Explain Cloud Security Alliance (CSA) Stack Model in detail.

-

 Cloud Security Alliance (CSA) Stack Model 

The Cloud Security Alliance (CSA) is a non-profit organization that encourages research into best practices for cloud computing security and the use of cloud technology to safeguard other types of computing. CSA draws on the knowledge of industry practitioners, associations, and governments, as well as corporate and individual members, to provide cloud security research, education, certification, events, and products. 

The actions, knowledge, and vast network of the organization help the whole cloud community, including cloud service providers, customers, entrepreneurs, and governments. The CSA also provides a venue for all stakeholders to collaborate to build and maintain a trustworthy cloud ecosystem.

The industry association also provides security education and advice to businesses at various levels of cloud adoption, as well as assistance to cloud service providers in addressing security in their software delivery methods. Any interested party with the competence to contribute to the security of cloud computing can join the CSA.


Cloud Security Alliance Research Areas

There are CSA working groups working on various domains of cloud security including: 

  • The Cloud Data Governance Working Group develops concepts and applies them to develop technologies and approaches to ensure data privacy, availability, integrity, confidentiality, and security across public and private clouds.
  • The Cloud Security Alliance IoT Working Group develops meaningful use cases for Internet of Things (IoT) implementations as well as practical guidelines to help security practitioners safeguard their installations.
  • The CSA Application Containers and Microservices Working Group research application container and microservice security. It is also in charge of establishing best practices and guidelines for the secure usage of application containers and microservices.
  • The SaaS Governance Working Group seeks to encourage and establish procedures to promote collaboration and assist suppliers and customers in working closely together to manage software-as-service risks, ensure the security of customer data, and ensure the resilience of the SaaS cloud architecture.


The following are the key points in the CSA stack model:

  1. laaS is the most basic level of service. PaaS and SaaS are the next levels of service. 
  2. PaaS provides infrastructure, PaaS provides a platform development environment, and SaaS provides an operational environment.
  3. IaaS offers the fewest integrated functions and integrated security, whereas SaaS has the most. 
  4. This model defines security boundaries. The cloud service provider's duties cease at the security barrier, and the customer's duties begin. 
  5. The security mechanism below the security border is required for the system to be built and should be maintained by the client.

Comments

Post a Comment

Popular posts from this blog

Suppose that a data warehouse for Big-University consists of the following four dimensions: student, course, semester, and instructor, and two measures count and avg_grade. When at the lowest conceptual level (e.g., for a given student, course, semester, and instructor combination), the avg_grade measure stores the actual course grade of the student. At higher conceptual levels, avg_grade stores the average grade for the given combination. a) Draw a snowflake schema diagram for the data warehouse. b) Starting with the base cuboid [student, course, semester, instructor], what specific OLAP operations (e.g., roll-up from semester to year) should one perform in order to list the average grade of CS courses for each BigUniversity student. c) If each dimension has five levels (including all), such as “student < major < status < university < all”, how many cuboids will this cube contain (including the base and apex cuboids)?

-
Image
a) A Snowflake Shema is shown in figure below: b) The specific OLAP operations to be performed: 1. Roll-up on course from course_id to department. 2. Roll-up on a student from student_id to university. 3. Dice on course, student with department ="CS" and university = "biguniversity" 4. Drill-down on a student from the university to student_name. c) N = 4 dimensions The cube will contain 54 = 625 cuboids.
Read more

Suppose that a data warehouse consists of the four dimensions; date, spectator, location, and game, and the two measures, count and charge, where charge is the fee that a spectator pays when watching a game on a given date. Spectators may be students, adults, or seniors, with each category having its own charge rate. a) Draw a star schema diagram for the data b) Starting with the base cuboid [date; spectator; location; game], what specific OLAP operations should perform in order to list the total charge paid by student spectators at GM Place in 2004?

-
Image
  b) The specific OLAP operations to be performed are: 1. Roll-up on date from date id to year. 2. Roll-up on spectator from spectator id to status. 3. Roll-up on location from location id to location name. 4. Roll-up on the game from game id to all. 5. Dice with status= “students”, location name= “GM Place”, and year=2004
Read more

Suppose that a data warehouse consists of the three dimensions time, doctor, and patient, and the two measures count and charge, where a charge is the fee that a doctor charges a patient for a visit. a) Draw a schema diagram for the above data warehouse using one of the schemas. [star, snowflake, fact constellation] b) Starting with the base cuboid [day, doctor, patient], what specific OLAP operations should be performed in order to list the total fee collected by each doctor in 2004? c) To obtain the same list, write an SQL query assuming the data are stored in a relational database with the schema fee (day, month, year, doctor, hospital, patient, count, charge)

-
Image
Solution: a) Star Schema is shown in the figure below: b) First, we should use the roll-up operation to get the year 2004(rolling-up from the day then month to a year). After getting that, we need to use the slice operation to select (2004). Second, we should use roll-up operation again to get all patients. Then, we need to use the slice operation to select (all). Finally, we get a list of the total fee collected by each doctor in 2004. So, 1. roll up from day to month to year 2. slice for year = “2004” 3. roll up on patient from the individual patient to all 4. slice for patient = “all” 5. get the list of the total fees collected by each doctor in 2004 c) Select doctor, Sum(charge) From fee Where year = 2004 Group by doctor
Read more