Review Article
Foundations and Technological Landscape of Cloud Computing
Table 4
Mapping of cloud vulnerabilities (column) and recommended security practices (row).
| | | Application | Platform | Infrastructure | Unified resource | Fabric | | | Web service v. | Client-side data manipulation v. | Authentication & Authorization v. | Encryption & key management v. | Cloud platform v. | Access to platform admin interface v. | Traditional virtual machine v. | Virtual network communication v. | Data sanitization v. | Access to VM admin interface v. | Virtualized hypervisor & interfaces v. | Multi-tenancy v. | Shared network component v. | Physical v. |
| | Identity and access control | | | | | | | | | | | | | | | | Authentication | | | × | | | | | | | | | | | | | Authorization | | | × | | | | | | | | | | | | | Identity management | | | × | | | | | | | | | | | | | Notification | | | × | | | | | | | | | | | | | Data security | | | | | | | | | | | | | | | | Data classification | | | × | | | | | | | | | | | | | Encryption and key | × | | × | × | | × | | | | × | × | | | | | Backup and recovery | | | | | | | | | | | | | | × | | Data sanitization | | | | | | | | | × | | | × | | | | Application security | | | | | | | | | | | | | | | | Dev. life cycle | × | | × | × | × | × | × | | | × | | | | | | Web service imp. | × | | | | | | | | | | | | | | | Frontend environment | × | × | | | | | | | | | | | | | | Virtualized environment | | | | | | | | | | | | | | | | Virtualized hypervisor | × | | × | | | | | × | | × | | × | | | | Virtual machine | × | | × | | | | × | | | × | | | | | | Operating system | × | | × | | × | | | | | | | | | | | Network and physical security | | | | | | | | | | | | | | | | Robust physical access | | | | | | | | | | | | | | × | | BCP | | | | | | | | | | | | | | × | | Network control | | | | | | | | | | | | | | × |
|
|
