1. 4.1 Understand Cloud Security Objectives
1.1. 4.1.1 Explain the Confidentiality in Cloud Computing
1.1.1. In cloud computing, user's data is stored on remote servers which may be operated by others and can be accessed through Internet connection. Confidentiality refers to the prevention of the unauthorized access of the data and hence making sure that only the user who has the permission can access the data.
1.2. 4.1.2 Explain the Integrity in Cloud Computing
1.2.1. Integrity means that data is protected from unauthorized changes to ensure that it is reliable and correct.
1.3. 4.1.3 Explain the Availability in Cloud Computing
1.3.1. Availability means that authorized users have access to the systems and the resources they need.
1.4. 4.1.4 Explain Cloud Security Services
1.4.1. a) Authentication
1.4.1.1. Applying different authentication mechanisms, which verifies a user's identity when a user wishes to request services from cloud servers.
1.4.2. b) Authorization
1.4.2.1. To determine user/client privileges or access levels related to system resources, including computer programs, files, services, data and application features.
1.4.2.2. Authorization is normally preceded by authentication for user identity verification
1.4.3. c) Auditing
1.4.3.1. Evaluate the services provided by a cloud provider in terms of security controls, privacy impact, performance, etc.
1.4.4. d) Accountability
1.4.4.1. Ensure that obligations to protect data are observed by all who process the data, irrespective of where that processing occurs.