The Open Group Library

Security Principles for Cloud and SOA

Security Principles for Cloud and SOA

Reference: W119


Availability: Available to download

This White Paper is part of a series on Security in Cloud and SOA computing which provides guidelines for Enterprise Architects who develop risk-based approaches to securing Cloud and SOA computing.


This White Paper presents a set of Security Principles for Cloud and SOA environments. Many of these security principles are widely applicable as guidance to architecting secure systems in all environments. Some do have specific relevance to securing Cloud and SOA environments, so we show these in their own section. We use 'principles' to guide us in making decisions that are sound. Principles are a valuable validation tool – enabling us to check that we are making sound decisions and have not forgotten anything that is material to achieving our design goals. They are especially valuable when there are many aspects/views to a complex design, because they remind us of issues which we find hard to bring to mind when we're deeply involved in such design complexity. Principles are for guidance, not mandatory. If we find special reasons why we should compromise or even ignore a principle, then we may feel confident that we took that principle into account and made a reasoned decision why not to apply it in any given case.
Additional Information

Additional Information

Reference W119
Published 8 Dec 2011
Pages 21
Type White Papers
Subject SOA