CSA云计算关键领域云安全指南V4.0中文版

ykilusm
0 ℃
2021-12-05

整理文档很辛苦，赏杯茶钱您下走！

还剩 ... 页未读，继续阅读 >>

免费阅读已结束，点击下载阅读编辑剩下 ... 页

阅读已结束，您可以下载文档离线阅读编辑

资源描述

v4.0SecurityGuidancev.4?Copyright2017,CloudSecurityAlliance.Allrightsreserved1CSAv4.0SecurityGuidancev.4?Copyright2017,CloudSecurityAlliance.Allrightsreserved2CSAv4.0://://cloudsecurityalliance.org/document/V4.0security-guidance-for-critical-areas-of-focus-in-cloud-computing-v4-0/,:(a),;(b);(c);(d),v4.0v4.0SecurityGuidancev.4?Copyright2017,CloudSecurityAlliance.Allrightsreserved3CSACSAv4.0CSAD1D2D3D4D5D6D7D8D9D10D11D12D13D14D1D2D3D4D5D6D7D8D9D10D11D12D13D14jguo@china-csa.orgv4.0SecurityGuidancev.4?Copyright2017,CloudSecurityAlliance.Allrightsreserved4CSACSAcloudsecurityalliance.comBestRegards,Luciano(J.R.)SantosExecutiveVicePresidentofResearchCloudSecurityAlliancev4.0SecurityGuidancev.4?Copyright2017,CloudSecurityAlliance.Allrightsreserved5CSALeadAuthorsRichMogullJamesArlenAdrianLaneGunnarPetersonMikeRothmanDavidMortmanEditorsDanMorenJohnMoltzCSAStaffJimReavisLuciano(J.R.)SantosDanieleCattedduFrankGuancoHillaryBaronVictorChinRyanBergsmaStephenLumpe(Design)CSACSACSAv4.0SecurityGuidancev.4?Copyright2017,CloudSecurityAlliance.Allrightsreserved6CSACEO20094CSACSAITCSA()DevOpsITITBestRegards,JimReavisCo-Founder&CEOCloudSecurityAlliancev4.0SecurityGuidancev.4?Copyright2017,CloudSecurityAlliance.Allrightsreserved7CSAD1:.................................................................8D2:....................................................................30D3:.....................................................40D4:..............................................................................55D5:............................................................................................62D6:.........................................................................69D7:.........................................................................................80D8:.........................................................................................96D9:...............................................................................................107D10:............................................................................................114D11:.................................................................................125D12:.....................................................................137D13:........................................................................................148D14:............................................................................................154v4.0SecurityGuidancev.4?Copyright2017,CloudSecurityAlliance.Allrightsreserved8CSAD1:1.1:()()()()v4.0SecurityGuidancev.4?Copyright2017,CloudSecurityAlliance.Allrightsreserved9CSA4????NIST800-145,ISO/IEC17788andISO/IEC177891.21.1.1NIST:(:)ISO/IEC:()()8CPUs16GBv4.0SecurityGuidancev.4?Copyright2017,CloudSecurityAlliance.Allrightsreserved10CSA500100:NIST500-292cloudactorISO/IEC17788()cloud;,,;1.1.2(CSA)NISTmodelforcloudcomputingCSAISO/IECmodelNISTNISTWorkingDefinitionofCloudComputingNIST800-145v4.0SecurityGuidancev.4?Copyright2017,CloudSecurityAlliance.Allrightsreserved11CSANISTNIST1.1.2.1()v4.0SecurityGuidancev.4?Copyright2017,CloudSecurityAlliance.Allrightsreserved12CSA()(,,)ISO/IEC17788NIST1.1.2.2NIST:(SaaS)web(PaaS),(PythonPHP),,APISaaS)PaaS(IaaS)SPIISO/IECSPI()IaaS/PaaS/SaaS:ISO/IECNISTv4.0SecurityGuidancev.4?Copyright2017,CloudSecurityAlliance.Allrightsreserved13CSACSA1.1.2.3NISTISO/IEC4:()v4.0SecurityGuidancev.4?Copyright2017,CloudSecurityAlliance.Allrightsreserved14CSA1234//.v4.0SecurityGuidancev.4?Copyright2017,CloudSecurityAlliance.Allrightsreserved15CSA1.1.3ISO/IEC17789NIST500-292NISTSaaSPaaSPaaSIaaS()v4.0SecurityGuidancev.4?Copyright2017,CloudSecurityAlliance.Allrightsreserved16CSA1.1.3.1IaaS()(APIs)APIs()APIsREST(RepresentationalStateTransfer)HTTPInternetAPIsweb()()IaaS()APIsv4.0SecurityGuidancev.4?Copyright2017,CloudSecurityAlliance.Allrightsreserved17CSAIaaS:/()()v4.0SecurityGuidancev.4?Copyright2017,CloudSecurityAlliance.Allrightsreserved18CSA1.1.3.1PaaSPaaSPaaSPaaSIaaSIaaSAPIsPaaSIaaSAPI(web)APIPaaSPaaSv4.0SecurityGuidancev.4?Copyright2017,CloudSecurityAlliance.Allrightsreserved19CSAIaaS(PaaS):PaaSIaaS1.1.3.1SaaS()SaaSIaaSPaaS(SaaS)IaaSPaaS()APIswebSaaSAPI/WebAPISaaSv4.0SecurityGuidancev.4?Copyright2017,CloudSecurityAlliance.Allrightsreserved20CSAv4.0SecurityGuidancev.4?Copyright2017,CloudSecurityAlliance.Allrightsreserved21CSA1.1.4.1:PaaSITv4.0SecurityGuidancev.4?Copyright2017,CloudSecurityAlliance.Allrightsreserved22CSAPaaSIaaS1.21.2.1/SaaS//v4.0SecurityGuidancev.4?Copyright2017,CloudSecurityAlliance.Allrightsreserved23CSAPaaSPaaSIaaSIaaSIaaSSaaSv4.0SecurityGuidancev.4?Copyright2017,CloudSecurityAlliance.Allrightsreserved24CSACAIQCCM1.2.2CSACSACCMIaaSIaaSv4.0SecurityGuidancev.4?Copyright2017,CloudSecurityAlliance.Allrightsreserved25CSACSACSACSACCMNISTNIST500-299ISO/IECFDIS27017--ISO/IEC270021.2.2.1v4.0Security