Please enable JavaScript.
Coggle requires JavaScript to display documents.
13.3 &13.4 concept outline (cloud security (risk evaluation (data…
13.3 &13.4 concept outline
cloud computing elements
NIST defined service models
platform as a service (PaaS)
infrastructure as a service (IaaS)
software as a service (SaaS)
NIST defined deployment methods
private cloud
community cloud
public cloud
hybrid cloud
essential characteristics of cloud computing
measured service
on-demand self-service
rapid elasticity
resource pooling
broad network access
cloud security
threats for cloud service users
loss of trust
service provider lock-in
loss of goverance
nonsecure cloud service user access
responsibility ambiguity
lack of asset management
risk evaluation
data security
recoverability
authorization - logical access control
operational controls
authentication
application security
testing and validation
high-level description
security considerations for cloud computing
E-discovery
risk assessment
data breach responsibilities
responsibility for notifying
risk to intellectual property
export controls
business continuity
confidentiality and privacy
legal issues
cloud service agreement
acceptable use policies
cloud service level agreements
customer agreement
privacy policies