The Official (ISC)2 CCSP CBK Reference. Leslie Fife
Чтение книги онлайн.

Читать онлайн книгу The Official (ISC)2 CCSP CBK Reference - Leslie Fife страница 8

СКАЧАТЬ (XML) gateways. Many cloud services rely heavily on functionality offered via application programming interfaces (APIs), so it is crucial that security practitioners understand how data is exchanged, processed, and protected by APIs.

      Domain 5: Cloud Security Operations

      Domain 6: Legal, Risk, and Compliance

      HOW TO CONTACT THE PUBLISHER

      If you believe you've found a mistake in this book, please bring it to our attention. At John Wiley & Sons, we understand how important it is to provide our customers with accurate content, but even with our best efforts, an error may occur.

      To submit your possible errata, please email it to our Customer Service Team at [email protected] with the subject line “Possible Book Errata Submission.”

      FOUNDATIONAL TO THE UNDERSTANDING and use of the cloud and cloud computing is the information found in Domain 1. This information is fundamental for all other topics in cloud computing. A set of common definitions, architectural standards, and design patterns will put everyone on the same level when discussing these ideas and using the cloud effectively and efficiently.

      The first task is to define common concepts. In the following sections, we will provide common definitions for cloud computing terms and will discuss the various participants in the cloud computing ecosystem. We will also discuss the characteristics of cloud computing, answering the question “What is cloud computing?” We will also examine the technologies that make cloud computing possible.

      Cloud Computing Definitions

      The basic concepts of cloud computing, service models, and deployment models form the foundation of cloud computing practice. It is essential to understand each of them.

      Cloud Computing

      In NIST SP 800-145, cloud computing is defined as “a model for enabling ubiquitous, convenient, on-demand network access to a shared pool of configurable computing resources… . that can be rapidly provisioned and released with minimal management effort or service provider interaction.”

      Cloud computing is more than distributed computing or parallel computing even when done over a network (local area network or Internet). It is a philosophy that creates access to computing resources in a simple, self-driven way. If an individual has to call up the vendor and negotiate a contract for a fixed service, it is probably not cloud computing. Similarly, a company may negotiate rates and services in a cloud environment. But, the provisioning of services must not require ongoing involvement by the vendor.

      Cloud computing requires a network in order to provide broad access to infrastructure, development tools, and software solutions. It requires some form of self-service to allow users to reserve and access these resources at times and in ways that are convenient to the user.

      The provisioning of resources needs to be automated so that human involvement is limited. Any user should be able to access their account and procure additional resources or reduce current resource levels by themselves.

      An example is Dropbox, a cloud-based file storage system. An individual creates an account, chooses the level of service they want or need, and provides payment information, and then the service and storage are immediately available. A company might negotiate contract rates more favorable than are available to the average consumer. But, once the contract is in place, the employees access this resource in much the same way as an individual user of this service.

      Service Models

      There are three service models: software as a service (SaaS), platform as a service (PaaS), and infrastructure as a service (IaaS). These models determine the type of user the cloud service is designed for: end users, developers, or system administrators.

      The different СКАЧАТЬ