The Association of Banks in Singapore (ABS) has developed this implementation guide for Financial Institutions (FIs) to use when entering into Cloud outsourcing arrangements.
The recommendations that lie within have been discussed and agreed by members of the ABS Standing Committee for Cyber Security (SCCS) with the intent to assist FIs in understanding approaches to due diligence, vendor management and key controls that should be implemented in Cloud outsourcing arrangements.
Data Security Model Enhancement In Cloud EnvironmentIOSR Journals
This document discusses enhancing data security in cloud environments. It begins by providing background on cloud computing, including its key characteristics and architecture. The document then discusses existing security concerns with cloud computing, as sensitive user data is stored remotely by cloud providers. The main objective is to propose an enhanced data security model for clouds. The proposed model uses a three-layer architecture and efficient algorithms to ensure security at each layer and solve common cloud data security issues like authentication, data protection, and fast data recovery.
This document provides an overview of cloud computing concepts including definitions, characteristics, business value, management, security, deployment models, and legal issues. It defines cloud computing as a model for enabling network access to configurable computing resources that can be rapidly provisioned with minimal management effort. The key characteristics of cloud computing are on-demand self-service, broad network access, resource pooling, rapid elasticity, and measured service. The document discusses the cost and agility benefits of cloud computing for businesses. It also covers topics such as cloud service models, network architecture, adoption strategy, the role of a cloud officer, and legal issues regarding data location.
International Journal of Engineering Research and Applications (IJERA) is an open access online peer reviewed international journal that publishes research and review articles in the fields of Computer Science, Neural Networks, Electrical Engineering, Software Engineering, Information Technology, Mechanical Engineering, Chemical Engineering, Plastic Engineering, Food Technology, Textile Engineering, Nano Technology & science, Power Electronics, Electronics & Communication Engineering, Computational mathematics, Image processing, Civil Engineering, Structural Engineering, Environmental Engineering, VLSI Testing & Low Power VLSI Design etc.
A Secure Cloud Storage System with Data Forwarding using Proxy Re-encryption ...IJTET Journal
Cloud computing provides the facility to access shared resources and common support which contributes services on
demand over the network to perform operations that meet changing business needs. A cloud storage system, consisting of a collection
of storage servers, affords long-term storage services over the internet. Storing the data in a third party cloud system cause serious
concern over data confidentiality, without considering the local infrastructure limitations, the cloud services allow the user to enjoy the
cloud applications. As the different users may be working in the collaborative relationship, the data sharing becomes significant to
achieve productive benefit during the data accessing. The existing security system only focuses on the authentication; it shows that
user’s private data cannot be accessed by the fake users. To address the above cloud storage privacy issue shared authority based
privacy-preserving authentication protocol is used. In the SAPA, the shared access authority is achieved by anonymous access request
and privacy consideration, attribute based access control allows the user to access their own data fields. To provide the data sharing
among the multiple users proxy re-encryption scheme is applied by the cloud server. The privacy-preserving data access authority
sharing is attractive for multi-user collaborative cloud applications.
A Secure Cloud Storage System with Data Forwarding using Proxy Re-encryption ...IJTET Journal
1. The document describes a secure cloud storage system that uses proxy re-encryption to allow authorized data sharing among multiple users. It focuses on privacy issues in cloud storage and proposes a solution using proxy re-encryption.
2. Proxy re-encryption schemes allow a proxy (like a cloud server) to alter an encrypted file so that it can be decrypted by another user, without revealing the content to the proxy. The proposed system uses this to share files encrypted for one user so they can be decrypted by another authorized user.
3. The system assigns different trust levels to control what data different users can access. A high trust level allows access to more data fields, while a low trust level restricts access. This trust
Security Requirement Specification Model for Cloud Computing ServicesMatteo Leonetti
The document proposes a security requirement specification model for cloud computing services. It discusses (1) existing security issues and specification languages, (2) the need for a new model to describe security interactions and requirements, and (3) how the model can be used to specify security for use cases, components, and intrusion detection system rules for a cloud computing case study.
"The transition of companies to cloud-based will be quicker for some and slower for others depending on their individual circumstances, But the change will happen."
Data Security Model Enhancement In Cloud EnvironmentIOSR Journals
This document discusses enhancing data security in cloud environments. It begins by providing background on cloud computing, including its key characteristics and architecture. The document then discusses existing security concerns with cloud computing, as sensitive user data is stored remotely by cloud providers. The main objective is to propose an enhanced data security model for clouds. The proposed model uses a three-layer architecture and efficient algorithms to ensure security at each layer and solve common cloud data security issues like authentication, data protection, and fast data recovery.
This document provides an overview of cloud computing concepts including definitions, characteristics, business value, management, security, deployment models, and legal issues. It defines cloud computing as a model for enabling network access to configurable computing resources that can be rapidly provisioned with minimal management effort. The key characteristics of cloud computing are on-demand self-service, broad network access, resource pooling, rapid elasticity, and measured service. The document discusses the cost and agility benefits of cloud computing for businesses. It also covers topics such as cloud service models, network architecture, adoption strategy, the role of a cloud officer, and legal issues regarding data location.
International Journal of Engineering Research and Applications (IJERA) is an open access online peer reviewed international journal that publishes research and review articles in the fields of Computer Science, Neural Networks, Electrical Engineering, Software Engineering, Information Technology, Mechanical Engineering, Chemical Engineering, Plastic Engineering, Food Technology, Textile Engineering, Nano Technology & science, Power Electronics, Electronics & Communication Engineering, Computational mathematics, Image processing, Civil Engineering, Structural Engineering, Environmental Engineering, VLSI Testing & Low Power VLSI Design etc.
A Secure Cloud Storage System with Data Forwarding using Proxy Re-encryption ...IJTET Journal
Cloud computing provides the facility to access shared resources and common support which contributes services on
demand over the network to perform operations that meet changing business needs. A cloud storage system, consisting of a collection
of storage servers, affords long-term storage services over the internet. Storing the data in a third party cloud system cause serious
concern over data confidentiality, without considering the local infrastructure limitations, the cloud services allow the user to enjoy the
cloud applications. As the different users may be working in the collaborative relationship, the data sharing becomes significant to
achieve productive benefit during the data accessing. The existing security system only focuses on the authentication; it shows that
user’s private data cannot be accessed by the fake users. To address the above cloud storage privacy issue shared authority based
privacy-preserving authentication protocol is used. In the SAPA, the shared access authority is achieved by anonymous access request
and privacy consideration, attribute based access control allows the user to access their own data fields. To provide the data sharing
among the multiple users proxy re-encryption scheme is applied by the cloud server. The privacy-preserving data access authority
sharing is attractive for multi-user collaborative cloud applications.
A Secure Cloud Storage System with Data Forwarding using Proxy Re-encryption ...IJTET Journal
1. The document describes a secure cloud storage system that uses proxy re-encryption to allow authorized data sharing among multiple users. It focuses on privacy issues in cloud storage and proposes a solution using proxy re-encryption.
2. Proxy re-encryption schemes allow a proxy (like a cloud server) to alter an encrypted file so that it can be decrypted by another user, without revealing the content to the proxy. The proposed system uses this to share files encrypted for one user so they can be decrypted by another authorized user.
3. The system assigns different trust levels to control what data different users can access. A high trust level allows access to more data fields, while a low trust level restricts access. This trust
Security Requirement Specification Model for Cloud Computing ServicesMatteo Leonetti
The document proposes a security requirement specification model for cloud computing services. It discusses (1) existing security issues and specification languages, (2) the need for a new model to describe security interactions and requirements, and (3) how the model can be used to specify security for use cases, components, and intrusion detection system rules for a cloud computing case study.
"The transition of companies to cloud-based will be quicker for some and slower for others depending on their individual circumstances, But the change will happen."
Cloud infrastructure mechanisms are foundational building blocks of cloud environments that establish primary artifacts to form the basis of fundamental cloud technology architecture.
The document defines cloud computing as a model for enabling on-demand access to a shared pool of configurable computing resources that can be rapidly provisioned with minimal management effort. It identifies essential characteristics of cloud computing including on-demand self-service, broad network access, resource pooling, rapid elasticity, and measured service. It also outlines common cloud service models and deployment models.
Cloud computing is very useful then also its own set of cons discourage cloud users to choose them as a best option. The multitenant architecture of cloud exposed to several threats such as improper trust management at service provider site, Storage security, Shared technology vulnerabilities, data lost/leakage during transit, unauthorized access of data. This paper studied review work on cloud steganography.
Cloud computing challenges with emphasis on amazon ec2 and windows azureIJCNCJournal
Cloud Computing has received much attention by the IT-Business world. As compared to the common
computing platforms, cloud computing is more flexible in supporting real-time computation and is
considered a more powerful model for hosting and delivering services over the Internet. However, since
cloud computing is still at its infancy, it faces many challenges that stand against its growth and spread.
This article discusses some challenges facing cloud computing growth and conducts a comparison study
between Amazon EC2 and Windows Azure in dealing with such challenges. It concludes that Amazon EC2
generally offers better solutions than Windows Azure. Nevertheless, the selection between them depends on
the needs of customers.
International Journal of Computational Engineering Research(IJCER)ijceronline
International Journal of Computational Engineering Research(IJCER) is an intentional online Journal in English monthly publishing journal. This Journal publish original research work that contributes significantly to further the scientific knowledge in engineering and Technology.
This document discusses cloud computing and its potential benefits for organizations. It defines cloud computing and describes deployment and service models. The key benefits of cloud computing include lower costs, faster deployment of applications, scalability, and improved organizational agility. However, security, lack of standards, and regulatory compliance are challenges. The adoption of cloud computing is increasing but still early, with most activity from early adopters.
