Cloud architecture is comprised of the components and sub-components found in a cloud. While that’s a very common description, there is more than just the technology in the cloud architecture. NIST SP 500-292 focuses on the entities—the cloud consumer, the provider, the auditor, and so on. You really cannot get to the technology without them.
Cloud architecture can be broken down into a four-level taxonomy: role, activity, component and sub-component. When discussing cloud architecture, it is necessary to be able to state who does what, how, and with what tools.
A well-architected framework will take, well, a lot of work. There is much to consider when going through this process. At the beginning, there are many questions to answer, such as:
- What are your business priorities for your customers, both internal and external?
- How do you determine the threat landscape that will have an impact on your cloud and core business structure?
- Where is your data, especially sensitive data, and where does it flow?
- How will you ensure that deployment of systems onto the cloud is done correctly?
- What additional training do your software developers, IT personnel, and employees need with this move into the cloud?
- What mechanisms will you use to ensure all systems are configured correctly?
- What tools will you use to manage the updates and patches to all cloud systems to maintain your security level?
The list continues, so it is critical to ensure that architecture is done correctly, with skill, so that the cloud does not cause more damage than the good it can provide a business.
The roles for the consumer, provider, broker, carrier and auditor are discussed here.
The activities within cloud architecture define access and consumption of SaaS, PaaS, and IaaS. This would also include orchestration, audits, and security.
- Orchestration – the coordinated management of a cloud environment to accomplish the goals of the business using it.
- Audits – include the analysis of the security, performance, and compliance of a cloud provider. This would be done by an external third party.
- Security must always be addressed, from confidentiality to integrity and availability.
- Confidentiality – keeping sensitive data secret. Ensuring that only the authorized users have access to it.
- Integrity – provides a level of confidence that the data or system has not been changed so we can trust the data or system.
- Availability – ensuring that the data and systems are accessible and usable when needed.
The components of cloud architecture are chosen to meet an objective. What are the specific actions, steps, tasks, and processes that must be done in order to accomplish this objective? In the cloud, deciding on a whether a public or private cloud or some combination of them is the best decision for the business must come first. A hybrid cloud connects, say, a private to a public cloud. A newer term, multi-cloud, is defined as being both public and private without any connection between them.
Another topic to address within the components is the issue of interoperability and portability.
- Interoperability is the ability for two different systems to communicate and send data back and forth under specific conditions.
- Portability is the ability to move data from one cloud to another without having to recreate or reenter the data manually.
Careful consideration of these two in terms of the objective of the business is critical from the start of architecting and designing a cloud. If these concepts are not addressed from the beginning, a business may find itself locked into an inadequate or inappropriate architecture.
Sub-components allow a company to begin to address questions of Service Level Agreement (SLA) management and topics such as rapid provisioning and resource changes.
- SLA management – Is the business going to watch metrics in-house and ensure that they are receiving service from their provider, or should there be a third party, e.g., a service broker? A service broker would help negotiate the original contract and provide continued management of the service in terms of monitoring the service metrics and possibly more services.
- Rapid provisioning – The cloud is a different environment that does not suit a lot of the old change management methods. Would it make sense to implement automation tools to help with managing changes to the cloud infrastructure?
- Resource changes – It is necessary to update configurations and set some devices aside for repair.
Cloud security architecture
In cloud security architecture, the security elements are added to the cloud architecture. Cloud security always involves a shared responsibility between the cloud provider and the cloud consumer. The division of responsibility depends on the type of cloud structure that is being used: IaaS, PaaS, or SaaS. There is a division of responsibility imagined by ISO, NIST and even the Cloud Security Alliance (CSA), but in the end, it will be determined by the cloud provider and customer and written into the contract.
A risk assessment needs to be done by the cloud customer to ensure they understand the consequences of using any form of cloud. If you’re not building your own cloud in your own data center, then the contract would or should state who is responsible for what, or at a minimum, what you can rely on the cloud provider for.
Here are some security controls to consider when designing or using a cloud solution:
- Multifactor Authentication (MFA) – It is highly recommended that you use MFA on all accounts.
- Data classification – It is critical today to understand the data that you have within your cloud and how sensitive it is. There are tools that will help discover things like personally identifiable information within data storage. They, or a more manual process, could be used, but either way, it needs to be done.
- Identification and authentication – It is critical to control access from all actors using or within the cloud. This is not just users and administrators but also software, APIs, functions that access other software, or data.
- Create separate and controlled accounts for administrators – The primary account for the business should not be the one used by the administrators. If that account is compromised, everything could be lost.
- Log – Log everything you can and set metrics to alert administrators to suspicious or dangerous conditions.