Book Image

Architecting Cloud Computing Solutions

By : Kevin L. Jackson, Goessling
Book Image

Architecting Cloud Computing Solutions

By: Kevin L. Jackson, Goessling

Overview of this book

Cloud adoption is a core component of digital transformation. Scaling the IT environment, making it resilient, and reducing costs are what organizations want. Architecting Cloud Computing Solutions presents and explains critical cloud solution design considerations and technology decisions required to be made for deploying the right cloud service and deployment models, based on your business and technology service requirements. This book starts with the fundamentals of cloud computing and its architectural concepts. It then walks you through cloud service models (IaaS, PaaS, and SaaS), deployment models (public, private, community, and hybrid) and implementation options (enterprise, MSP, and CSP) to explain and describe the key considerations and challenges organizations face during cloud migration. Later, this book delves into how to leverage DevOps, Cloud-Native, and serverless architectures in your cloud environment and presents industry best practices for scaling your cloud environment. Finally, this book addresses in depth how to manage essential cloud technology service components, such as data storage, security controls, and disaster recovery. By the end of this book, you will have mastered all the design considerations and operational trades required to adopt cloud services, no matter which cloud service provider you choose.
Table of Contents (24 chapters)
Free Chapter
1
Prologue
18
Hands-On Lab 1 – Basic Cloud Design (Single Server)
20
Hands-On Lab 3 – Optimizing Current State (12 Months Later)
21
Cloud Architecture – Lessons Learned
22
Epilogue

The application security management process

The ISO 27034-1 standard provides a very valuable framework for implementing cloud application security. The standard's underlying principles include the following:

  • Security requirements are defined and analyzed throughout the application's life cycle and managed continually.
  • Application risks are influenced by security requirement type and scope, which are driven by (1) business; (2) regulatory; and (3) technological domains.
  • Application security controls and audit measurements costs should align with the targeted level of trust.
  • Auditing process should verify that implemented controls are delivering management's targeted level of trust.

ISO 27034-1 also lays out the components, processes, and frameworks to help organizations acquire, implement, and use trustworthy applications, at an acceptable (or tolerable) security...