Please enable JavaScript.
Coggle requires JavaScript to display documents.
Cloud - Coggle Diagram
Cloud
Issues
Data and (legacy) (on-premise) system integration
Vendor lock-in
Data resilience (e.g. local data cache)
Cloud provider abstraction (Iaas/Paas)
Security & Privacy
Data portability
Ability to delete all data
Ability to obtain complete copy of all data
Pricing
Compliance & Regulations
Geographics
Energy resource management
Energy cost (reduction)
Data centers
Inline/meet
Environmental standards
Goverment regulations
Preventing cloud proliferation
Equal ability to manage both scaling down/up
Quality of Service/ Reliability
In-house systems
Cloud provider
(Public) connections
Uptime
Bandwidth
Speed
Reliability & Availability
Password Security
Infrastructure
Data centers
Servers consolidation
Maintaining security architecture
Platform management
Performance
CSPs
Cost Management
Lack of top talent
Expertise
Knowledge
Multi-cloud management
Hybrid complexity
Migration
Related topics
Utility computing
Information security
Grid computing
(Cloud) API's
Information architecture
Mobile computing
Ubiquitous access
Data center
Virtualization
Internet of Things (IoT)
Big Data analytics
Artificial Intelligence (AI)
Deep learning
Machine learning
DevOps/DevSecOps
Virtual Machines (VM)
Drivers
Increased demand for mobility
CapEx to OpEx
Increased demand for agility
Economic crisis (reluctance to invest)
Data center consolidation
Digital transformation
Agility
Staff productivity
Cost reduction
Pay for usage
Infrastructure
No maintance cost
No Hardware investments
Hardware/software end of life
Improved security & Operational resilience
Maintained by provider
Exspansion, Mergers, Aquisitions
New Technology
Advantages
Finances
Pay per use
Reduce cost/expenditure
Flexibility
Increased Mobility
Handle usage peaks easily
Unlimited storage capacity
Hybrid
Private
Public
Unlimited computing resources
Tool selection
Pre-built tools/features
Scalability
Resouce efficient
Energy saving/reduction
Data centres with highly efficient cooling
Reduction in idle hardware
Improved disator recovery
Increased
Flexibility
Collaboration
Strategic value
Collaboration
Access anywhere
Competitive edge
Freed resources from infrastructure maintance
Regular updates
As technology advances
Streamlined
CSP managed
Freeing time/resources
Efficiency
Data security
Speed to market
Accessibility
Savings on infrastructure
No hardware costs
Pay structure
Security Features
APIs
Virtual private cloud
Encryption
Disadvantages
Internet connect
Must be constant
Down time
Business continuity
Maintance cost
High
Multi-jurisdiction issues
Data
Privacy
Ownership
Security
Unsecure APIs & Interfaces
Cross border movement
Loss/theft
Leakage
Limited control
Hi-jacking
Account
Service
Prominent Features
Service Models
Software as a Service (SaaS)
Email
Gmail
CRM
SaleForce
Office
Office 365
Google Docs
"75% of comapnies IT budget is used to purchase, run and repair software systems and infrastructure"
"70% of security breaches are caused by internal sources"
Security attacks
XML Signature
DDoS
Cross-Site Scripting
Authentication
SQL Injection
Infrastructure as a Service (IaaS)
Amazon EC2
Rackspace
APIs created to perform administrative operations increase the attack surface
"Cloud virtualization technology the hypervisor or virtual machine monitor is the additional layer between the operating system and hardware"
Security attacks
Stepping-Stone
VM rollback
Cross VM
Return Oriented
Malicious Insiders
Programming
Platform as a Service (PaaS)
Application (aPaaS)
Force.com
Enabling (ePaaS)
Google App Engine
Microsoft Azure
"PaaS cloud layer is responsible to provide the software execution environment for their customers without buying servers, storage and networks, security is the most important part ofPaaS services. The responsibility of PaaS providers is to implement strong encryption techniques to provide services to their customers without disruption. In this way, the responsibility of PaaS providers is to secure runtime engines from attackers which run the customers applications"
"PaaS model allows multiple users to access cloud services simultaneously; thus, a malicious user can have multiple ways of interfering and disrupting the normal execution of the PaaS container"
Security attacks
Password reset
Phishing
Man-in-the-Middle
Cloud Malware Injection
Attributes
Elasticity
On demand
Scalability
Fully managed by providor
Data intensive
Deployment Models
Public Cloud
Private Cloud
Hybrid Cloud
Community Cloud
Compute Types
Fabric
Google App Engine
Instance
Amazon EC2
Security issues
Application level
Attack types
SQL injection
Application vulnerabilities
Cross Site scripting
Impacts
Confidentiality
Data modification rest/transit
Session hi-jacking
Attack vectors
Session management & broken authentication
Security configuration
Network level
Attack type
Sniffer
Issues of reuse ip address
DNS
Network sniffing/VoIP phishing
Impacts
Exposure in network
Traffic flow analysis
Attack vector
Firewall misconfiguration
Virtualization level
Attack vectors
Storage vulnerabilities
Data-center vulnerabilities
Social engineering
VM vulnerabilities
Network
Attack types
VM Escape
Hypervisor rootkit
DoS/DDos
Impacts
Software interruption/modification
Programming flaws
Physical level
Attack vector
Power loss/environmental control
Impacts
Hardware modification/theft
Limited access to data centers
Attack type
Phising
Malware injection
Migrating IT systems to the Cloud
Cloud vendors
Greater resources/capabilities
Dedicated sercurity teams
Scale and scope
Top talent
"The highly
standardized interfaces with the client make it easier and less costly for the cloud vendor to apply common security governance and
control mechanisms to guard the sensitive information exchanged through those interfaces"
"migrating legacy systems to the cloud often
requires the standardization of the IT interfaces in the client’s enterprise architectures"
Legacy IT Systems
Security-by-antiquity
Limited accessibility compared to modern systems
limited documentation
Obsolete tools and documentation of use
Making Legacy systems an investment of time and resources obscured to those without prior knowldge limiting potential malicious intent
"legacy systems are too antiquated to have any
documentation and there are few or no human experts left who understand the internal workings of the systems"
Less secure than modern systems
Target value
" Legacy systems have accumulated a large amount of valuable information over the years, a fact
that makes them too valuable for an organization to discontinue"
"The large amount of valuable information in
legacy systems attracts motivated offenders, both inside and outside an organization"
Target visibility
"connection and
transition points between different systems are potential sources of vulnerabilities"
"more modern and integrated systems have fewer transition points and thereby fewer visible vulnerabilities"
Target accessibility
"organizations need capabilities to authenticate the identities of numerous users
and to segregate their potentially conflicting access privileges"
"Many legacy systems are not designed to address such complex access
control requirements of the present era, thereby increasing accessibility to them"