundancy required, creation date, and so on). They are not limited to space on a particular volume, and they are accessible via APIs and web interfaces

Data dispersion

Cloud data storage process that uses parity bits and encrypted chunks of data.

CSA STAR program

The Cloud Security Alliance (CSA) STAR is the industry’s most powerful program for security assurance in the cloud. STAR encompasses key principles of transparency, rigorous auditing, and harmonization of standards. The STAR program provides multiple benefits, including indications of best practices and validation of security posture of cloud offerings.

Level 1: Self-assessment
Level 2: External third-party attestation
Level 3: Continuous-monitoring program


All or Nothing Transform with Reed-Solomon (AONT-RS) integrates AONT and erasure coding by first encrypting and transforming the information and encryption key into blocks in a way that makes information unrecoverable without using all the blocks. 

It then uses an informational dispersal algorithm (IDA) to split the blocks into shares distributed to different cloud storage services (the same as in SSMS).

Cloud Security Alliance Cloud Controls Matrix

A security controls framework that provides mapping/cross relationships with the main industry-accepted security standards, regulations, and controls frameworks such as the ISO 27001/27002, ISACA’s COBIT, and PCI-DSS

The CSA CCM (Cloud Controls Matrix) provides fundamental security principles that guide cloud vendors and assist prospective cloud customers in assessing the overall security risk of a cloud provider.


Cloud application management platforms (CAMPs) are a set of specifications designed to ease management of applications, including packaging and deployment across public and private cloud platforms.