This chapter introduces and describes several of the more common foundational cloud architectural models, each exemplifying a common usage and characteristic of contemporary cloud-based environments. The involvement and importance of different combinations of cloud computing mechanisms in relation to these architectures are explored.
“This chapter provide an overview of introductory cloud computing topics. It begins with a brief history of cloud computing along with short descriptions of its business and technology drivers. This is followed by definitions of basic concepts and terminology, in addition to explanations of the primary benefits and challenges of cloud computing adoption.”
Requirements and Challenges for Securing Cloud Applications and ServicesIOSR Journals
This document discusses the requirements and challenges for securing cloud applications and services. It begins with an abstract that introduces cloud computing security as complex due to many factors. The document then provides context on cloud computing architectural frameworks and models to help evaluate security risks when adopting cloud services. It discusses key aspects of cloud architecture like deployment models, service models, and multi-tenancy that impact security. Understanding these relationships is important for informed risk management decisions regarding cloud adoption strategies.
This document summarizes research on domain-specific considerations for cloud computing performance. It discusses key contributions in computational power, performance provisioning, load balancing, and service level agreements. It also analyzes the characteristics of public, private and hybrid cloud models in terms of scalability, security, reliability, cost, data integration, management and other factors. The study reveals that considering domain-specific factors is important for designing effective cloud-based applications and environments.
From the server room to the board room, there is a lot of talk about “the cloud” — and for good reason. The cloud offers organizations — and their information technology (IT) staffs, in particular — a number of important benefits ranging from increased efficiencies to scalability. Taking advantage of these benefits requires understanding the various cloud models available and how they can best meet your organization’s specific needs.
Cloud Computing Basics Features and Servicesijtsrd
Cloud computing is an on demand service in which distributed resources, information, software and other devices are provided according to the client's requirement at specific time 1 . Cloud computing involves deploying groups of remote servers and software networks that allow centralized data storage and online access to computer services or resources. In this paper, we explore the different services in different computing platforms and applications. Cloud computing is a service, which offers customers to work over the internet 2 . Kyi Pyar | Me Me Khaing "Cloud Computing Basics: Features and Services" Published in International Journal of Trend in Scientific Research and Development (ijtsrd), ISSN: 2456-6470, Volume-3 | Issue-5 , August 2019, URL: https://www.ijtsrd.com/papers/ijtsrd27960.pdfPaper URL: https://www.ijtsrd.com/computer-science/distributed-computing/27960/cloud-computing-basics-features-and-services/kyi-pyar
Cloud computing is basically storing and accessing data and sharing resources over the internet rather than having local servers or personal device to handle applications.
Enhancing Data Storage Security in Cloud Computing Through SteganographyIDES Editor
This document summarizes a research paper that proposes a method for enhancing data security in cloud computing through steganography. The method hides user data in digital images stored on cloud servers. When data needs to be accessed, it is extracted from the images. The document outlines the cloud architecture and security issues addressed. It then describes the proposed system architecture, security model, and data storage and retrieval process. Data is partitioned and hidden in multiple images to improve security. The goal is to prevent unauthorized access to user data stored on cloud servers.
This document discusses cloud computing and the migration from traditional systems to cloud systems. It defines cloud computing and describes the main service models (SaaS, PaaS, IaaS) and deployment types (private, public, hybrid, community). The key benefits of cloud computing mentioned are flexibility, scalability, reduced costs, and maintenance of the cloud system being handled by the cloud provider rather than by the user's organization. Migrating systems to the cloud can help organizations meet increasing demands on their systems like load, availability and security in a more cost effective way compared to traditional approaches.
IRJET- A Detailed Study and Analysis of Cloud Computing Usage with Real-Time ...IRJET Journal
This document discusses cloud computing and its usage with real-time applications. It begins by defining cloud computing and noting how it has evolved since 2006. It then discusses the key characteristics of cloud computing, including flexibility, cost reductions, and scalability.
The document outlines the three main service models of cloud computing: Infrastructure as a Service (IaaS), Platform as a Service (PaaS), and Software as a Service (SaaS). It provides examples of each model and describes how they differ in the level of abstraction provided.
The deployment models of private cloud, public cloud, and hybrid cloud are also summarized. Private cloud is for exclusive use within an organization while public cloud is open for public use.
Improving Cloud Performance through Performance Based Load Balancing ApproachIRJET Journal
The document proposes a performance-based load balancing approach to improve cloud computing performance through load balancing and fault tolerance. It considers success ratio and past load data when distributing tasks among nodes. A fault handler is used to detect and recover from faults reactively. When a fault occurs, the handler updates node records, restarts servers, or transfers pending tasks. Task outcomes are evaluated based on status and deadlines. Nodes with successful outcomes have their success ratios incremented, while unsuccessful nodes have ratios decremented or fault handling triggered. The approach aims to map tasks to nodes with higher success ratios and lower current loads to improve quality of service. Cloudsim simulations show how success ratios for sample nodes change with this approach over multiple task assignments.
Abstract--The paper identifies the issues and the solution to overcome these problems. Cloud computing is a subscription based service where we can obtain networked storage space and computer resources. This technology has the capacity to admittance a common collection of resources on request. It is the application provided in the form of service over the internet and system hardware in the data centers that gives these services. But having many advantages for IT organizations cloud has some issues that must be consider during its deployment. The main concern is security privacy and trust. There are various issues that need to be dealt with respect to security and privacy in a cloud computing scenario [4].
Keywords--Cloud, Issues, Security, Privacy, Resources, Technology.
A proposal for implementing cloud computing in newspaper companyKingsley Mensah
This proposal recommends implementing cloud computing for a newspaper company's management information system using Microsoft Azure's infrastructure as a service (IaaS) public cloud model. It analyzes cloud computing and virtualization concepts. The strategy is to move backup storage to the cloud, virtualize staff/management PCs for improved security, and implement the Azure cloud to cut costs by 50% compared to current on-premise infrastructure expenses. Virtualizing access through the cloud will strengthen security while taking advantage of Azure's competitive pricing and 30-day free trial.
Although many organizations have adopted the cloud and are reaping the
benefits of a cloud computing platform, there are still concerns with the
handling of sensitive information on a public cloud platform. For such
organizations an alternate option is available, and it means having their own
private cloud.
Every day, the Big Data phenomenon becomes more relevant in the computing area. An example of this is the massive amount of data generated by social media today. Along with this comes the problem of how to handle this large amount of data and, particularly, how to recognize the occurence of patterns in it. The latter is currently partially resolved thanks to the Data Stream Managenemt Systems (DSMS), which are the systems developed for querying massive flows of data. The issue with DSMS is that they do not work over a defined theoretical basis, but they are more focused on implementation. As consecuence, the given results are sometimes ambiguous and the systems are incomparable among each other. To solve this problem, in this work we propose a framework for DSMS. First, we propose a general query language which has the most common operators used by DSMS. Second, we define different query semantics based on the results expected by the DSMS users. Third, we propose an evaluation model of the queries based on Match Automata which will allow future analysis of this theoretical framework.
We provide expert advice, robust technical skills, and impeccable customer service, all while being costconscious and adding value that drives process improvements and enables you to open up new avenues of growth and innovation.
Cloud infrastructure mechanisms are foundational building blocks of cloud environments that establish primary artifacts to form the basis of fundamental cloud technology architecture.
The document defines cloud computing as a model for enabling on-demand access to a shared pool of configurable computing resources that can be rapidly provisioned with minimal management effort. It identifies essential characteristics of cloud computing including on-demand self-service, broad network access, resource pooling, rapid elasticity, and measured service. It also outlines common cloud service models and deployment models.
Cloud computing is very useful then also its own set of cons discourage cloud users to choose them as a best option. The multitenant architecture of cloud exposed to several threats such as improper trust management at service provider site, Storage security, Shared technology vulnerabilities, data lost/leakage during transit, unauthorized access of data. This paper studied review work on cloud steganography.
Cloud computing challenges with emphasis on amazon ec2 and windows azureIJCNCJournal
Cloud Computing has received much attention by the IT-Business world. As compared to the common
computing platforms, cloud computing is more flexible in supporting real-time computation and is
considered a more powerful model for hosting and delivering services over the Internet. However, since
cloud computing is still at its infancy, it faces many challenges that stand against its growth and spread.
This article discusses some challenges facing cloud computing growth and conducts a comparison study
between Amazon EC2 and Windows Azure in dealing with such challenges. It concludes that Amazon EC2
generally offers better solutions than Windows Azure. Nevertheless, the selection between them depends on
the needs of customers.
International Journal of Computational Engineering Research(IJCER)ijceronline
International Journal of Computational Engineering Research(IJCER) is an intentional online Journal in English monthly publishing journal. This Journal publish original research work that contributes significantly to further the scientific knowledge in engineering and Technology.
This document discusses cloud computing and its potential benefits for organizations. It defines cloud computing and describes deployment and service models. The key benefits of cloud computing include lower costs, faster deployment of applications, scalability, and improved organizational agility. However, security, lack of standards, and regulatory compliance are challenges. The adoption of cloud computing is increasing but still early, with most activity from early adopters.
This chapter introduces and describes several of the more common foundational cloud architectural models, each exemplifying a common usage and characteristic of contemporary cloud-based environments. The involvement and importance of different combinations of cloud computing mechanisms in relation to these architectures are explored.
