Manualshelf

Datasheet

ManualsBrandsWiley ManualsSoftware978-0-470-62446-3
21222324252627282930
28 Part I Overview of Commerce
or not possible for a fully automated model. This leaves us with the centralized
credential store that can provide the required features:
Programmatic access to credentials that are used in interactive protocols
(for example, SSH)
Centralized management of credentials
RBAC for those credentials
Secure Communication and Storage
Public key cryptography (asymmetric cryptography) is the preferred technique for
infrastructure security, both to address the protection of data at rest (encryption
of data when persisted) as well as information in transit (SSL/TLS). In public key
cryptography, the entities generate public/private key pairs based on cryptographi-
cally secure mathematical functions. When data is encrypted by the public key
(either when persisted or when in transit) it can only be decrypted by the private
key corresponding to the public key. The public keys are known to everyone.
Isolated Management
Management of the cloud computing infrastructure is a privileged operation. The
network that is used by the control plane to communicate between its components
or with the devices should be isolated from the production network. This implies
that access to light-out management modules that enable hands-off management
must be isolated from the data trafc from the time that the resources are wired
to the network. Following this policy prevents many attacks and retains access
to the management infrastructure in case of the data network failure.
Regulatory Compliance
Operational and regulatory compliance require that the infrastructure comply
with the rules that are defined either by regulatory bodies or corporate rules.
While more operational than technical, it is critical to design and operate your
e-commerce cloud computing infrastructure with close attention to such com-
pliance requirements.
Distributed Trust
The cloud computing infrastructure and the services it offers must be constructed
in a dynamic fashion from components whose trust status is hard to determine.
For instance, a user that trusts an entity may not necessarily trust the same entity
624463c01.indd 28 3/29/11 2:26:36 AM