Certifying SaaS in the MTCS Framework

Abstract

Security has always been highlighted as a key impediment to cloud adoption in many cloud conferences and surveys. However, tolerance to security risks varies from user to user. This leads to the development of the multi-tiered cloud security (MTCS) standards to meet different security needs of cloud users. Building on the tiered structure of MTCS, a unique framework of layered approach to certification of cloud services, in particular, certifying Software-as-a-Service hosted on MTCS-certified infrastructure service providers is described in details in this paper to shed lights on the implementation considerations.