“This chapter provide an overview of introductory cloud computing topics. It begins with a brief history of cloud computing along with short descriptions of its business and technology drivers. This is followed by definitions of basic concepts and terminology, in addition to explanations of the primary benefits and challenges of cloud computing adoption.”
Requirements and Challenges for Securing Cloud Applications and ServicesIOSR Journals
This document discusses the requirements and challenges for securing cloud applications and services. It begins with an abstract that introduces cloud computing security as complex due to many factors. The document then provides context on cloud computing architectural frameworks and models to help evaluate security risks when adopting cloud services. It discusses key aspects of cloud architecture like deployment models, service models, and multi-tenancy that impact security. Understanding these relationships is important for informed risk management decisions regarding cloud adoption strategies.
This document summarizes research on domain-specific considerations for cloud computing performance. It discusses key contributions in computational power, performance provisioning, load balancing, and service level agreements. It also analyzes the characteristics of public, private and hybrid cloud models in terms of scalability, security, reliability, cost, data integration, management and other factors. The study reveals that considering domain-specific factors is important for designing effective cloud-based applications and environments.
From the server room to the board room, there is a lot of talk about “the cloud” — and for good reason. The cloud offers organizations — and their information technology (IT) staffs, in particular — a number of important benefits ranging from increased efficiencies to scalability. Taking advantage of these benefits requires understanding the various cloud models available and how they can best meet your organization’s specific needs.
Cloud Computing Basics Features and Servicesijtsrd
Cloud computing is an on demand service in which distributed resources, information, software and other devices are provided according to the client's requirement at specific time 1 . Cloud computing involves deploying groups of remote servers and software networks that allow centralized data storage and online access to computer services or resources. In this paper, we explore the different services in different computing platforms and applications. Cloud computing is a service, which offers customers to work over the internet 2 . Kyi Pyar | Me Me Khaing "Cloud Computing Basics: Features and Services" Published in International Journal of Trend in Scientific Research and Development (ijtsrd), ISSN: 2456-6470, Volume-3 | Issue-5 , August 2019, URL: https://www.ijtsrd.com/papers/ijtsrd27960.pdfPaper URL: https://www.ijtsrd.com/computer-science/distributed-computing/27960/cloud-computing-basics-features-and-services/kyi-pyar
Cloud computing is basically storing and accessing data and sharing resources over the internet rather than having local servers or personal device to handle applications.
Enhancing Data Storage Security in Cloud Computing Through SteganographyIDES Editor
This document summarizes a research paper that proposes a method for enhancing data security in cloud computing through steganography. The method hides user data in digital images stored on cloud servers. When data needs to be accessed, it is extracted from the images. The document outlines the cloud architecture and security issues addressed. It then describes the proposed system architecture, security model, and data storage and retrieval process. Data is partitioned and hidden in multiple images to improve security. The goal is to prevent unauthorized access to user data stored on cloud servers.
This document discusses cloud computing and the migration from traditional systems to cloud systems. It defines cloud computing and describes the main service models (SaaS, PaaS, IaaS) and deployment types (private, public, hybrid, community). The key benefits of cloud computing mentioned are flexibility, scalability, reduced costs, and maintenance of the cloud system being handled by the cloud provider rather than by the user's organization. Migrating systems to the cloud can help organizations meet increasing demands on their systems like load, availability and security in a more cost effective way compared to traditional approaches.
IRJET- A Detailed Study and Analysis of Cloud Computing Usage with Real-Time ...IRJET Journal
This document discusses cloud computing and its usage with real-time applications. It begins by defining cloud computing and noting how it has evolved since 2006. It then discusses the key characteristics of cloud computing, including flexibility, cost reductions, and scalability.
The document outlines the three main service models of cloud computing: Infrastructure as a Service (IaaS), Platform as a Service (PaaS), and Software as a Service (SaaS). It provides examples of each model and describes how they differ in the level of abstraction provided.
The deployment models of private cloud, public cloud, and hybrid cloud are also summarized. Private cloud is for exclusive use within an organization while public cloud is open for public use.
Improving Cloud Performance through Performance Based Load Balancing ApproachIRJET Journal
The document proposes a performance-based load balancing approach to improve cloud computing performance through load balancing and fault tolerance. It considers success ratio and past load data when distributing tasks among nodes. A fault handler is used to detect and recover from faults reactively. When a fault occurs, the handler updates node records, restarts servers, or transfers pending tasks. Task outcomes are evaluated based on status and deadlines. Nodes with successful outcomes have their success ratios incremented, while unsuccessful nodes have ratios decremented or fault handling triggered. The approach aims to map tasks to nodes with higher success ratios and lower current loads to improve quality of service. Cloudsim simulations show how success ratios for sample nodes change with this approach over multiple task assignments.
Abstract--The paper identifies the issues and the solution to overcome these problems. Cloud computing is a subscription based service where we can obtain networked storage space and computer resources. This technology has the capacity to admittance a common collection of resources on request. It is the application provided in the form of service over the internet and system hardware in the data centers that gives these services. But having many advantages for IT organizations cloud has some issues that must be consider during its deployment. The main concern is security privacy and trust. There are various issues that need to be dealt with respect to security and privacy in a cloud computing scenario [4].
Keywords--Cloud, Issues, Security, Privacy, Resources, Technology.
A proposal for implementing cloud computing in newspaper companyKingsley Mensah
This proposal recommends implementing cloud computing for a newspaper company's management information system using Microsoft Azure's infrastructure as a service (IaaS) public cloud model. It analyzes cloud computing and virtualization concepts. The strategy is to move backup storage to the cloud, virtualize staff/management PCs for improved security, and implement the Azure cloud to cut costs by 50% compared to current on-premise infrastructure expenses. Virtualizing access through the cloud will strengthen security while taking advantage of Azure's competitive pricing and 30-day free trial.
Although many organizations have adopted the cloud and are reaping the
benefits of a cloud computing platform, there are still concerns with the
handling of sensitive information on a public cloud platform. For such
organizations an alternate option is available, and it means having their own
private cloud.
Every day, the Big Data phenomenon becomes more relevant in the computing area. An example of this is the massive amount of data generated by social media today. Along with this comes the problem of how to handle this large amount of data and, particularly, how to recognize the occurence of patterns in it. The latter is currently partially resolved thanks to the Data Stream Managenemt Systems (DSMS), which are the systems developed for querying massive flows of data. The issue with DSMS is that they do not work over a defined theoretical basis, but they are more focused on implementation. As consecuence, the given results are sometimes ambiguous and the systems are incomparable among each other. To solve this problem, in this work we propose a framework for DSMS. First, we propose a general query language which has the most common operators used by DSMS. Second, we define different query semantics based on the results expected by the DSMS users. Third, we propose an evaluation model of the queries based on Match Automata which will allow future analysis of this theoretical framework.
We provide expert advice, robust technical skills, and impeccable customer service, all while being costconscious and adding value that drives process improvements and enables you to open up new avenues of growth and innovation.
This document provides a comprehensive analysis and improvement plan for New Jersey Wellness Supply prepared by a consultant. It includes 14 discrete reports analyzing and proposing solutions for issues relating to the company's operations on Amazon, warehouse safety, conducting a physical inventory count, and other areas. The consultant found low confidence in the company's inventory data and issues negatively impacting its relationship with Amazon. The plan recommends improvements like clearing out expired inventory, reorganizing the warehouse, implementing new technology, and writing operations manuals to address the issues.
This document discusses network topology options and configuration requirements for deploying VMware Virtual SAN. It describes the networking and vSphere technologies needed, including IP multicast, IGMP, PIM, vSphere switches, and VMkernel network interfaces. Both layer 2 and layer 3 network topologies are supported. For layer 2, all hosts must be on the same Ethernet segment, while layer 3 requires IP multicast routing between segments. Static routes and host profiles can help configure layer 3 connectivity and ensure consistent host configurations.
Smart play hyperflex-program-guide-v2.5CloudSyntrix
SmartPlay HyperFlex Promotional offer is designed to accelerate new HyperFlex customer acquisition by showcasing the value of Cisco HyperFlex fully configured System with the best, pre-adjusted, up-front pricing available from Cisco Promotional offer and pricing align with all Cisco channel partner incentive pricing strategies and policies, creating a minimal learning curve for partners.
Hemostats Market: Approvals, Alliances, Relocation & Licensing, and New Brand...Akash Jaiswal
The document provides an overview and objectives of the global hemostats market forecast to 2020. It segments the market by product type (thrombin, oxidized regenerated cellulose, combination, gelatin, collagen) and geography (Americas, Europe, Asia Pacific, Middle East and Africa). The objectives are to identify types and usage of hemostatic techniques, analyze the market ecosystem, key trends, and profile major market players. A top-down and bottom-up research methodology is used involving primary and secondary sources to estimate the market size and forecast between 2015-2020.
VMware’s Software Defined Data Center (SDDC) vision leverages core data center virtualization technologies to transform data center economics and business agility through automation and non-disruptive deployment that embraces and extends existing compute, network and storage infrastructure investments. Enterprise data centers are already realizing the tremendous benefits of server and storage virtualization solutions to consolidate and repurpose infrastructure resources, reduce operational complexity and dynamically align and scale their application infrastructure in response to business priorities.
Reynaldo Tabulo is an agriculturist with 16 years of experience in crop production, rice breeding, and agribusiness. He is seeking a position as an agronomist, researcher, or farm manager. He has extensive experience conducting trials, evaluating crops, imparting knowledge to colleagues, and managing projects. His professional experience includes roles as a technical sales lead, product evaluation and advancement supervisor, associate breeder, and research specialist with Syngenta and PhilRice.
