Collegenote
- Defining the Cloud
- Cloud Computing
- Emergence of Cloud Computing
- Cloud Based Service Models
- Grid Computing or Cloud Computing
- Components of Cloud Computing
- Cloud Computing Deployment Models
- Benefits of using cloud models
- Legal Issues in Using Cloud Models
- Ethical issues in cloud computing
- Characteristics of Cloud Computing
- Evolution of cloud computing
- Challenges for cloud computing
- Grid Computing
- Distributed Computing in Grid and Cloud
- Cloud Communication
- Communication-as-a-Service (CaaS)
- Advantages of CaaS
- Infrastructure-as-a-Service (IaaS)
- Popular IaaS solutions
- Modern On-Demand Computing
- Amazon’s Elastic Cloud
- Amazon EC2 Service Characteristics
- Elastic IP Addressing
- Monitoring-as-a-Service (MaaS)
- The Traditional On-Premises Model
- Platform-as-a-Service (PaaS)
- Key Characteristics of PaaS
- Software-as-a-Service
- SaaS Implementation Issues
- The key characteristics of SaaS
- Benefits of SaaS Model
- Jericho Cube Model
- XaaS
- Evolution from Managed service providers (MSP) to Cloud Computing
- Single Purpose architectures to multi-purpose architectures
- Service Oriented Architectures (SOA)
- Combining Cloud and SOA
- Characterizing SOA
- Open Source Software in Data Centers
- Data center virtualization
- Cloud data center
Application Security #
Application security is one of the critical success factors for a world-class SaaS company. This is where the security features and requirements are defined and application security test results are reviewed. Application security processes, secure coding guidelines, training, and testing scripts and tools are typically a collaborative effort between the security and the development teams. Although product engineering will likely focus on the application layer, the security design of the application itself, and the infrastructure layers interacting with the application, the security team should provide the security requirements for the product development engineers to implement. This should be a collaborative effort between the security and product development team. External penetration testers are used for application source code reviews, and attack and penetration tests provide an objective review of the security of the application as well as assurance to customers that attack and penetration tests are performed regularly. Fragmented and undefined collaboration on application security can result in lower-quality design, coding efforts, and testing results.