Bundesamt für Sicherheit in der Informationstechnik

C3A - Criteria enabling Cloud Computing Autonomy

Published under Creative-Commons-License CC-BY-ND 4.0 International.

" />
+BSI C3A - Criteria enabling Cloud Computing Autonomy
---+1 Introduction
------+1.1 Cloud Computing and digital sovereignty
------+1.2 EU Cloud Sovereignty Framework and BSI C5:2026 as the C3A foundation
------+1.3 Structure
------+1.4 Terms of Use
------+1.5 Definitions
---+2 Criteria, Additional Criteria and Supplementary Information
------+SOV-1 Strategic Sovereignty
---------+SOV-1-01 Jurisdiction
------------+SOV-1-01-C1
------------+SOV-1-01-C2
------------+SOV-1-01-SI
---------+SOV-1-02 Registered Office
------------+SOV-1-02-C1
------------+SOV-1-02-C2
------------+SOV-1-02-SI
---------+SOV-1-03 CSP Effective Control
------------+SOV-1-03-C1
------------+SOV-1-03-C2
------------+SOV-1-03-SI
---------+SOV-1-04 CSP Control Change
------------+SOV-1-04-C
------+SOV-2 Legal & Jurisdictional Sovereignty
---------+SOV-2-01 Extraterritorial Exposure
------------+SOV-2-01-C
---------+SOV-2-02 Audit Rights
------------+SOV-2-02-C1
------------+SOV-2-02-C2
------------+SOV-2-02-SI
---------+SOV-2-03 State of Defense Takeover
------------+SOV-2-03-C1
------------+SOV-2-03-C2
------------+SOV-2-03-SI
------+SOV-3 Data Sovereignty
---------+SOV-3-01 Data Residence
------------+SOV-3-01-C1
------------+SOV-3-01-C2
------------+SOV-3-01-C3
------------+SOV-3-01-C4
------------+SOV-3-01-C5
------------+SOV-3-01-SI
---------+SOV-3-02 External Key Management
------------+SOV-3-02-C
------------+SOV-3-02-AC
------------+SOV-3-02-SI
---------+SOV-3-03 External Identity Provider
------------+SOV-3-03-C
------------+SOV-3-03-AC1
------------+SOV-3-03-AC2
------------+SOV-3-03-AC3
---------+SOV-3-04 Logging and Monitoring
------------+SOV-3-04-C
------------+SOV-3-04-AC1
------------+SOV-3-04-AC2
---------+SOV-3-05 Client-Side Encryption
------------+SOV-3-05-C
------------+SOV-3-05-SI
------+SOV-4 Operational Sovereignty
---------+SOV-4-01 Operating Personnel
------------+SOV-4-01-C1
------------+SOV-4-01-C2
------------+SOV-4-01-C3
---------+SOV-4-02 Remote Work
------------+SOV-4-02-C1
------------+SOV-4-02-C2
---------+SOV-4-03 Redundant connectivity providers
------------+SOV-4-03-C
------------+SOV-4-03-AC
---------+SOV-4-04 SOC
------------+SOV-4-04-C1
------------+SOV-4-04-C2
---------+SOV-4-05 Ingress Data Control
------------+SOV-4-05-C
------------+SOV-4-05-AC1
------------+SOV-4-05-AC2
------------+SOV-4-05-SI
---------+SOV-4-06 Update threat analysis
------------+SOV-4-06-C
---------+SOV-4-07 Data exchange monitoring
------------+SOV-4-07-C
------------+SOV-4-07-SI
---------+SOV-4-08 Data exchange gateways
------------+SOV-4-08-C
------------+SOV-4-08-AC
------------+SOV-4-08-SI
---------+SOV-4-09 Disconnect
------------+SOV-4-09-C
------------+SOV-4-09-AC
------------+SOV-4-09-SI
---------+SOV-4-10 Reconnect
------------+SOV-4-10-C
------+SOV-5 Supply Chain Sovereignty
---------+SOV-5-01 Software Dependencies
------------+SOV-5-01-C
------------+SOV-5-01-AC
------------+SOV-5-01-SI
---------+SOV-5-02 Hardware Dependencies
------------+SOV-5-02-C
------------+SOV-5-02-AC
------------+SOV-5-02-SI
---------+SOV-5-03 External Service Dependencies
------------+SOV-5-03-C
------------+SOV-5-03-AC
------------+SOV-5-03-SI
---------+SOV-5-04 Export Restriction
------------+SOV-5-04-C
---------+SOV-5-05 Capacity Management
------------+SOV-5-05-C1
------------+SOV-5-05-C2
------+SOV-6 Technology Sovereignty
---------+SOV-6-01 Source Code Availability
------------+SOV-6-01-C
---------+SOV-6-02 Continuous Service Delivery
------------+SOV-6-02-C
------------+SOV-6-02-AC
---------+SOV-6-03 Software Development
------------+SOV-6-03-C

1. Übersicht

BSI C3A - Criteria enabling Cloud Computing Autonomy

Bundesamt für Sicherheit in der Informationstechnik

C3A - Criteria enabling Cloud Computing Autonomy

Published under Creative-Commons-License CC-BY-ND 4.0 International.

1 Introduction 1 Introduction
2 Criteria, Additional Criteria and Supplementary Information 2 Criteria, Additional Criteria and Supplementary Information

1.1 Referenzen

1.2 Identifizierte Anforderungen

1.2 Related Regulation

2. Identifizierte Anforderungen

Anforderungen

3. Related Regulations

Regulations

Linked Issues

Issuelinks
is related to English
Impressum Deutsch Englisch