The Global Hemodynamic Monitoring Systems Market is expected to reach USD.......Akash Jaiswal
Hemodynamic Monitoring Systems Market by Product (Systems, & Disposables), Type (Invasive, Minimally invasive, & Non-invasive), End User (Hospitals, Cath labs, & Home and Ambulatory Care) - Global Forecasts to 2021
Linda Weber has over 20 years of experience in administrative and executive assistant roles. She has a track record of planning, organizing, and executing projects. Her previous roles include executive assistant for the Chairman of Fidelitone Logistics, where she managed legal, travel, and family matters, and regional administrator for Olsten Staffing Service, where she supported operations. She currently works as a part-time merchandiser resetting stores.
Las escuelas del Milenio utilizan varios recursos tecnológicos como pizarras digitales, proyectores, computadoras y bibliotecas virtuales para mejorar el aprendizaje. Estas herramientas incluyen software libre como Linux, OpenOffice y programas de edición así como herramientas en línea como blogs y wikis. El uso de estas tecnologías motiva a los estudiantes y permite una educación de alto nivel.
Baylor University built a new football stadium, McLane Stadium, and installed a high-density WiFi network to improve the fan experience. The university chose Extreme Networks' wireless solutions to provide connectivity for thousands of devices simultaneously. This allowed fans to access streaming video, social media, and a new gameday app. The network provided fast, reliable WiFi coverage throughout the entire stadium. It also gave the university insights into network usage to further enhance the fan experience. By installing Extreme Networks' solutions, Baylor was able to support over 45,000 fans attending events at McLane Stadium with an interactive experience powered by the robust WiFi network.
This document provides an overview of secure cloud hosting best practices for enterprise messaging solutions. It discusses the benefits and risks of cloud computing, as well as common deployment and service models. The document then focuses on Infinite Convergence's Enterprise Messaging Service (EMS), which is hosted privately and securely at Infinite's premises. Some key security practices for EMS include robust identity and access management, comprehensive monitoring and metering, adherence to service level agreements, and lifecycle management of applications and data. Virtualization is also discussed as the core technology enabling efficient cloud hosting.
The document is a report on cloud computing written by Abdul-Rehman Aslam for his course instructor Mr. Safee. It discusses key topics such as what cloud computing is, the cloud service model of Infrastructure as a Service, Platform as a Service and Software as a Service. It also covers the different types of clouds including public, private, hybrid and community clouds. The report highlights the key characteristics of cloud computing such as cost, device and location independence, multi-tenancy, reliability, scalability and security. It concludes that cloud computing brings many possibilities and is a technology that has taken the software and business world by storm.
ISACA Journal Publication - Does your Cloud have a Secure Lining? Shah SheikhShah Sheikh
This document discusses cloud computing and security considerations for organizations adopting cloud services. It makes three key points:
1. Cloud computing provides on-demand delivery of computing resources but also poses new security risks and challenges for organizations related to loss of control of data and infrastructure. A holistic risk management approach is needed.
2. Key security considerations for organizations adopting cloud services include understanding compliance requirements, performing risk assessments of cloud assets, validating information lifecycles, ensuring data security, and establishing security agreements with cloud providers.
3. As organizations lose control of their data and infrastructure in the cloud, new strategies are needed to ensure data portability between cloud providers, availability of audit controls, and proper management of data
This document discusses cloud computing and disaster recovery in the cloud. It defines cloud computing and its key characteristics like on-demand self-service, broad network access, resource pooling, rapid elasticity, and measured service. It also describes the different cloud service models like SaaS, PaaS, and IaaS. The document then discusses how the cloud can be used for backup, archiving, and disaster recovery. It emphasizes the differences between backup, archiving, and disaster recovery. Finally, it outlines some of the benefits of using the cloud for disaster recovery like faster recovery times, cost savings, scalability, and security.
This document summarizes guidelines from the National Institute of Standards and Technology (NIST) on security and privacy for public cloud computing. It discusses key aspects of cloud computing including deployment models (public, private, hybrid, community clouds), service models (SaaS, PaaS, IaaS), and the security challenges of outsourcing IT services to public clouds. The document stresses that while public clouds can reduce costs, organizations are still accountable for security and privacy and must provide oversight of cloud providers through governance, risk management, auditing, and ensuring compliance.
International Journal of Computational Engineering Research(IJCER)ijceronline
International Journal of Computational Engineering Research(IJCER) is an intentional online Journal in English monthly publishing journal. This Journal publish original research work that contributes significantly to further the scientific knowledge in engineering and Technology.
Load balancing in public cloud by division of cloud based on the geographical...eSAT Publishing House
IJRET : International Journal of Research in Engineering and Technology is an international peer reviewed, online journal published by eSAT Publishing House for the enhancement of research in various disciplines of Engineering and Technology. The aim and scope of the journal is to provide an academic medium and an important reference for the advancement and dissemination of research results that support high-level learning, teaching and research in the fields of Engineering and Technology. We bring together Scientists, Academician, Field Engineers, Scholars and Students of related fields of Engineering and Technology
This document defines cloud computing and its key characteristics. Cloud computing provides on-demand access to shared configurable computing resources over a network. It has five essential characteristics: on-demand self-service, broad network access, resource pooling, rapid elasticity, and measured service. There are three main service models - Infrastructure as a Service (IaaS), Platform as a Service (PaaS), and Software as a Service (SaaS). There are also four deployment models - private cloud, public cloud, community cloud, and hybrid cloud. Cloud computing has the potential to greatly impact the world by providing benefits to users and businesses.
Contents
Chapter Objectives..................................................................................................................................... 2
Introduction- ................................................................................................................................................ 3
What is the Cloud? ..................................................................................................................................... 3
Cloud Computing Basics ........................................................................................................................... 3
Defining Cloud Computing ........................................................................................................................ 4
“Definition: ............................................................................................................................................... 4
Essential Characteristics: ...................................................................................................................... 4
Service Models: ...................................................................................................................................... 5
Deployment Models: .............................................................................................................................. 5
Popular Consumer based Cloud applications........................................................................................ 6
Popular Small Business based Cloud applications ............................................................................... 7
What can you do with the Cloud for a Small Business on your Smart Phone? ................................ 9
How does the cloud compare with the past? ......................................................................................... 9
The 5 Advantages of Cloud Computing for Businesses....................................................................... 9
5 Disadvantages of Cloud Computing .................................................................................................. 10
How does the cloud help reduce our carbon footprint ........................................................................ 12
Works Cited ........................................................................................................................................... 12
Chapter Objectives
Define what the Cloud is
Describe the essential characteristics are of
the Cloud
Describe the service models of the Cloud
Describe the deployment models of the
Cloud
List some consumer based applications that
are in the Cloud
List some business based applications that
are in the Cloud
List some advantages of using Cloud based
services
List some disadvantages of using Cloud
based services
Be able to talk about how the Cloud helps
reduce our carbon f.
The document discusses key concepts in cloud computing, including definitions, models, and architectures. It defines cloud computing using NIST and ISO/IEC definitions, noting essential characteristics like on-demand self-service, broad network access, resource pooling, rapid elasticity, and measured service. It describes cloud service models including Software as a Service (SaaS), Platform as a Service (PaaS), and Infrastructure as a Service (IaaS), as well as deployment models like public, private, community, and hybrid clouds. The document also provides reference architectural models for IaaS, PaaS and SaaS and discusses logical models and security scope in cloud computing.
This document describes a proposed design for a trustworthy and secure billing system for cloud computing. It discusses the need for such a system given that users and cloud service providers could potentially modify or falsify billing records. The proposed system, called THEMIS, would introduce a Cloud Notary Authority (CNA) to generate mutually verifiable binding information from service logs monitored by an SMon module. This binding information could then be used to resolve any future disputes over billing between users and providers. The CNA would store the service logs locally so that even administrators could not modify or falsify the data, improving the trustworthiness and security of the billing process.
Design & Development of a Trustworthy and Secure Billing System for Cloud Com...iosrjce
Cloud computing is an important transition that makes change in service oriented computing
technology. Cloud service provider follows pay-as-you-go pricing approach which means consumer uses as
many resources as he need and billed by the provider based on the resource consumed. CSP give a quality of
service in the form of a service level agreement. For transparent billing, each billing transaction should be
protected against forgery and false modifications. Although CSPs provide service billing records, they cannot
provide trustworthiness. It is due to user or CSP can modify the billing records. In this case even a third party
cannot confirm that the user’s record is correct or CSPs record is correct. To overcome these limitations we
introduced a secure billing system called THEMIS. For secure billing system THEMIS introduces a concept of
cloud notary authority (CNA). CNA generates mutually verifiable binding information that can be used to
resolve future disputes between user and CSP. This project will produce the secure billing through monitoring
the service level agreement (SLA) by using the SMon module. CNA can get a service logs from SMon and stored
it in a local repository for further reference. Even administrator of a cloud system cannot modify or falsify the
data.
Cloud Computing: Business Trends and the Challengesidescitation
The purpose of this paper is to provide information
to businesses interested in cloud computing. First we define
cloud computing and discuss the different service and
deployment models from a business standpoint. Then we move
into business cases for the cloud and the strengths of each
service and deployment model. We follow this up with business
attributes that tend to drive a cloud adaption and the effects of
cloud on business IT. The last section reveals the challenges
of cloud computing ranging from security concerns and legal
issues, to negotiation of an adequate service level agreement.
