Cloud　computing　is　witnessing　a　fast　development　and　widespread　adoption　from　small　to　large　organizations　due　to　its　cost-effective　and　resource-efficient　services.　Nevertheless,　security　risks　remain　major　concerns.　One　of　the　main　challenges　is　how　to　evaluate　the　security　level　of　cloud　services.　Among　the　problems　arising　are　the　large　variety　of　knowledge　associated　with　the　security　domain　and　the　heterogeneity　of　cloud　services　descriptions.　An　effective　solution　to　such　problems　is　ontologies.　Ontologies　provide　a　more　structured　and　formal　representation　of　a　particular　domain,　which　will　help　to　reduce　the　conceptual　ambiguity　and　enable　automatic　reasoning　functionalities.　In　this　paper,　we　propose　an　ontology　for　cloud　services　security　evaluation　based　on　industry　standards　and　best　practices.　Some　of　the　core　concepts　included　in　the　ontology　are　the　target,　criteria,　yardstick,　data　gathering　techniques　and　data　synthesis　approaches.　The　concepts　are　grouped　into　five　general　categories,　namely:　context,　assumptions,　external　factors,　activities,　and　outcomes.　The　ontology　is　implemented　using　Protégé　tool　and　validated　through　different　uses　case　scenarios.　©　2019　IEEE.