Cloud Security Alliance CCSK Certification #2

Written By tom sinclair

Module 1- Cloud Architecture

Ensure you have the following documentation downloaded:

CSA Security Guidance for Cloud Computing | CSA (cloudsecurityalliance.org)

The areas you are going to want to revise are the following;

  • Defining cloud computing

  • The cloud logical model

  • Cloud conceptual, architectural and reference model

  • Cloud security and compliance scope, responsibilities and models

If you are self studying for the CCSK exam one of the best ways you can learn cloud architecture is by looking at AWS EC2 as it was one of the first ones out there.

Two key technologies to build our resource pool — Abstraction (aka virtualization) + automation (aka orchestration) and its how we use those to elements to create cloud computing that is what separates cloud vs traditional virtual environments.

Orchestration is really where the magic happens this is really where the elasticity happens. This does the following;

Virtualization is really an “enablement” to cloud computing, it can get confusing because companies can spin up their automation but as we will see shortly there is a lot more to cloud that separates these two to make it cloud computing.

There are many different way to describe cloud computing however we are going to focus on two main definitions. NIST (tied to US GOV) ISO are more international body

NIST definition of cloud computing: a model for ensuring ubiquitous, convenient, on-demand network access to a shared pool for configurable computing resources that can be rapidly provisioned and released with minimal management effort or service provider interaction.

A Cloud User is the person or organization requesting computational resources. The Cloud Provider is the person or organization offering the resources.

Key techniques to create a cloud:

  • Abstraction: we abstract resources from the underlying infrastructure to create resource pools

  • Orchestration: coordination of delivering resources out of the pool on demand.

Clouds are multi-tenant by nature. Consumers are segregated and isolated but share resource pools.

So what is the high level overview of the benefits of cloud computing?

Agility — scaling up and scaling down quickly etc

Resilience — Introduce more resilience and can put things (backups) in more place automatically

Economics — You have to take the cloud approach but if you set it up as a cloud set up, security for example is and extra benefit. It all depends on the service model you are going through

So lets conclude what we have already learnt?

  1. Cloud computing is a new operational model that combines the benefits of abstraction (virtualization) and automation (orchestration) for new ways of delivering and consuming technology

  2. Abstraction separates resources from their underlying physical infrastructure. It allows us to create resource pools out of those underlying assets.

  3. Automation (orchestration) allows us to rapidly provision and de-provision those resources from the resource pool.

  4. This is different than traditional virtualization which includes the abstraction piece.. but does not necessarily use that to build resource pools, and lacks the advanced orchestration of cloud.

  5. Cloud can potentially provide a wide range of benefits, but the key ones are economic agility and resiliency

Test your knowledge on the absolute fundamentals we have just covered with our fun Kahoot (6 practice questions)

tom sinclair
Previous

Cloud Security Alliance CCSK Certification #1