An Overview on Security Issues in Cloud ComputingIOSR Journals
This document discusses security issues in cloud computing. It begins by defining cloud computing and its service models, including software as a service (SaaS), platform as a service (PaaS), and infrastructure as a service (IaaS). It then discusses that security is the top challenge for cloud computing according to a survey of IT executives. Specifically, there are concerns about maintaining security, compliance, and control over critical applications and sensitive data when using public cloud environments. The document goes on to provide more details on cloud computing definitions, characteristics, architectures, and the specific security issues involved in cloud computing.
This is a literature survey about security issues and countermeasures on cloud computing. This paper discusses about an overview of cloud computing and security issues of cloud computing.
Cloud computing is a model for enabling network access to a shared pool of configurable computing resources that can be rapidly provisioned and released with minimal management effort. Essential characteristics of cloud computing include on-demand self-service, broad network access, resource pooling, rapid elasticity, and measured service. Common cloud computing service models are Infrastructure as a Service (IaaS), Platform as a Service (PaaS), and Software as a Service (SaaS). Deployment models include private cloud, public cloud, community cloud, and hybrid cloud.
Cloud computing refers to on-demand access to shared computing resources via the internet. It provides scalable, elastic resources that can be rapidly provisioned with minimal management effort. There are various types of cloud models including private, public, hybrid and community clouds. Cloud services are delivered through software as a service (SaaS), platform as a service (PaaS) and infrastructure as a service (IaaS) models. Key characteristics of cloud computing include on-demand self-service, broad network access, resource pooling, rapid elasticity and measured service.
A Detail Overview of Cloud Computing with its Opportunities and Obstacles in ...inventionjournals
International Journal of Engineering and Science Invention (IJESI) is an international journal intended for professionals and researchers in all fields of computer science and electronics. IJESI publishes research articles and reviews within the whole field Engineering Science and Technology, new teaching methods, assessment, validation and the impact of new technologies and it will continue to provide information on the latest trends and developments in this ever-expanding subject. The publications of papers are selected through double peer reviewed to ensure originality, relevance, and readability. The articles published in our journal can be accessed online.
Challenges and benefits for adopting the paradigm of cloud computingcloudresearcher
This document discusses the challenges and benefits of adopting cloud computing. It describes the key cloud computing models including software as a service (SaaS), platform as a service (PaaS), and infrastructure as a service (IaaS). The main challenges of adopting cloud computing are privacy, interoperability, and reliability issues. However, there are also significant benefits such as cost savings, easy scalability, and increased productivity. The document provides an overview of the cloud computing paradigm and analyzes both the challenges that must be addressed and advantages that can be gained from cloud adoption.
Challenges and Benefits-for Adopting the Paradigm of Cloud ComputingMervat Bamiah
Cloud computing is a rapidly emerging technology that has removed the saddle of buying licensed software and heavy hardware. By exploiting this technology, clients are able to access resources remotely by using a simple web browser. They are not required to maintain hardware devices or software applications, so it saves managing cost and time for organizations. Many industries, such as banking, healthcare, and education, are moving towards the cloud due to the efficiency of services provided by the pay-per-use pattern. The utilization and payment process of cloud computing is similar to other common utilities such as electricity. As the users of electricity are only required to pay for the amount of electricity consumed throughout the month. Similarly, cloud providers charge the users based on the exploitation of a cloud system or resources such as processing power used, transactions carried out, bandwidth consumed, data transferred, or storage space occupied. Cloud computing is a completely internet dependent technology where client data is stored in the data center of a cloud provider. There are various challenges for adopting cloud computing such as privacy, interoperability and reliability. Beside these challenges, there are also several benefits for adopting this technology such as cost savings, easy scalability, and increased productivity. This research paper introduces a big picture of cloud computing and analyzes the key challenges as well as benefits of adopting the paradigm of cloud computing.
Similar to ABS Cloud Computing Implementation Guide 1.1 (20)
Vmware nsx network virtualization platform white paperCloudSyntrix
Cloudsyntrix engineering team has been deploying vmware vcloud extend your data center, VMware vSphere Hypervisor 5.1 services securely extend your data center and applications to the cloud.
Cisco smart play hyperflex-program-guide-v2.5CloudSyntrix
SmartPlay HyperFlex Promotional offer is designed to accelerate new HyperFlex customer acquisition by showcasing the value of Cisco HyperFlex fully configured System with the best, pre-adjusted, up-front pricing available from Cisco Promotional offer and pricing align with all Cisco channel partner incentive pricing strategies and policies, creating a minimal learning curve for partners.
Hybrid Cloud Opportunity with Microsoft and CiscoCloudSyntrix
This document discusses opportunities for Microsoft and Cisco partners to collaborate and deliver hybrid cloud solutions to customers. It outlines the value proposition of integrating Cisco and Microsoft technologies, including increased IT efficiency, workload flexibility, and choice in storage and automation. Partners can leverage each other's strengths - Cisco partners' infrastructure expertise and Microsoft partners' integration and services capabilities. The document promotes specific programs and opportunities through which partners can capture new business, qualify for incentives, and build their ecosystems to address customers' evolving IT and cloud needs.
We believe in architecting application centric IT infrastructure that is focused on building business efficiency and scalability utilizing hybrid cloud and converged models of IT service delivery.
Cloud computing services by cloudsyntrixCloudSyntrix
Cloud computing provides on-demand access to applications and data storage over the internet. There are different deployment and service models for cloud computing. Deployment models include public, private, hybrid, and community clouds based on access levels. Service models include Infrastructure as a Service (IaaS), Platform as a Service (PaaS), and Software as a Service (SaaS) based on what level of service is provided. Cloud computing offers advantages like lower costs, improved performance and collaboration, but also disadvantages like requiring internet and potential security issues.
Cloud Computing- Easy to use and AffordableCloudSyntrix
Cloud computing is a type of Internet-based computing that provides shared computer processing resources and data to computers and other devices on demand.
VMware’s Software Defined Data Center (SDDC) vision leverages core data center virtualization technologies to transform data center economics and business agility through automation and non-disruptive deployment that embraces and extends existing compute, network and storage infrastructure investments. Enterprise data centers are already realizing the tremendous benefits of server and storage virtualization solutions to consolidate and repurpose infrastructure resources, reduce operational complexity and dynamically align and scale their application infrastructure in response to business priorities.
Cloud computing allows users to access software and storage over the internet rather than locally on their own computers. It evolved from concepts in the 1950s but was popularized in 2006 when Amazon launched AWS. Cloud computing has three main components - clients which access the cloud, distributed servers which host applications and data, and large data centers which house the servers. Users can access cloud services from any device via thin, thick, or mobile clients. Cloud services provide scalability, reliability, and efficiency at reduced costs compared to in-house systems.
Datto whats in a cloud purpose vs publicsCloudSyntrix
The document discusses the benefits of exercise for mental health. Regular physical activity can help reduce anxiety and depression and improve mood and cognitive functioning. Exercise causes chemical changes in the brain that may help protect against mental illness and improve symptoms.
Virtualization and Cloud Management SolutionsCloudSyntrix
Power to Change also spotlights specific gains achieved by Dow Jones & Co.’s adoption of VMware cloud automation software, including an 80% improvement in operational efficiency and substantial operational savings.
Learn how adopting cloud automation tools will provide a competitive edge to your organization.
This PPT provides an introduction to cloud Computing. It briefly talks about fundamental cloud services, deployment models and the factors that made it an emerging paradigm.
This slide set provides an introduction to cloud Computing. It briefly talks about fundamental cloud services, deployment models and the factors that made it an emerging paradigm.
As the foundation for VMware’s complete Software-Defined Data Center platform, vSphere with Operations Management is the starting point for building your Software-Defined Data Center. With vSphere in place, you can seamlessly extend virtualization to storage and network services and add automated, policy- based provisioning and management.
This document outlines the various services and capabilities provided by the ServiceNow platform for enterprise cloud, service, and business management. It includes cloud management, orchestration, discovery, event management, service mapping, and change, incident, problem and other management for areas like HR, facilities, marketing, legal, finance, risk, audit, and more. It also covers operations management, the ServiceNow CMDB, security, application development, analytics, user experience, and integration capabilities.
SD-WAN is an overlay on top of broadband internet connections that allows enterprises to connect branch sites, datacenters, and cloud applications. It uses techniques like application acceleration, circuit bonding, load balancing, and QoS to improve application performance over the WAN. SD-WAN functions can replace routers, firewalls, and other edge devices with a "white box" that is inserted at the edge. This provides cost savings through faster provisioning and outsourced management compared to traditional MPLS networks.
Easily confused with cloud-computing, virtualization is actually the software that powers cloud computing. VMware separates physical infrastructures and turns them into dedicated resources. It also allows multiple OS to run on the same server simultaneously. The purpose of virtualization is to reduce the cost of acquiring and maintaining multiple physical resources.
Easily Verify Compliance and Security with Binance KYCAny kyc Account
Use our simple KYC verification guide to make sure your Binance account is safe and compliant. Discover the fundamentals, appreciate the significance of KYC, and trade on one of the biggest cryptocurrency exchanges with confidence.
[To download this presentation, visit:
https://www.oeconsulting.com.sg/training-presentations]
This presentation is a curated compilation of PowerPoint diagrams and templates designed to illustrate 20 different digital transformation frameworks and models. These frameworks are based on recent industry trends and best practices, ensuring that the content remains relevant and up-to-date.
Key highlights include Microsoft's Digital Transformation Framework, which focuses on driving innovation and efficiency, and McKinsey's Ten Guiding Principles, which provide strategic insights for successful digital transformation. Additionally, Forrester's framework emphasizes enhancing customer experiences and modernizing IT infrastructure, while IDC's MaturityScape helps assess and develop organizational digital maturity. MIT's framework explores cutting-edge strategies for achieving digital success.
