adam's notes

Cloud Shared Responsibility Model

Cloud shared responsibility model is, when using cloud infrastructure, security risks are shared between the cloud provider and the customer.

  • cloud provider is responsible for securing the underlying infrastructure
  • customer is responsible for securing their applications and data

Cloud Responsibility Matrix

A responsibility matrix identifies that responsibility for the implementation of security as applications, data, and workloads are transitioned into a cloud platform are shared between the customer and the cloud service provider (CSP).

Info

Function as a Service (FaaS)

  • is associated with serverless computing
  • allows developers to execute individual pieces of code (or functions) in response to various triggers, such as HTTP requests, database changes, or scheduled tasks
  • function can be scaled dynamically to handle changes in load

Responsibility of Cloud Provider

Cloud service provider (CSP) is the business that offers cloud computing services for sale to third parties.

  • Physical security of the infrastructure
  • Securing computer, storage, and network equipment
  • Securing foundational elements of networking, such as DDoS protection
  • Cloud storage backup and recovery
  • Security of cloud infrastructure resource isolation among tenants
  • Tenant resource identity and access control
  • Security, monitoring, and incident response for the infrastructure
  • Securing and managing the datacenters located in multiple geographic regions

Responsibility of Customer

Customers are the consumers of cloud computing services.

  • User identity management
  • Configuring the geographic location for storing data and running services
  • User and service access controls to cloud resources
  • Data and application security configuration
  • Protection of operating systems, when deployed
  • Use and configuration of encryption, especially the protection of keys

Important

Identifying the boundary between customer and cloud provider responsibilities, in terms of security, is imperative for reducing the risk of introducing vulnerabilities into your environment.

Graph View

Backlinks