Cloud computing and security
Architectural Concepts and Design Requirements
The goal of the Architectural Concepts and Design Requirements domain is to provide you with knowledge of the building blocks necessary to develop cloud-based systems.
You will be introduced to such cloud computing concepts as the customer, provider, partner, measured services, scalability, virtualization, storage, and networking.
You will be able to understand the cloud reference architecture based on activities defined by industry-standard documents. Lastly, you will gain knowledge in relevant security and design principles for cloud computing, including secure data lifecycle and cost-benefit analysis of cloud-based systems.
Domain Objectives
After completing this domain, you will be able to do the following:
- Define the various roles, characteristics, and technologies as they relate to cloud computing concepts
- Describe cloud computing concepts as they relate to cloud computing activities, capabilities, categories, models, and cross-cutting aspects
- Identify the design principles necessary for secure cloud computing
- Define the various design principles for the different types of cloud categories
- Describe the design principles for secure cloud computing
- Identify criteria specific to national, international, and industry for certifying trusted cloud services
- Identify criteria specific to the system and subsystem product certification
Introduction
“Cloud computing is a model for enabling ubiquitous, convenient, on-demand network access to a shared pool of configurable computing resources (e.g., networks, servers, storage, applications, and services) that can be rapidly provisioned and released with minimal management effort or service provider interaction.”
Cloud computing, or cloud, means many things to many people. There are indeed various definitions for cloud computing and what it means from many of the leading standards bodies.
The previous National Institute of Standards and Technology (NIST) definition is the most commonly utilized, cited by professionals and others alike to clarify what the term cloud means.
There are indeed various definitions for cloud computing and what it means from many of the leading standards bodies. The previous National Institute of Standards and Technology (NIST) definition is the most commonly utilized, cited by professionals and others alike to clarify what the term cloud means.
It’s important to note the difference between a cloud service provider (CSP) and a managed service provider (MSP). The main difference is to be found in the control exerted over the data and process and by who. With an MSP, the consumer dictates the
technology and operating procedures.
According to the MSP Alliance, MSPs typically have the following distinguishing characteristics:2
- Some form of network operations center (NOC) service
- Some form of help desk service
- Remote monitoring and management of all or most of the objects for the customer
- Proactive maintenance of the objects under management for the customer
- Delivery of these solutions with some form of predictable billing model, where the customer knows with great accuracy what the regular IT management expense will be