![]() ![]() Nuclear (for example, Unclassified Controlled Nuclear Information – Energy).Law enforcement (for example, criminal history records, accident investigations, and so on).Intelligence (for example, Foreign Intelligence Surveillance Act).Financial (for example, bank secrecy, budget, and so on).Export Control (for example, Export Administration Regulations (EAR) restrictions for items on the Commerce Control List, or International Traffic in Arms Regulations (ITAR) restrictions for items on the US Munitions List).Defense (for example, Naval Nuclear Propulsion Information, Unclassified Controlled Nuclear Information – Defense). ![]() Critical infrastructure (for example, Critical Energy Infrastructure Information).The CUI Registry provides specific categories of information that is under protection by the Executive branch, for example, more than 20 category groupings are included in the CUI category list, such as:.It issues DoD provisional authorizations (PAs) when appropriate, so DoD agencies and supporting organizations can use cloud services without having to go through a full approval process on their own, saving time and effort.Īccording to Section 3.1.3 () of the Cloud Computing SRG, IL5 information covers:Ĭontrolled unclassified information (CUI) that requires higher level of protection than that afforded by IL4 It also evaluates CSOs for compliance with the SRG - an authorization process whereby CSPs can furnish documentation outlining their compliance with DoD standards. It incorporates, supersedes, and rescinds the previously published DoD Cloud Security Model (CSM), and maps to the DoD Risk Management Framework (RMF).ĭISA guides DoD agencies and departments in planning and authorizing the use of a CSO. The Cloud Computing SRG defines the baseline security requirements used by DoD to assess the security posture of a cloud service offering (CSO), supporting the decision to grant a DoD provisional authorization (PA) that allows a cloud service provider (CSP) to host DoD missions. The Defense Information Systems Agency (DISA) is an agency of the US Department of Defense (DoD) that is responsible for developing and maintaining the DoD Cloud Computing Security Requirements Guide (SRG).
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |