Difference between revisions of "Cloud-10 Guidelines"

From OWASP
Jump to: navigation, search
(Timelines)
(Guideline Document)
 
Line 19: Line 19:
 
#AuthC/Identity
 
#AuthC/Identity
 
#Encryption
 
#Encryption
 +
#Integration
 +
## Web Services
 +
##VPN based
 
#WAF
 
#WAF
  
Line 26: Line 29:
 
4. Operations
 
4. Operations
 
#Patching
 
#Patching
 
  
 
== Use Cases ==
 
== Use Cases ==

Latest revision as of 12:00, 7 December 2011


Contents

Guideline Document

1. Development / Environment Setting

a) Developer Access

  1. Jump Server
    1. Multi factor Autch
    2. VPN/Cert based Authc

2. Architecture

  1. Tiering
  2. Communicaiton
    1. between zones
    2. within tiers
    3. ACLs
  3. AuthC/Identity
  4. Encryption
  5. Integration
    1. Web Services
    2. VPN based
  6. WAF

3. Deployment and Testing

  1. Hardening

4. Operations

  1. Patching

Use Cases

  1. Deploying Third Party
  2. Building Your Own Application


Target Providers

  1. Savvis - Shankar
  2. Amazon EC2 - Vinay
  3. Google Apps - Pankaj


Timelines

1. Initial Draft from Shankar - Nov 29nd

2. Initial Draft from Vinay - Dec 9th