Further Attack Vector
1.New technology for federation identities,provisioning,virtualization,automation etc.
2.External service providers.
3.Guest breakout.
4.Identity compromise at provider.
5.API compromise
6.Attacks on provider infrastructure
7.Attacks on underlying cloud carrier infrastructure.
Countermeasures across the cloud
1.Layered defense should always be implemented.
2.Redundancy confirmed for continuous uptime
+ Resiliency
+ Component updates without disruption
3.Automation of controls
+ Consistency
+ Minimize human element
+ Integrate security into VM build
4.Access controls
+ can be CSP or customer responsibility
+ Facility,Hardware,OS,Software,vendor,customer,remote should all be considered.