These materials are perfect for enhancing your business or classroom presentations, offering visual aids to supplement your insights. Please note that while comprehensive, these slides are intended as supplementary resources and may not be complete for standalone instructional purposes.
Frameworks/Models included:
Microsoft’s Digital Transformation Framework
McKinsey’s Ten Guiding Principles of Digital Transformation
Forrester’s Digital Transformation Framework
IDC’s Digital Transformation MaturityScape
MIT’s Digital Transformation Framework
Gartner’s Digital Transformation Framework
Accenture’s Digital Strategy & Enterprise Frameworks
Deloitte’s Digital Industrial Transformation Framework
Capgemini’s Digital Transformation Framework
PwC’s Digital Transformation Framework
Cisco’s Digital Transformation Framework
Cognizant’s Digital Transformation Framework
DXC Technology’s Digital Transformation Framework
The BCG Strategy Palette
McKinsey’s Digital Transformation Framework
Digital Transformation Compass
Four Levels of Digital Maturity
Design Thinking Framework
Business Model Canvas
Customer Journey Map
3 Simple Steps To Buy Verified Payoneer Account In 2024SEOSMMEARTH
Buy Verified Payoneer Account: Quick and Secure Way to Receive Payments
Buy Verified Payoneer Account With 100% secure documents, [ USA, UK, CA ]. Are you looking for a reliable and safe way to receive payments online? Then you need buy verified Payoneer account ! Payoneer is a global payment platform that allows businesses and individuals to send and receive money in over 200 countries.
If You Want To More Information just Contact Now:
Skype: SEOSMMEARTH
Telegram: @seosmmearth
Gmail: seosmmearth@gmail.com
Part 2 Deep Dive: Navigating the 2024 Slowdownjeffkluth1
Introduction
The global retail industry has weathered numerous storms, with the financial crisis of 2008 serving as a poignant reminder of the sector's resilience and adaptability. However, as we navigate the complex landscape of 2024, retailers face a unique set of challenges that demand innovative strategies and a fundamental shift in mindset. This white paper contrasts the impact of the 2008 recession on the retail sector with the current headwinds retailers are grappling with, while offering a comprehensive roadmap for success in this new paradigm.
At Techbox Square, in Singapore, we're not just creative web designers and developers, we're the driving force behind your brand identity. Contact us today.
[To download this presentation, visit:
https://www.oeconsulting.com.sg/training-presentations]
This PowerPoint compilation offers a comprehensive overview of 20 leading innovation management frameworks and methodologies, selected for their broad applicability across various industries and organizational contexts. These frameworks are valuable resources for a wide range of users, including business professionals, educators, and consultants.
Each framework is presented with visually engaging diagrams and templates, ensuring the content is both informative and appealing. While this compilation is thorough, please note that the slides are intended as supplementary resources and may not be sufficient for standalone instructional purposes.
This compilation is ideal for anyone looking to enhance their understanding of innovation management and drive meaningful change within their organization. Whether you aim to improve product development processes, enhance customer experiences, or drive digital transformation, these frameworks offer valuable insights and tools to help you achieve your goals.
INCLUDED FRAMEWORKS/MODELS:
1. Stanford’s Design Thinking
2. IDEO’s Human-Centered Design
3. Strategyzer’s Business Model Innovation
4. Lean Startup Methodology
5. Agile Innovation Framework
6. Doblin’s Ten Types of Innovation
7. McKinsey’s Three Horizons of Growth
8. Customer Journey Map
9. Christensen’s Disruptive Innovation Theory
10. Blue Ocean Strategy
11. Strategyn’s Jobs-To-Be-Done (JTBD) Framework with Job Map
12. Design Sprint Framework
13. The Double Diamond
14. Lean Six Sigma DMAIC
15. TRIZ Problem-Solving Framework
16. Edward de Bono’s Six Thinking Hats
17. Stage-Gate Model
18. Toyota’s Six Steps of Kaizen
19. Microsoft’s Digital Transformation Framework
20. Design for Six Sigma (DFSS)
To download this presentation, visit:
https://www.oeconsulting.com.sg/training-presentations
How are Lilac French Bulldogs Beauty Charming the World and Capturing Hearts....Lacey Max
“After being the most listed dog breed in the United States for 31
years in a row, the Labrador Retriever has dropped to second place
in the American Kennel Club's annual survey of the country's most
popular canines. The French Bulldog is the new top dog in the
United States as of 2022. The stylish puppy has ascended the
rankings in rapid time despite having health concerns and limited
color choices.”
How MJ Global Leads the Packaging Industry.pdfMJ Global
MJ Global's success in staying ahead of the curve in the packaging industry is a testament to its dedication to innovation, sustainability, and customer-centricity. By embracing technological advancements, leading in eco-friendly solutions, collaborating with industry leaders, and adapting to evolving consumer preferences, MJ Global continues to set new standards in the packaging sector.
Company Valuation webinar series - Tuesday, 4 June 2024FelixPerez547899
This session provided an update as to the latest valuation data in the UK and then delved into a discussion on the upcoming election and the impacts on valuation. We finished, as always with a Q&A
B2B payments are rapidly changing. Find out the 5 key questions you need to be asking yourself to be sure you are mastering B2B payments today. Learn more at www.BlueSnap.com.
Understanding User Needs and Satisfying ThemAggregage
https://www.productmanagementtoday.com/frs/26903918/understanding-user-needs-and-satisfying-them
We know we want to create products which our customers find to be valuable. Whether we label it as customer-centric or product-led depends on how long we've been doing product management. There are three challenges we face when doing this. The obvious challenge is figuring out what our users need; the non-obvious challenges are in creating a shared understanding of those needs and in sensing if what we're doing is meeting those needs.
In this webinar, we won't focus on the research methods for discovering user-needs. We will focus on synthesis of the needs we discover, communication and alignment tools, and how we operationalize addressing those needs.
Industry expert Scott Sehlhorst will:
• Introduce a taxonomy for user goals with real world examples
• Present the Onion Diagram, a tool for contextualizing task-level goals
• Illustrate how customer journey maps capture activity-level and task-level goals
• Demonstrate the best approach to selection and prioritization of user-goals to address
• Highlight the crucial benchmarks, observable changes, in ensuring fulfillment of customer needs
IMPACT Silver is a pure silver zinc producer with over $260 million in revenue since 2008 and a large 100% owned 210km Mexico land package - 2024 catalysts includes new 14% grade zinc Plomosas mine and 20,000m of fully funded exploration drilling.
Event Report - SAP Sapphire 2024 Orlando - lots of innovation and old challengesHolger Mueller
Holger Mueller of Constellation Research shares his key takeaways from SAP's Sapphire confernece, held in Orlando, June 3rd till 5th 2024, in the Orange Convention Center.
HOW TO START UP A COMPANY A STEP-BY-STEP GUIDE.pdf46adnanshahzad
How to Start Up a Company: A Step-by-Step Guide Starting a company is an exciting adventure that combines creativity, strategy, and hard work. It can seem overwhelming at first, but with the right guidance, anyone can transform a great idea into a successful business. Let's dive into how to start up a company, from the initial spark of an idea to securing funding and launching your startup.
Introduction
Have you ever dreamed of turning your innovative idea into a thriving business? Starting a company involves numerous steps and decisions, but don't worry—we're here to help. Whether you're exploring how to start a startup company or wondering how to start up a small business, this guide will walk you through the process, step by step.
Structural Design Process: Step-by-Step Guide for BuildingsChandresh Chudasama
The structural design process is explained: Follow our step-by-step guide to understand building design intricacies and ensure structural integrity. Learn how to build wonderful buildings with the help of our detailed information. Learn how to create structures with durability and reliability and also gain insights on ways of managing structures.
Storytelling is an incredibly valuable tool to share data and information. To get the most impact from stories there are a number of key ingredients. These are based on science and human nature. Using these elements in a story you can deliver information impactfully, ensure action and drive change.
2. ABS Cloud Computing Implementation Guide 1.1
Page 2 of 25
Table of Contents
Section 1 : Introduction ...........................................................................................................................3
Objective..............................................................................................................................................3
Definitions............................................................................................................................................3
Section 2 : Outsourcing Classification ....................................................................................................5
1. Scenario Based Cloud Control Guidance Matrix ........................................................................8
Section 3 : Activities recommended as part of due diligence .................................................................9
1. Contractual Considerations.........................................................................................................9
2. Data Centre.................................................................................................................................9
3. Data Sovereignty.......................................................................................................................10
4. Data Retention ..........................................................................................................................10
5. Governance...............................................................................................................................11
6. Exit Plan ....................................................................................................................................11
7. Financial and Continuity Risk....................................................................................................11
Section 4 : Key controls recommended when entering into a Cloud outsourcing arrangement...........12
1. Encryption .................................................................................................................................12
2. Tokenisation..............................................................................................................................14
3. Dedicated equipment or ‘Private Cloud’....................................................................................15
4. Change Management and Privileged User Access Management (PUAM) ..............................16
5. Virtualised Environment Security ..............................................................................................17
6. User Access Management and Segregation of Duties .............................................................18
7. Collaborative Disaster Recovery Testing..................................................................................19
8. Security Events Monitoring and Incident Management ............................................................20
9. Penetration Testing & Vulnerability Management.....................................................................21
10. Administrative Remote Access .............................................................................................22
11. Secure Software Development Life-cycle and Code Reviews..............................................23
12. Securing logs and backups...................................................................................................24
3. ABS Cloud Computing Implementation Guide 1.1
Page 3 of 25
Section 1 : Introduction
Objective
The Association of Banks in Singapore (ABS) has developed this implementation guide for Financial
Institutions (FIs) to use when entering into Cloud outsourcing arrangements.
