Browse by Tags

Tagged Content List
  • Wiki Page: Private Cloud Security Challenges - On Demand Self Service

    Table of Contents Security Functionality Infrastructure Security Platform Security Software Security Management Security Legal Issues As a designer of a private cloud solution, how do I design access control for the services hosted in the cloud? Who can request services and how much can they request...
  • Wiki Page: Private Cloud Security Operations Challenges

    The previous section outlined the cloud security operational principles that should apply to all operational activities. This section examines the key attributes that characterize cloud architectures: resource pooling, broad network access, on-demand self-service, rapid elasticity, and measured services...
  • Wiki Page: Private Cloud Security Model - Legal and Compliance Issues

    Table of Contents Governance Compliance Integrated Governance, Risk Management, and Compliance Data Protection and Personally Identifiable Information Legal Agreements One area where IT decision-makers have considerable concerns with private and hybrid cloud implementations are the areas of...
  • Wiki Page: Design Guide for A Solution for Private Cloud Security

    The Service Design paper discusses private cloud security from the design perspective, offers guidance for creating a security design for a private cloud, and discusses some of the design decisions you will have to make. In some areas, this paper discusses specific products in relation to the security...
  • Wiki Page: A Solution for Private Cloud Security

    Welcome to the "A Solution for Private Cloud Security" series of three papers on private cloud security. With increasing numbers of organizations looking to create cloud-based environments or to implement cloud technologies within their existing data centers, business and technology decision...
  • Wiki Page: Blueprint for A Solution for Private Cloud Security

    Welcome to this first paper in the Solution for Private Cloud Security series. This paper discusses private cloud security from the architectural perspective and seeks to define the problem domain, key scenarios, and create a structured approach that you will use to create a private cloud security...
  • Wiki Page: A Solution for Private Cloud Security Table of Contents

    Complete Table of Contents for “A Solution for Private Cloud Security” A Solution for Private Cloud Security Blueprint for a A Solution for Private Cloud Security Defining the Private Cloud Security Domain Cloud Security Challenges Private Cloud Reference Model...
  • Wiki Page: Private Cloud Security Model - Client Side Security

    With private cloud environments, you have three options for client security: Secure trusted client. A secure trusted client one that exists on the internal network and has a security trust relationship with the cloud domain. You would provide appropriate levels of protection to these client...
  • Wiki Page: Private Cloud Security Challenges - Rapid Elasticity

    Table of Contents Security Functionality Infrastructure Security Software Security Management Security Legal Issues As a designer of a private cloud solution, I am concerned that a rogue application, client, or DoS attack might destabilize the data center by requesting a large amount of resources...
  • Wiki Page: Private Cloud Security Design Principles

    Table of Contents Apply Generic Security Best Practices Isolation is Key Consider Security as a Wrapper Assume Attackers are Authenticated and Authorized Assume All Data Locations are Accessible Do Not Trust Client Information Use Established Strong Cryptographic Techniques Automate Security Operations...
  • Wiki Page: Private Cloud Security Model - Infrastructure Security

    Table of Contents Physical Security Energy Supply Security Facility Security Network Security Hardware Security Compute Security Storage Security Operating System Security Virtualization Security Update Security Now that you have examined the factors within the security wrapper, this paper presents...
  • Wiki Page: Cloud Security Challenges

    To highlight the changes in security between traditional IT systems and cloud-based environments, this paper takes four of the five the NIST cloud computing definitions and analyses these statements to create a problem statement and a range of possible attack vectors. This paper considers each of these...
  • Wiki Page: Private Cloud Security Model - Wrapper Functionality

    As discussed earlier in this paper, the private cloud must implement security as a wrapper. Every transaction then must pass through this security wrapper on any data transition within the cloud, for example: Client to the service delivery layer Service delivery layer to the software...
  • Wiki Page: Defining the Private Cloud Security Problem Domain

    As previous sections in this document outline, security is a universal component of cloud service provisioning. To help consider this requirement logically, this series considers the key security differences in private cloud environments, which result from the unique features of a cloud-based service...
  • Wiki Page: Operations Guide for A Solution for Private Cloud Security

    Welcome to this third paper in the Solution for Private Cloud Security series. This paper discusses private cloud security from the operations perspective and offers guidance for operating security within a private cloud environment. In some areas, specific products are discussed in relation to the security...
  • Wiki Page: Measured Services Related Private Cloud Security Operations Challenges

    As an operator of a private cloud solution, what can I do to ensure that only legitimate users are using the private cloud resources? Security Functionality Part of the answer to the question above is addressed in the On-demand Self-Service section earlier in this paper. That section discussed...
  • Wiki Page: Rapid Elasticity Related Private Cloud Security Operations Challenges

    As an operator of a private cloud solution: How do I detect and respond to requests for resources that might negatively impact other tenant applications or the whole cloud? What impact does the private cloud have on my plans to maintain the availability and capacity of resources? ...
  • Wiki Page: On Demand Self Service Related Private Cloud Security Operations Challenges

    As an operator of a private cloud solution: How do I monitor and audit the use of the services hosted in the cloud? If I don't know what I've got, how do I make sure that it's secure? What happens if the wrong people request or de-provision resources? How does the private cloud...
  • Wiki Page: Broad Network Access Related Private Cloud Security Operations Challenges

    As an operator of a private cloud solution, I want to be sure that an appropriate level of security applies regardless of where the client is connecting from and regardless of the device form factor. This requirement applies to both cloud management and application security. Security Functionality...
  • Wiki Page: Resource Pooling Related Private Cloud Security Operations Challenges

    As an operator of a private cloud solution: How can I detect any breaches in isolation between tenants' resources and how do I respond to the situation? How do I design my disaster recovery procedures to ensure isolation? What impact does the private cloud have on my plans for maintaining...
  • Wiki Page: Private Cloud Security Operations Principles

    This section introduces the key operational security principles for private clouds. These principles apply to all the detailed security design recommendations that are discussed in subsequent sections. Note: In the following discussions, we use the term "tenant" to refer to a client or...
  • Wiki Page: Private Cloud Security Challenges - Measured Services

    As a designer of a private cloud, I want to want to ensure that all applications and services running in the cloud are measured and accounted for. Security Functionality Figure 1 lists a number of security capabilities that the security wrapper should include in the private cloud such as...
  • Wiki Page: Private Cloud Security Challenges - Broad Network Access

    As a designer of a private cloud solution, I want my solution to provide appropriate authentication and authorization services for the broad range of users accessing the cloud. Different services have different security requirements, such as different levels of security, access from multiple locations...
  • Wiki Page: Private Cloud Security Challenges - Resource Pooling

    As a designer of a private cloud solution that uses a pool of resources that can be allocated to many different tenants, how can I ensure the proper isolation of resources (network, compute, memory, storage) between tenants? Security Functionality Figure 1 lists a number of security capabilities...
  • Wiki Page: Private Cloud Security Challenges

    The previous section outlined the cloud security design principles that should apply at all levels of the private cloud design. This section examines the key attributes that characterize cloud architectures: resource pooling, broad network access, on-demand self-service, rapid elasticity, and measured...
Page 1 of 2 (31 items) 12
Can't find it? Write it!