This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
Difference between revisions of "Cloud-10 Guidelines"
From OWASP
Vinaykbansal (talk | contribs) |
Vinaykbansal (talk | contribs) (→Guideline Document) |
||
| (3 intermediate revisions by the same user not shown) | |||
| Line 19: | Line 19: | ||
#AuthC/Identity | #AuthC/Identity | ||
#Encryption | #Encryption | ||
| + | #Integration | ||
| + | ## Web Services | ||
| + | ##VPN based | ||
#WAF | #WAF | ||
| Line 26: | Line 29: | ||
4. Operations | 4. Operations | ||
#Patching | #Patching | ||
| − | |||
== Use Cases == | == Use Cases == | ||
| Line 36: | Line 38: | ||
== Target Providers == | == Target Providers == | ||
| − | + | # Savvis - Shankar | |
| − | + | # Amazon EC2 - Vinay | |
| − | + | # Google Apps - Pankaj | |
| + | |||
| + | |||
| + | |||
| + | == Timelines == | ||
| + | |||
| + | 1. Initial Draft from Shankar - Nov 29nd | ||
| + | |||
| + | 2. Initial Draft from Vinay - Dec 9th | ||
Latest revision as of 17:00, 7 December 2011
Guideline Document
1. Development / Environment Setting
a) Developer Access
- Jump Server
- Multi factor Autch
- VPN/Cert based Authc
2. Architecture
- Tiering
- Communicaiton
- between zones
- within tiers
- ACLs
- AuthC/Identity
- Encryption
- Integration
- Web Services
- VPN based
- WAF
3. Deployment and Testing
- Hardening
4. Operations
- Patching
Use Cases
- Deploying Third Party
- Building Your Own Application
Target Providers
- Savvis - Shankar
- Amazon EC2 - Vinay
- Google Apps - Pankaj
Timelines
1. Initial Draft from Shankar - Nov 29nd
2. Initial Draft from Vinay - Dec 9th
