CCSK(Certificate of cloud security Knowledge)

Benchmark of Cloud Security

1) CISK/CISM/CCSK
What is Cloud Computing?
Models for better understanding of cloud computing?
Fully application and implementation resources
National Institute of Standard and Technology
Central Characteristics:
1) Resource Pooling: Pool of COmputing, Storage, Network(IP etc)
Broad Network
Measured
On-demand
Elasticit
2) Service Model: SaaS- COnsuming Application
PaaS- Database/Program/Run
IaaS/ Below Paas
3) Public, Private, Hybrid and Commutiny
Someone using this for their development.
Here is my IP- Pull the resources
Virtu is a technology that powers cc
elastician.com
--> Steps to perform the security:
Protect Access Keys (Protect my account with access keys) - protecting the Data
Centers
Start with a restrictive firewall- Completing restricting all unsecure certificc
ates
Protect Host Keys- Servers with in the environment/ More complex applications sh
ould be break down/ Monitoring/ firewallin and every thing on the host
only Use Encryted communication
Architect multiple Vms based apps with zones
Secure the host- Monitoring/Intrusion/Protection on the host
- DOP Monitoring/Web firewall/management keys/ no one can break data centers by
just accessing desktop.
Glial
Amorphous
Spaghetti
Services:
Authentication:
Authorization:
Accountability:
Auditing:
Principles:
Sepration of Duties
Robust
Auditing and Accounatbility
Open Design
Using Existing Component
1) Mash Up and its type
2) Web 2.0- Example Rest/SOP/SOA
3) CRM/ERP
Cloud Computing Requirement:
1) Rapid Scalability and elasticity
2) Allocation on demand
3) Secure Multi Tenacy
4) Billed License Per use
5) Primary access by rest and sop
6) Location and Geographic Awareness
7) Accesible by internet
Cloud Adoption and Rudiments: