Virtualization systems Controls
1.Isolation/separation of Zones
+ DMZ,VLAN,physical segmentation
2.Encryption
3.Secure Images with DLPs,firewalls,auto-generated logs.
4.Secure data transmit protocols.
5.Protected management plane
6.Detective controls
+ IDS/IPS
+ Honeypots
+ Enticement vs. Entrapment
7.Secure erasure
8.Snapshots for redundancy and investments.
IAAA in the cloud Infrastructure
1.Identity
+ Identity providers in the cloud are using openID and Oauth.
+ Internal corporate environments may use Active Directory.
2.Authentication
+ Function of the Identity Provider
+ Multi-Factor is best
3.Authorization
+ Based on identity,roles,attributes,context
+ Enforced at policy enforcement point
4.Auditing