Deck 13: Cloud and Iot Security

An IPS is a set of automated tools designed to detect unauthorizedaccess to a host system.

A key element in providing security in an IoT deployment is thegateway.

The three areas of support that a cloud broker can offer are serviceintermediation, service aggregation and service arbitrage.

In a public cloud model the provider is responsible both for the cloudinfrastructure and for the control of data and operations within thecloud.

The security module for OpenStack is Keystone.

The term platform as a service has generally meant a package ofsecurity services offered by a service provider that offloads much ofthe security responsibility from an enterprise to the security serviceprovider.

There is an increasingly prominent trend in many organizations tomove a substantial portion or even all IT operations to enterprise cloud computing.

A CSC can provide one or more of the cloud services to meet IT andbusiness requirements of a CSP.

Cloud computing gives you the ability to expand and reduce resourcesaccording to your specific service requirement.

IaaS provides service to customers in the form of software, specificallyapplication software, running on and accessible in the cloud.

Data must be secured while in transit, but not while in use or at rest.

NIST recommends selecting cloud providers that support strongencryption, have appropriate redundancy mechanisms in place, employ authentication mechanisms, and offer subscribers sufficient visibility about mechanisms used to protect subscribers from other subscribers and the provider.

The "smart" in a smart device is provided by a deeply embeddedactuator.

Security assessments are third-part audits of cloud services.

The major advantage of the public cloud is cost.

___________ is an open-source software project of the OpenStack Foundation that aims to produce an open-source cloud operating system.

The four most prominent deployment models for cloud computing are public cloud, community cloud, hybrid cloud and _________ cloud.

The ?????_________ cloud infrastructure is a composition of two or more clouds that remain unique entities but are bound together by standardized or proprietary technology that enables data and application portability.

__________ is defined as "a model for enabling ubiquitous, convenient, on-demand network access to a shared pool of configurable computing resources that can be rapidly provisioned and released with minimal management effort or service provider interaction".

__________ includes people, processes and systems that are used to manage access to enterprise resources by assuring that the identity of an entity is verified, then granting the correct level of access based on this assured identity.

NIST SP 800-145 defines three service models: software as a service, platform as a service, and __________ as a service.

A cloud __________ is a party that can conduct independent assessment of cloud services, information system operations, performance, and security of the cloud implementation.

A cloud __________ is a networking facility that provides connectivity and transport of cloud services between cloud consumers and cloud service providers.

__________ aggregates log and event data from virtual and real networks, applications, and systems. This information is then correlated and analyzed to provide real-time reporting and alerting on information/events that may require intervention or other type of response.

The __________ is a term that refers to the expanding interconnection of smart devices, ranging from appliances to tiny sensors.

With reference to the end systems supported, the Internet has gone through roughly four generations of deployment culminating in the IoT: information technology, operational technology, _________, and sensor/actuator technology.

The core network, also referred to as a __________ network, connects geographically dispersed fog networks as well as provides access to other networks that are not part of the enterprise network.

The key components of an IoT-enabled device are: sensor, actuator, _________, transceiver and radio-frequency identification.

MiniSec is an open-source security module that is part of the __________ operating system.

MiniSec is designed to meet the following requirements: data authentication, __________, replay protection, freshness, low energy overhead and resilient to lost messages.