1. 4.1 UNDERSTAND CLOUD SECURITY OBJECTIVES
1.1. 4.1.1 Explain the Confidentiality in Cloud Computing
1.1.1. Confidentiality refers to the prevention of the unauthorized access of the data and hence making sure that only the user who has the permission can access the data.
1.2. 4.1.2 Explain the Integrity in Cloud Computing
1.2.1. A data integrity checking algorithm; which eliminates the third party auditing, is explained to protect static and dynamic data from unauthorized observation, modification, or interference.
1.3. 4.1.3 Explain the Availability in Cloud Computing
1.3.1. Availability in this context is how much time the service provider guarantees that your data and services are available.
1.4. 4.1.4 Explain Cloud Security Services
1.4.1. 1. Authentication
1.4.1.1. Authentication is the process of validating and guaranteeing the identity of cloud service subscribers or users. It is deemed essential since its strength directly impacts the reliability and security of the cloud computing environment.
1.4.2. 2. Authorization
1.4.2.1. Authorization services In order to manage users on a single platform, it is common to use a single external authorization service. You give the authorization service credentials to an account that can create temporary roles or manage your accounts on each other cloud service you use
1.4.3. 3. Auditing
1.4.3.1. A cloud auditor can make an assessment of the security controls in the information system to determine the extent to which the controls are implemented correctly, operating as intended, and producing the desired outcome with respect to the security requirements for the system.
1.4.4. 4. Accountability
1.4.4.1. Accountability is a set of approaches to addresses two key problems: - Lack of consumer trust in cloud service providers - Difficulty faced by cloud service providers with compliance across geographic boundaries
1.4.4.2. Emphasis is on data protection, but the notion of accountability encompasses more than just privacy