Beruflich Dokumente
Kultur Dokumente
What it includes ?
How we protect it?
CLOUD ENCOMPASSES..
Five essential characteristics Three cloud service models Four cloud deployment models
Consumers gets access to the infrastructure to deploy their stuff Doesnt manage or control the infrastructure Does manage or control the OS, storage, apps, selected network components
Sample Cloud
Cloud Security
Cloud Security is
A set of policies
technologies and controls which are designed to protect data and infrastructure from attacks A layered technologies that create a durable security net or Grid
Cloud Security is
cloud providers.
The influential parameters are:
Cloud Security is
Incident Response
Cloud apps arent always designed with data integrity, security in mind Provider keep app, firewall, IDS logs? Provider deliver snapshots of your virtual environment? Sensitive data must be encrypted for data breach regs
Cloud Security is
Application Security Different trust boundaries for IaaS, PaaS, Saas Provider web application security? Secure inter-host communication channel
Cloud Security is
Encryption and Key Management Encrypt data in transit, at rest, backup media Secure key store
NO proprietary standard
Cloud Security is
Virtualization What type of virtualization is used by the provider? What 3rd party security technology augments the virtual OS? Which controls protect admin interfaces exposed to users?
supported by IaaS SaaS: self contained operating environment: content, presentation, apps, mgt
Step3:
Step4:
Step5:
Step6: Step7:
service(s) Mitigate the security vulnerabilities Protect Data in motion, in process and at Rest Secure your platform Extend trust across Federated Clouds Choose the right Cloud Service Provider
Summary.
Security is not atomic issue Both Cloud provider and client responsible for
protection Decide on public or private cloud Public cloud implies loss of control
Contact:
srinivasmekhala@gmail.com 9885353797