Cloud Security Frame

I posted a draft of our Cloud Security Frame at Shaping Software.  This frame is especially important because we’re using it to help us map out the Cloud security space for our patterns & practices Cloud Security Guidance project.  It’s helps us scope our project.  The frame is basically a set of Hot Spots.  We use the Hot Spots to find, organize, and share principles, patterns, and practices.  We also use the Hot Spots to find pain points and opportunity or to organize key engineering decisions.  Here is our current set of Hot Spots:

  • Auditing and Logging
  • Authentication
  • Authorization
  • Communication
  • Configuration Management
  • Cryptography
  • Exception Management
  • Sensitive Data
  • Session Management
  • Validation

In this case, since it’s a security frame, we’re using the Hot Spots to organize threats, attacks, vulnerabilities and countermeasures.  This helps make the information more actionable and relevant.  We’re sharing this early and often so that you can give feedback and help us shape it as we go.

If you’re familiar with any of the following guides, this Hot Spot approach should look familiar:

Check out our evolving Cloud Security Frame and provide your feedback in the comments.