The major security objectives for cloud computing are the following:
Protect postal service data from unauthorized access, disclosure, modification and monitoring. This includes identity management support to allow the Postal Service to have the ability to apply identity and access control policies to authorized users accessing the cloud service. This includes the ability of the Postal Service to allow access to data selectively available to other users.
Protect information resources from supply chain threats. This incorporates checking and keeping up the dependability and reliability of the CP, as well as the security assurances associated with the hardware and software used.
Prevent unauthorized access to cloud computing infrastructure resources. This involves applying security domains that are a logical separation between computing resources and Using the default without any access configuration
Design Web applications deployed in a cloud for an Internet threat model (such as the National Institute of Standards and Technology (NIST)) and incorporate security into the software development process.
Protects Internet browsers from attacks and mitigates end-user security vulnerabilities. This includes taking steps to protect personal computing devices connected to the Internet by applying security software, personal firewalls, and patches on a regular maintenance schedule.
Deploy access control and intrusion-detection technologies at the CP and conduct an independent assessment to confirm that they are set up. This incorporates, yet does not depend on, traditional perimeter security measures in combination with the domain security model. Traditional perimeter security includes: using antivirus software; restricting physical access to network and devices; setting as the default the most secure configurations; protecting individual parts from misuse through security fix deployment; disabling all unused ports and services; monitoring audit trails; utilizing job based access control; minimizing the use of privilege; and encrypting communications.
Define trust boundaries between CPs and customers to obviously set up and declare boundaries of responsibility for giving security.
Support portability such that the Postal Service can make action to change CPs when expected to fulfill accessibility, confidentiality, and integrity requirements. This includes the ability to close an account on a specific date and time and to copy data from one CP to another.
Provide physical separation between the non-PCI applications and postal service payment card industry (PCI). Postal service PCI applications can not share processing and memory storage with non-PCI applications.
If you want to learn and know more about Cloud Computing then visit Cloud computing training in Chandigarh.