The recommendations that lie within have been discussed and agreed by members of the ABS
Standing Committee for Cyber Security (SCCS) with the intent to assist FIs in understanding
approaches to due diligence, vendor management and key controls that should be implemented in
Cloud outsourcing arrangements.
Additionally it can be used by Cloud Service Providers (CSPs) to better understand what is required to
achieve successful Cloud outsourcing arrangements with FIs.
The guiding principle that information security controls in the Cloud must be at least as strong as what
the FIs would have implemented had the operations been performed in-house should apply. In
addition, the security controls should also address the unique risks that are associated with
outsourcing to the Cloud.
These guidelines are set out in the three following sections:
Section 2 addresses Information Asset Classifications and how these should influence
decision making in Cloud outsourcing agreements.
Section 3 addresses a minimum set of activities recommended as part of due diligence before
entering into a Cloud outsourcing agreement.
Section 4 addresses key controls recommended when entering into a Cloud outsourcing
arrangement.
Definitions
This definition of Cloud is taken from the National Institute of Standards and Technology (NIST)
available at http://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-145.pdf
Cloud computing is a model for enabling ubiquitous, convenient, on-demand network access to a
shared pool of configurable computing resources (e.g., networks, servers, storage, applications, and
services) that can be rapidly provisioned and released with minimal management effort or service
provider interaction. This cloud model is composed of three service models, and four deployment
models.
Service Models
Software as a Service (SaaS). The capability provided to the organisation is to use the provider’s
applications running on a cloud infrastructure. The applications are accessible from various client
devices through either a thin client interface, such as a web browser (e.g., web-based email), or a
program interface. The consumer does not manage or control the underlying cloud infrastructure
including network, servers, operating systems, storage, or even individual application capabilities, with
the possible exception of limited user-specific application configuration settings.
Platform as a Service (PaaS). The capability provided to the organisation is to deploy onto the cloud
infrastructure consumer-created or acquired applications created using programming languages,
libraries, services, and tools supported by the provider. The consumer does not manage or control the
underlying cloud infrastructure including network, servers, operating systems, or storage, but has
control over the deployed applications and possibly configuration settings for the application-hosting
environment.
Infrastructure as a Service (IaaS). The capability provided to the organisation is to provision
processing, storage, networks, and other fundamental computing resources where the consumer is
able to deploy and run arbitrary software, which can include operating systems and applications. The
consumer does not manage or control the underlying cloud infrastructure but has control over
operating systems, storage, and deployed applications; and possibly limited control of select
networking components (e.g., host firewalls).
4. ABS Cloud Computing Implementation Guide 1.1
Page 4 of 25
Deployment Models
Private cloud. The cloud infrastructure is provisioned for the exclusive use by a single organization
comprising multiple consumers (e.g., business units). It may be owned, managed, and operated by
the organization, a third party, or some combination of them, and it may exist on or off premises.
Community cloud. The cloud infrastructure is provisioned for exclusive use by a specific community
of consumers from organizations that have shared concerns (e.g., mission, security requirements,
policy, and compliance considerations). It may be owned, managed, and operated by one or more of
the organizations in the community, a third party, or some combination of them, and it may exist on or
off premises.
Public cloud. The cloud infrastructure is provisioned for open use by the general public. It may be
owned, managed, and operated by a business, academic, or government organization, or some
combination of them. It exists on the premises of the cloud provider.
Hybrid cloud. The cloud infrastructure is a composition of two or more distinct cloud infrastructures
(private, community, or public) that remain unique entities, but are bound together by standardized or
proprietary technology that enables data and application portability (e.g., cloud bursting for load
balancing between clouds).
Outsourcing
An “outsourcing arrangement” means an arrangement in which a service provider provides the
institution with a service that may currently or potentially be performed by the institution itself and
which includes the following characteristics–
(a) the institution is dependent on the service on an ongoing basis; and
(b) the service is integral to the provision of a financial service by the institution or the service is
provided to the market by the service provider in the name of the institution
Please refer to the MAS Outsourcing Guidelines for further clarifications.
http://www.mas.gov.sg/~/media/MAS/Regulations%20and%20Financial%20Stability/Regulatory%20a
nd%20Supervisory%20Framework/Risk%20Management/Outsourcing%20Guidelines%20Jul%20201
6.pdf
5. ABS Cloud Computing Implementation Guide 1.1
Page 5 of 25
Section 2 : Outsourcing Classification
In this section, guidance is given as to what is likely to constitute material and non-material
outsourcing in the context of cloud.
For clarity as to the definition of materiality, an extract from the Monetary Authority of Singapore
(MAS) outsourcing guidelines is included:
“material outsourcing arrangement” means an outsourcing arrangement
(a) which, in the event of a service failure or security breach, has the potential to either materially
impact an institution’s
(i) business operations, reputation or profitability; or
(ii) ability to manage risk and comply with applicable laws and regulations,
or
(b) which involves customer information and, in the event of any unauthorised access or disclosure,
loss or theft of customer information, may have a material impact on an institution’s customers.
For further guidance on material outsourcing arrangements please refer to Annex 2 of the MAS
Outsourcing Guidelines July 2016.
The materiality of an outsourcing arrangement should drive the types of controls deployed, as well as
the depth and breadth of any initial, and on-going, due diligence.
Category Factors influencing materiality
Likely to
be
material
Use of unencrypted “customer information” that is referable to any named
customer
Use of Staff data, including Personally Identifiable Information (PII), payroll and
bank account or credit card data
Software used for the trading of financial instruments or risk management
Commercially sensitive contracts or data that could influence financial markets
Regulatory reporting or accounting data
Outsourced business activity is defined as critical by the FI
Likely to
be non
material
Use “customer information” which is anonymised, or encrypted in a secure
manner such that the identities of the customers cannot be readily inferred
Staff data which does not include bank account or credit card data (e.g.
information on name cards)
Application binaries, or risk management quant libraries that are being tested on
masked data (i.e. performance & volume testing, regression testing, or Monte
Carlo simulations)
Information Security solutions such as Security Operations Centres, Cyber
threat intelligence,
Development environments
Websites for accessing information that is classified as ‘public’
The next section looks at the different scenarios where services may be provided in the cloud, and
makes recommendations on the key controls that should be applied.
6. ABS Cloud Computing Implementation Guide 1.1
Page 6 of 25
It is possible that the materiality of a Cloud outsourcing arrangement may differ per scenario. For
instance, a data room may be used by one FI to store customer data, while another FI may use data
room to store non-sensitive data.
Scenario Description
Typical Information Asset to
be Protected
Internet
Banking or
Payments
portals
Applications involved in online banking functions
such as account statements, bank transfers and
payment processing. This specifically excludes
systems of record (i.e. a general or account
ledger) or core banking systems (i.e. CASA).
Banking information, customer
information
Customer
Relationship
Management
(CRM)
System used to manage a company’s interactions
with current and future customers. It is often used
to organize, automate, and synchronize sales,
marketing, customer service, and technical
support.
Customer information
(sometimes detailed
information), customer history
Fraud
prevention
services
Whilst making transactions, third parties may be
used to perform checks on credit card activity to
identify and manage fraud.
Credit card information (PAN,
Expiry, CVV, customer
information, name, address)
Human
Resources
(HR) Portal
Portal for HR services potentially used for
performing payroll, leave booking, appraisal or
annual review and expenses
Employee information
Data Rooms
A portal where multiple parties (usually legal or
commercial) review documents or product
offerings.
Contract information, employee
user information, logs
Service
management
An application that collects request and incident
ticket information and manages the request life-
cycle
Incident tickets, change tickets,
release management, internal
configuration management,
user information
Microsites
A microsite is an individual web page or a small
cluster of pages which are meant to function as a
discrete entity within an existing website or to
complement an offline activity. The microsite's
main landing page can have its own domain name
or subdomain.
Potentially can have customer
information, Client meta
data. Also likely to have public
information (high integrity,
availability requirement)
Surveys
A website that contains a number of questions
either to be used internally or externally. Some
survey sites have login pages to save progress.
Limited Customer / employee /
vendor information such as
email address, name,
password, meta data
Data
Analytics
Operations to analyse or transform Data.
Frequently requires ETL (Extract, Transform and
Load) to facilitate the analysis
Customer information
(sometimes sensitive
information)
Email
Security
Products
Email Message Transport Agent hosted to review
emails for remove spam or malicious code prior to
being processed on companies mail servers
Sensitive emails (encrypted
emails may not be read) email
address metadata
Security
Operations
Centre (SOC)
Outsourced vendor providing a collective
intelligence center that processes cyber threat
intelligence and performs security orchestration
Internal Configuration
information, device and
systems logs, Incident
information, employee
information
7. ABS Cloud Computing Implementation Guide 1.1
Page 7 of 25
Scenario Description
Typical Information Asset to
be Protected
Authentication
Services
Two factor authentication services may require
communication to external companies that may
be located on cloud
Limited Customer / Employee /
Vendor information such as
username, encryption keys /
customer mobile phone
number
Testing
Environments used to perform testing. Can also
include performance and volume testing
Source Code, configuration
information, potentially masked
production data
Development
Operations
(DevOps)
The use of a cloud environment for the purposes
of software development
Source Code, compiled
programs, configuration
information
Content
Delivery
Networks
(CDN)
These are typically Cloud arrangements which
cache an FI’s data and deliver content over a
highly distributed and available network of servers
Varies. Networks can be used
to deliver content which
contains both public and
customer data
8. ABS Cloud Computing Implementation Guide 1.1
Page 8 of 25
1. Scenario Based Cloud Control Guidance Matrix
The below table links the various scenarios described above to recommended key controls described
in Section 4 that can be deployed to increase the security of the cloud outsourcing arrangement.
