{"id":257,"date":"2009-06-25T13:31:58","date_gmt":"2009-06-25T18:31:58","guid":{"rendered":"http:\/\/www.webadminblog.com\/?p=257"},"modified":"2009-06-25T13:35:46","modified_gmt":"2009-06-25T18:35:46","slug":"introduction-to-cloud-computing-and-virtualization-security","status":"publish","type":"post","link":"https:\/\/www.webadminblog.com\/index.php\/2009\/06\/25\/introduction-to-cloud-computing-and-virtualization-security\/","title":{"rendered":"Introduction to Cloud Computing and Virtualizaton Security"},"content":{"rendered":"<p>Today the Austin ISSA and ISACA chapters held a half-day seminar on Cloud Computing and Virtualization Security.\u00a0 The introduction on cloud computing was given by Vern Williams.\u00a0 My notes on this topic are below:<\/p>\n<p><span style=\"text-decoration: underline;\"><strong>5 Key Cloud Characteristics<\/strong><\/span><\/p>\n<ul>\n<li>On-demand self-service<\/li>\n<li>Ubiquitous network access<\/li>\n<li>Location independent resource pooling<\/li>\n<li>Rapid elasticity<\/li>\n<li>Pay per use<\/li>\n<\/ul>\n<p><span style=\"text-decoration: underline;\"><strong>3 Cloud Delivery Models<\/strong><\/span><\/p>\n<ul>\n<li>Software as a Service (SaaS): Providers applications over a network<\/li>\n<li>Platform as a Service (PaaS): Deploy customer-created apps to a cloud<\/li>\n<li>Infrastructure as a Service (IaaS): Rent processing, storage, etc<\/li>\n<\/ul>\n<p><span style=\"text-decoration: underline;\"><strong>4 Cloud Deployment Models<\/strong><\/span><\/p>\n<ul>\n<li>Private cloud: Enterprise owned or leased<\/li>\n<li>Community cloud: Shared infrastructure for a specific community<\/li>\n<li>Public cloud: Sold to the public, Mega-scale infrastructure<\/li>\n<li>Hybrid cloud: Composition of two or more clouds<\/li>\n<\/ul>\n<ul>\n<li>Two types: internal and external<\/li>\n<li>http:\/\/csrc.nist.com\/groups\/SNS\/cloud-computing\/index.html<\/li>\n<\/ul>\n<p><span style=\"text-decoration: underline;\"><strong>Common Cloud Characteristics<\/strong><\/span><\/p>\n<ul>\n<li>Massive scale<\/li>\n<li>Virtualization<\/li>\n<li>Free software<\/li>\n<li>Autonomic computing<\/li>\n<li>Multi-tenancy<\/li>\n<li>Geographically distributed systems<\/li>\n<li>Advanced security technologies<\/li>\n<li>Service oriented software<\/li>\n<\/ul>\n<p><span style=\"text-decoration: underline;\"><strong>Pros<\/strong><\/span><\/p>\n<ul>\n<li>Lower central processing unit (CPU) density<\/li>\n<li>Flexible use of resources<\/li>\n<li>Rapid deployment of new servers<\/li>\n<li>Simplified recovery<\/li>\n<li>Virtual network connections<\/li>\n<\/ul>\n<p><span style=\"text-decoration: underline;\"><strong>Cons<\/strong><\/span><\/p>\n<ul>\n<li>Complexity<\/li>\n<li>Potential impact of a single component failure<\/li>\n<li>Hypervisor security issues<\/li>\n<li>Keeping virtual machine (VM) images current<\/li>\n<li>Virtual network connections<\/li>\n<\/ul>\n<p><span style=\"text-decoration: underline;\"><strong>Virtualization Security Concerns<\/strong><\/span><\/p>\n<ul>\n<li>Protecting the virtual fabric<\/li>\n<li>Patching off-line VM images<\/li>\n<li>Configuration Management<\/li>\n<li>Firewall configurations<\/li>\n<li>Complicating Audit and Forensics<\/li>\n<\/ul>\n","protected":false},"excerpt":{"rendered":"<p>Today the Austin ISSA and ISACA chapters held a half-day seminar on Cloud Computing and Virtualization Security.\u00a0 The introduction on cloud computing was given by Vern Williams.\u00a0 My notes on this topic are below: 5 Key Cloud Characteristics On-demand self-service Ubiquitous network access Location independent resource pooling Rapid elasticity Pay per use 3 Cloud Delivery [&hellip;]<\/p>\n","protected":false},"author":3,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"jetpack_post_was_ever_published":false,"_jetpack_newsletter_access":"","_jetpack_dont_email_post_to_subs":false,"_jetpack_newsletter_tier_id":0,"_jetpack_memberships_contains_paywalled_content":false,"_jetpack_memberships_contains_paid_content":false,"footnotes":"","jetpack_publicize_message":"","jetpack_publicize_feature_enabled":true,"jetpack_social_post_already_shared":false,"jetpack_social_options":{"image_generator_settings":{"template":"highway","default_image_id":0,"font":"","enabled":false},"version":2}},"categories":[82,271,35,272],"tags":[39,268,215,269,623,270],"class_list":["post-257","post","type-post","status-publish","format-standard","hentry","category-cloud-computing","category-cloud-computing-security","category-virtualization","category-virtualization-security","tag-cloud","tag-computing","tag-issa","tag-vern","tag-virtualization","tag-williams"],"aioseo_notices":[],"jetpack_publicize_connections":[],"jetpack_featured_media_url":"","jetpack_shortlink":"https:\/\/wp.me\/pfI0c-49","jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/www.webadminblog.com\/index.php\/wp-json\/wp\/v2\/posts\/257","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.webadminblog.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.webadminblog.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.webadminblog.com\/index.php\/wp-json\/wp\/v2\/users\/3"}],"replies":[{"embeddable":true,"href":"https:\/\/www.webadminblog.com\/index.php\/wp-json\/wp\/v2\/comments?post=257"}],"version-history":[{"count":4,"href":"https:\/\/www.webadminblog.com\/index.php\/wp-json\/wp\/v2\/posts\/257\/revisions"}],"predecessor-version":[{"id":263,"href":"https:\/\/www.webadminblog.com\/index.php\/wp-json\/wp\/v2\/posts\/257\/revisions\/263"}],"wp:attachment":[{"href":"https:\/\/www.webadminblog.com\/index.php\/wp-json\/wp\/v2\/media?parent=257"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.webadminblog.com\/index.php\/wp-json\/wp\/v2\/categories?post=257"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.webadminblog.com\/index.php\/wp-json\/wp\/v2\/tags?post=257"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}