Major characteristics of cloud computing include:
- On-demand self-service
- Distributed Storage
- Rapid Elasticity
- Measured Services
- Automated Management
- Virtualization
Types of Cloud Computing Services
- Infrastructure-as-a-Service (IaaS)
- Platform-as-a-Service (PaaS)
- Software-as-a-Service (SaaS)
Cloud Deployment Models
- Public Cloud
- Private Cloud
- Hybrid Cloud
- Community Cloud
NIST Cloud Computing Reference Architecture
Cloud Computing Benefits
Cloud Computing Threats
Data Loss/Breach
Abusing Cloud Services
Insecure Interface and APIs
Cloud Computing Attacks
- Service Hijacking using Social Engineering Attacks
- Session Hijacking using XSS Attack
- Domain Name System (DNS) Attack
- SQL Injection Attack
- Wrapping Attack
- Service Hijacking using Network Sniffing
- Session Hijacking using Session Riding
- Side Channel Attack or Cross-guest VM Breaches
- Cryptanalysis
- Dos / DDoS Attacks
Cloud Security
Cloud Security Control Layers
Responsibilities in Cloud Security
Cloud Service Consumer
Responsibilities of a cloud service consumer include to meet the following security
controls:
- Public Key Infrastructure (PKI).
- Security Development Life Cycle (SDLC).
- Web Application Firewall (WAF).
- Firewall
- Encryption.
- Intrusion Prevention Systems
- Secure Web Gateway
- Application Security
- Virtual Private Network (VPN) and others.
Cloud Security Tools
- Core CloudInspect
- CloudPassage Halo
