10. 10
5 - Characteristics
Resource Pooling WHO-ever
Providers computing resources are pooled and dynamically assigned to serve multiple consumers
Rapid Elasticity WHAT-ever
Capabilities are rapidly and elastically provisioned, some automated, depending on requirements.
On-Demand Self Service WHEN-ever
Consumer direct, automated provisioning with no human interaction at provider
Broad Network Access WHERE-ever
Capabilities delivered over the network accessed through standard mechanisms
Measured Service
Cloud system automatically monitors, optimizes, controls and reports resource use transparently
11. 11
Wherein LIES the Control?
(On- Infrastructure Platform Software
Premises) as a Service as a Service as a
Service
You manage
Application Application Application Application
s s s s
Data Data Data Data
You manage
Runtime Runtime Runtime Runtime
You manage
Middleware Middleware Middleware Middleware
Other Manages
OS OS OS OS
Other Manages
Virtualization Virtualization Virtualization Virtualization
Other Manages
Servers Servers Servers Servers
Storage Storage Storage Storage
Networking Networking Networking Networking
14. 14
Top Threats – Lists/Publications
• (ISC)2 (GISWS 2011) – Top 7 • OWASP (pre-alpha 2011) – Top 10
• Unauthorized Disclosure • Accountability and Data Ownership
• Data Loss/Leakage • User Identity Federation
• Weak Access Controls • Regulatory Compliance
• Susceptibility to Cyber Attacks • Business Continuity and Resiliency
• Disruptions • User Privacy and Secondary use of
• Inability to support compliance audit Data
• Inability to support forensic • Service and Data Integration
investigations • Multi-tenancy and Physical security
• CSA v1.0 (2010) – 7 deadly sins • Incidence analysis and Forensic
• Abuse and nefarious use of cloud Support
computing • Infrastructure Security
• Insecure APIs • Non-production Environment
• Malicious Insider
Exposure
• Shared Technology Vulnerabilities
• Data Loss/Leakage
• Account/Service & Traffic Hijacking
• Unknown Risk Profile