Section 14: Cloud Computing

Cloud Computing

delivering computing resources to a remote customer over a network

Cloud Computing NIST Definition

a model for enabling ubiquitous, convenient, on-demand network access to a shared pool of configurable computing resources that can be rapidly provisioned and released with minimal management effort or service provider interaction

SaaS

Customer purchases entire app

PaaS

Customer purchases app platform

IaaS

Customer purchases servers/storage

Customer responsibility of IaaS

Data, Application, OS

Vendor responsibility of IaaS

Hardware, Data Center

Customer responsibility of PaaS

Data and Application

Vendor responsibility of PaaS

OS, Hardware, Data Center

Customer responsibility of SaaS

Data

Vendor responsibility of SaaS

Application, OS, Hardware, Data Center

Cloud Deployment Models

• Private Cloud

• Public Cloud

• Hybrid Cloud

• Multi-Cloud

• Community Cloud

Private Cloud

organization uses a dedicated cloud infrastructure

Public Cloud

organization uses a multitenancy infrastructure

Hybrid Cloud

organization uses both private and public cloud

Multi-Cloud

combines resources from two different public cloud vendors

Community Cloud

shared with a consortium

No one cloud model is

inherently superior to the other approaches it all depends on context

Public Cloud computing uses a

shared responsibility model

MSPs

offer IT services to customers

MSSPs

provide security services for organizations as a managed service

MSSPs may be also referred as

Security as a Service (SECaaS)

Cloud Access Security Brokers (CASB)

add a third-party security layer tot he interactions that users have with other cloud services.

Network-based CASB

broker intercepts traffic between the user and the cloud service, monitoring for security issues; broker can block requests

API-based CASB

Broker queries the cloud service API; Broker may not be able to block requests, depending upon API capabilities 

MSSP relationships should be carefully documented

True