O.4 Cloud Security/Cloud Computing

From CyberEdWiki
Jump to: navigation, search

Cloud resources are commonly used for a wide variety of use cases, including the provision of enterprise services, data processing and analysis, development and testing, and a wide variety of consumer focused services. As such it is important that the students have a clear understanding of the variety, complexity, and capabilities of modern cloud platforms. Cloud computing has implications for cyber operations not only as a potential target, but also as an extensive resource to bring relatively cheap computing power to solve problems (e.g. cracking passwords) which would have been more difficult pre-cloud.

Specific topics to be covered in this knowledge unit include, but are not limited to:

  • Cloud infrastructure components and the interfaces they expose. This should include public/consumer facing interfaces (such as public management APIs) and internal interfaces (such as those to provide automated backup, failover, and accounting)
  • Essential Characteristics of Cloud Platforms and an understanding of the technologies that enable these characteristics
  • Common Service models
  • Common Deployment Modes (e.g. public cloud, private cloud, hybrid cloud) and the associated tradeoffs (e.g. privacy/scalability/resilience)
  • Cloud infrastructure components and the interfaces they expose. This should include public/consumer facing interfaces (such as public management APIs), and internal interfaces (such as those to provide automated backup, failover, and accounting)
  • Techniques for deploying and scaling cloud resources (such as Puppet/Chef)
  • Security implication of cloud resources, including issues associated with shared resources and multi-tenancy, the extension of trust to include the cloud provider, and approaches to mitigating these issues
  • Developing, deploying, and managing applications on cloud resources, which should include hand-on exercises that utilize real cloud services

Recommended Resource for this KU: NIST 800-145

Outcome: Students will understand and be able to describe a variety of cloud service models and deployment modes, and select appropriate service models and delivery modes for a variety of potential workloads, including enumerating the security tradeoffs associated with their selections.

Outcome: Students will be able to develop and deploy a workload in an appropriate cloud environment, including addressing issues associated with deployment, configuration, management, scalability, and security.