Security domain |
Security classes |
Risk factors |
Cloud computing security technology implementation |
Application security (A1) |
WEB firewall, identity management, binary analysis, terminal access security, application security, application scanner |
Data security (A2) |
Data encryption, data masking, data residual erasure, access control, backup and recovery, data lineage |
Services security (A3) |
Configuration management, log management, identity management, vulnerability management |
Host security (A4) |
Trusted Computing, VM security, host firewall, intrusion prevention |
Network security (A5) |
Network firewall, DNS security, intrusion detection, anti-DDOS, QoS / DNS Security |
Physical security (A6) |
Physical environment, hardware equipment, personnel security |