|
Security Recommendations for Cloud Computing Providers
|
| bet | 13/24 | | Sana | 13.09.2024 | | Hajmi | 0,66 Mb. | | #271001 |
Bog'liq Tar SecurityRecommendationsCloudComputingProvidersID and Rights Management
Private >=>
B C+ A+
Strong authentication (two factor authentication) for the CSP's administrators
■■I
Public
B C+ A+
Role-based access control and regular reviews of roles and rights
Least Privilege Model (users and CSP administrators should only possess those rights required to perform their task)
J III II
Four-eye principle for critical administration activities
Strong authentication (e.g. two factor authentication) for cloud customers
Control options for users
Foydalanuvchilar uchun boshqaruv imkoniyatlari
Ommaviy Cloud Computing yordamida mijoz o‘zining bulutli provayderiga qattiq bog‘liq – axir, ular endi hech qanday apparat yoki dasturiy ta’minotga to‘g‘ridan-to‘g‘ri kira olmaydi va ular “bulutda” ishlaydigan xizmatlarning mavjudligiga bog‘liq. Shu darajada, mijoz foydalanadigan xizmatlarning mavjudligini kuzatish imkoniyatiga ega bo'lishi kerak, masalan, veb-interfeys yoki API orqali. Ko'p CSP allaqachon buni amalda qo'llaydi. Ko'p hollarda mijozlar CSPga tegishli veb-sahifada foydalanadigan xizmatlarning holatini ko'rsatishi mumkin. Mijozlar, shuningdek, CSP yoki uchinchi tomon provayderlari vositalari orqali zahiraga olinishi mumkin bo'lgan qo'shimcha xizmatlardan foydalanishlari mumkin, ular protsessordan foydalanish, tarmoqdan foydalanish, o'tkazish qobiliyati, kechikish va boshqa xizmatlarning ishlashi haqida keng ko'lamli monitoring ma'lumotlarini olishlari mumkin. o'rtacha tranzaksiya vaqti.
|
| |
