A platform for research: civil engineering, architecture and urbanism
A platform for research: civil engineering, architecture and urbanism
Cloud is not a new concept, cloud has been around for quite a number of years already, but the adoption has increased and with that the need for cloud specific governance, guidelines, architectures and security principles. As the cloud could be consumed in many different ways and in some scenarios perhaps even without understanding the ramifications of purchasing a cloud based solution like a Software as a Service (SaaS) application, a Platform as a Service (PaaS) to build upon or even an Infrastructure as a Service (IaaS) based virtual machine. As the cloud is, by design, so easy to consume it introduces new type of risks such as spinning up a Virtual Machine (VM) for testing and leave it accessible over the internet with a poor or no password protection for example. In order to secure an organizations cloud journey some steps ideally should have been done prior to beginning of said journey. Commonly it is however done the other way around where an organization is already consuming cloud and only after that starts to think about the security aspects of it. Some guardrails and security standards are ideally applied prior to an organization starting their cloud journey to be prepared for the cloud and ensure that the cloud estate remains secure and compliant. It is for that purpose that a reference cloud security architecture was created, introduced and applied across the organization’s cloud estate to ensure the applicability of the created architecture. Creating such an architecture could have been approached by modernizing something already existing or starting from scratch and creating almost like a cloud native security architecture. The question was however are there differences between an non-cloud and a cloud security architecture. Be it as it may, the architecture, as the cloud itself, is never done as it must be adapting and conforming to the evolution of the cloud when required. Reasons for a change in the architecture could arise from the cloud platform or platforms evolving, new regulatory ...
Cloud is not a new concept, cloud has been around for quite a number of years already, but the adoption has increased and with that the need for cloud specific governance, guidelines, architectures and security principles. As the cloud could be consumed in many different ways and in some scenarios perhaps even without understanding the ramifications of purchasing a cloud based solution like a Software as a Service (SaaS) application, a Platform as a Service (PaaS) to build upon or even an Infrastructure as a Service (IaaS) based virtual machine. As the cloud is, by design, so easy to consume it introduces new type of risks such as spinning up a Virtual Machine (VM) for testing and leave it accessible over the internet with a poor or no password protection for example. In order to secure an organizations cloud journey some steps ideally should have been done prior to beginning of said journey. Commonly it is however done the other way around where an organization is already consuming cloud and only after that starts to think about the security aspects of it. Some guardrails and security standards are ideally applied prior to an organization starting their cloud journey to be prepared for the cloud and ensure that the cloud estate remains secure and compliant. It is for that purpose that a reference cloud security architecture was created, introduced and applied across the organization’s cloud estate to ensure the applicability of the created architecture. Creating such an architecture could have been approached by modernizing something already existing or starting from scratch and creating almost like a cloud native security architecture. The question was however are there differences between an non-cloud and a cloud security architecture. Be it as it may, the architecture, as the cloud itself, is never done as it must be adapting and conforming to the evolution of the cloud when required. Reasons for a change in the architecture could arise from the cloud platform or platforms evolving, new regulatory ...
Cloud Security Architecture
Koskinen, Jonne (author)
2023-01-01
URN:NBN:fi:amk-2023052313486
Theses
Electronic Resource
English
DDC:
720
| Springer Verlag | 2004
European Security Architecture
| British Library Conference Proceedings | 1996
Cloud 9 : rooftop architecture
| TIBKAT | 2010