关键词: 云计算, 基线, 合规, 风险控制, 网络安全

Abstract: Cloud computing is a widely used computing model, which is characterized by wide access, easy expansion, rapid elasticity and scalability through the Internet. With the rapid development and application of cloud computing, a large number of information systems run on the cloud, a large number of data storage or run on the cloud, cloud computing security highlights the importance. In order to ensure the security of information system on the cloud, prevent the loss and leakage of cloud data, illegal access and other security incidents, based on risk control and compliance, using matrix management ideas, following the PDCA management process, the paper put forward the cloud computing responsibility matrix, assert matrix, risk matrix, compliance matrix, control matrix, and check matrix to improve the comprehensive management of cloud computing cyber security control.

Key words: cloud computing, baseline, compliance, risk control, cyber security