Secure Cloud Compute Architecture SCCA

Origins

The Secure Cloud Compute Architecture (SCCA) is a derivative of the extensive Cloud Compute Security Requirements Guide (CC SRG), originally released in early 2017. CC SRG was designed for the Department of Defense (DoD) to:

  • Provide security requirements and guidance to DoD and commercial cloud service providers (CSPs) aspiring to be included in the DoD Cloud Service Catalog.
  • Formulate a basis for assessing the security posture of a DoD or non-DoD CSP’s Cloud Service Offering (CSO), assisting the decision-making process for granting a DoD provisional authorization (PA).
  • Establish a foundation for a DoD component’s authorizing official (AO) to assess the security posture of a DoD CSP’s CSO, supporting the decision to grant a DoD component’s authorization to operate (ATO) and a DoD PA.
  • Define requirements and architectures for using and implementing DoD or commercial cloud services.
  • Offer guidance to DoD mission owners, Security Control Assessors (SCA), AOs, and others in planning and authorizing the use of a CSO.
  • Support the DoD CIO’s initiatives to migrate DoD websites and applications into lower-cost IT services, typically including virtual servers and networks integral to most cloud services provided by both DoD and commercial CSPs.
Modern SOC & DevSecOps
Adaptive IT Infrastructure
Big Data Architecture
K8s Strategy & Security
Software Factory & DevOps

SCCA’s Role SCCA was developed to concentrate more on the technical execution outlined in CC SRG. As a customer-oriented reference guide used in the shared security model of cloud computing, it outlines the necessary security measures similar to those in traditional data centers. This is aimed at ensuring safe hosting and monitoring of applications and services in the cloud environment. SCCA incorporates four components:

  1. Virtual Data Center Management Services (VDMS): Ensures efficient management of data centers in the virtualized cloud environment.
  2. Virtual DataCenter Security Stack (VDSS): Establishes a strong and flexible security infrastructure for the cloud data center.
  3. Cloud Access Point (CAP): Provides secure and controlled access to the cloud.
  4. Trusted Cloud Credential Manager (TCCM): Facilitates trustworthy authentication and access control in the cloud.
Secure Cloud Compute Architecture

SCCA Guidance by J2R: Expertise for Secure Cloud Transitions

While there’s no single correct way to implement SCCA, effective integration, management, and scaling of these solutions are key. However, merely replicating traditional data center practices in the cloud can offset the benefits offered by cloud services, especially if app developers use modern methodologies for app deployment.

J2R Solutions’ engineers have deployed over 30 different SCCA solutions focusing on different aspects of the 4 components since 2017. We understand not only the policy forming technical requirements but also how to best execute them without hindering the efficiency the federal government aims to achieve with cloud.

In-Depth Experience

Balancing Compliance and Efficiency

Customized Approach

Long-Term Advocacy and Support

Whether you’re a federal customer starting your cloud journey or need expert guidance to best meet SCCA guidelines, J2R Solutions is here to serve as your SCCA technical advocate. For further information about SCCA and to discover how J2R can assist you, contact us

Interested in learning more about our
offerings & Solutions?

Contact us today and let’s explore how our expertise and solutions can serve your organization’s unique needs.
Together, we can unlock new possibilities for growth and innovation.

REQUEST A QUOTE