Summary: | This work provides guidelines for the practical implementation of security architecture in a particular corporate cloud. The authors are mathematicians and specialists in data modeling and security. Experience of scientific collaboration with industry inspired the authors to attempt to conceptualize the common processes and strategies in cloud security, in order to make security system deployment as simple and transparent as possible. The deployment is broken into several essential steps that allow the functionality of security architecture for any cloud to be split into a set of modules. The first step is the level of architecture where the authentication and key establishment procedures are identified. The second step provides the support of the authorization and other additional security mechanisms for each component of the cloud. The continuous verification of security support on all levels (data, processes and communication channels) helps to avoid common security breaches and protect against the most dangerous attacks. Additionally, performing the proposed optimization of the selected set of mechanisms will enhance the efficiency of the security system.
|