Difference between revisions of "Cloud-10 Guidelines"

From OWASP
Jump to: navigation, search
Line 1: Line 1:
 +
 +
 +
== Guideline Document ==
 +
 
1. Development / Environment Setting
 
1. Development / Environment Setting
  
Line 30: Line 34:
  
  
*Target Environment
+
 
 +
== Target Providers ==
 +
1. Savvis -
 +
2. Amazon EC2
 +
3. Google Apps

Revision as of 09:08, 1 November 2011


Guideline Document

1. Development / Environment Setting

a) Developer Access

  1. Jump Server
    1. Multi factor Autch
    2. VPN/Cert based Authc

2. Architecture

  1. Tiering
  2. Communicaiton
    1. between zones
    2. within tiers
    3. ACLs
  3. AuthC/Identity
  4. Encryption
  5. WAF

3. Deployment and Testing

  1. Hardening

4. Operations

  1. Patching


Use Cases

  1. Deploying Third Party
  2. Building Your Own Application


Target Providers

1. Savvis - 2. Amazon EC2 3. Google Apps