Scenario
Controls
Encryptionand/orTokenisation
Dedicatedequipment
ChangeManagementand
PrivilegedUserAccess
Management(PUAM)
VirtualisedEnvironment
Security
UserAccessManagementand
SegregationofDuties
CollaborativeDisasterRecovery
Testing
SecurityEventsMonitoringand
IncidentManagement
Penetrationtesting&
vulnerabilityanalysis
AdministrativeRemoteaccess
SecureSystemDevelopment
Life-cycleandCodeReviews
Securinglogdataandbackups
Internet Banking or
Payments portals
SR SR SR SR SR SR SR SR SR R SR
Customer
Relationship
Management
(CRM)
SR D SR SR SR SR SR SR SR R SR
Fraud prevention
services
SR D SR SR SR SR SR SR SR R SR
HR Portal SR D SR SR SR SR SR SR SR R SR
Data Rooms SR D SR SR SR D SR SR SR R R
Service
Management
SR D SR SR SR SR SR SR SR R R
Microsites D D SR SR SR D SR SR SR R R
Surveys D D SR SR SR D SR SR SR R D
Data Analytics SR D SR SR SR R SR SR SR R R
Email Security
Products
SR D SR SR SR SR SR SR SR R SR
Security Operations
Centre (SOC)
SR D SR SR SR SR SR SR SR R SR
Authentication
Services
SR D SR SR SR SR SR SR SR R SR
Testing D D D R SR D R SR SR D R
Development
Operations
D D D R SR D R SR SR D R
Content Delivery
Networks
D D SR SR SR SR SR SR SR D R
LEGEND
Strongly
Recommended
SR
Recommended
R
FI Discretion
D
9. ABS Cloud Computing Implementation Guide 1.1
Page 9 of 25
Section 3 : Activities recommended as part of due diligence
This section covers the recommended due diligence and vendor management activities for Cloud
outsourcing arrangements. The recommendations will cover pre-engagement of the CSP as well as
on-going risk assessment and oversight. Financial institutions should use a risk-based approach as
well as an applicability assessment to determine the relevance of the recommended activities for their
specific outsourcing arrangement.
It is recognised that moving technology infrastructure into the cloud creates a shared responsibility
model between the consumer and the CSP for the operation and management of security controls.
Keeping in mind that the FI will remain accountable for protecting its information, it is strongly
recommended to ensure that roles and responsibilities for IT security are clearly understood, defined
and contractually agreed before transferring any data into the cloud.
1. Contractual Considerations
When negotiating a contract with a CSP, the FI should ensure that it has the ability to contractually
enforce agreed and measurable information security and operational requirements. Without such
authority, any controls that are put in place as part of the outsourcing arrangement may not be
enforced, as the FI will be relying on good faith efforts of the CSP.
The FI should state the responsibilities of contracting parties in the outsourcing agreement to ensure
the adequacy and effectiveness of security policies and practices, including the circumstances under
which each party has the right to change security requirements.
The FI should include contractual clauses limiting as far as possible, material changes to the service
structure. The obligation of the CSP to notify the FI in the event such changes (including controls and
location) are made should also be included. Specific regulatory requirements, such as the right to
audit by the MAS, must also be included where possible.
Where a CSP elects to use subcontractors for any functions material to the provision of the Cloud
service, the FI should ensure that it is notified and that the CSP remains accountable for the provision
of service, and effectiveness of agreed controls including IT security controls. The CSP should also be
responsible for managing their subcontractors directly.
Enforceable and measurable Service Level Agreements (SLAs) should be negotiated where possible,
including a definition of the governance to be put in place to manage the contract on an on-going
basis. This should define any management information and other deliverables that will form the basis
for that governance.
Finally, the contract should clearly stipulate the situations in which both parties have a right to
terminate the outsourcing arrangement. Typical examples of this could be a material change in the
outsourcing arrangement or a failure of the CSP to notify the FI in the event of a significant security
incident affecting the FI.
2. Data Centre
It is important to establish the city and country of the data centre(s) where data is processed and
resides. This determines the nature of the risk that exists in the outsourcing arrangement, and is a
basic requirement to demonstrate that the FI has sufficient oversight of its outsourcing arrangement.
A physical security risk assessment (commonly known as a Threat & Vulnerability Risk Assessment
(TVRA)) should be conducted on data centres. The assessment should consider the types of threats
faced by the site. This assessment is commonly undertaken by the CSP.
Common areas of assessment should include susceptibility to natural disasters, political and social
risk, and the legal environment of the jurisdiction which the service provider will operate. For
manpower resourcing, the availability of a competent workforce, and the CSP’s on-boarding
procedures including security screening should also be considered.
An appropriate policy to reduce the risk of data leakage in the data centre should be in place. All
physical security controls as defined in the ABS Outsourced Service Provider Guidelines should be
considered. These controls are available at:
10. ABS Cloud Computing Implementation Guide 1.1
Page 10 of 25
http://abs.org.sg/docs/library/abs_outsource_guidelines.pdf
Due diligence of the CSP’s data centre controls should cover all data centre locations that support the
FI’s processing and data storage requirements. It should not be assumed that controls are consistent
across all locations.
Where it is not possible to perform on-site due diligence, an independent assessment report (e.g.
SSAE16 SOC 2 / ISO 27001 / ISO 27018) should be provided by the CSP for all the data centres that
process and store the FI’s data. FIs will need to validate that the scope of the independent
assessment meets the expectations defined in ABS Outsourced Service Provider Guidelines. A key
part of the assessment must be a test of operational effectiveness of the controls put in place to
protect the FI’s data: generic assessments that review control design effectiveness are not sufficient.
Due diligence should be reviewed regularly, the frequency being determined by materiality of the
outsourcing arrangement. It is particularly important to validate the on-going operational effectiveness
of key controls.
3. Data Sovereignty
It is advised to consider the social, political and economic climate of a country before an FI places its
data there. An FI should, in principle, enter into outsourcing arrangements only with service providers
operating in jurisdictions that generally uphold confidentiality clauses and agreements.
The FI and CSP should agree which countries the FI’s data can reside in. A contractual clause
requiring notification of any changes to these locations should be obtained. Any breach of this
stipulation should trigger a right to terminate.
To ensure that data remains protected even if it leaves the jurisdiction of Singapore, it is
recommended that FIs establish contractually binding requirements that require the CSP to notify the
FI should the local legal requirements compel the CSP to disclose the data to a 3rd party. This will
help to aid compliance to the section 47 of the Singapore Banking Act.
An FI should not enter into outsourcing arrangements with service providers in jurisdictions where
prompt access to information by MAS or agents appointed by MAS to act on its behalf, at the service
provider, may be impeded by legal or administrative restrictions
4. Data Retention
An FI must be able to stipulate access to its data, both those used for daily operational purposes as
well as for contingency, disaster recovery or backups.
An area of concern would be the management of unencrypted data in online or offline backups.
Where data can be isolated or logically segregated this is simpler to manage. However in a shared
environment, ensuring that unencrypted data is segregated by verified and appropriate technical
means should be assessed as part of the due diligence process.
It is prudent for an FI to have an exit strategy in place and periodically validate the CSP’s ability to
restore service from backups. In standing up and breaking down suitable infrastructure to do so, the
FI should ensure that its unencrypted data is securely removed and inaccessible to other customers
of the CSP at all times.
For encrypted data, an FI must ensure that appropriate cryptographic key management is in place, as
well as validate the CSP’s ability to restore the service from backups effectively.
Upon exiting a contract with a CSP where an FI does not have direct access to its data, an FI must
also be able to compel the CSP to wipe all of its data and/or render it permanently inaccessible in a
timely manner, particularly on any backup or distributed online media. Failing which, the obligation of
the CSP to protect the FI’s data should survive the expiry of the contract.
This can be challenging if the media is shared with other customers. A contractual commitment from
the CSP to undertake such data deletion and protection is recommended.
11. ABS Cloud Computing Implementation Guide 1.1
Page 11 of 25
5. Governance
The structure and manner that an on-going outsourcing arrangement is managed is paramount to
maximising the benefits derived from it, and minimising and managing the inherent risks associated
with outsourcing.
Expectations should be agreed between the CSP and the FI, in particular with regard to operational
contract management, SLA management, technology risk management, business continuity
management and contract exit. Some of these are covered in other sections; however day to day
management should be set out in an agreed procedure.
Key activities, inputs and outputs should be defined, along with accountabilities. The frequency and
format of meetings to review key performance indicators (KPIs) and key risk indicators (KRIs) should
also be defined. KRIs should indicate the effectiveness of key information security controls, which are
subject to periodic review. The control testing interval should be determined by the FI based on a risk
assessment.
A Responsible-Accountable-Consulted-Informed (RACI) matrix is an industry accepted practice for
this.
The CSP should have an outsourcing risk register in place, and should be able to demonstrate that
internal governance exists to regularly review its risk profile and risk management decisions. These
decisions should be shared with the FI if they are directly impacted by the risks.
Where SLAs are negotiated, these must be aligned with business requirements, and where possible
enforceable penalty clauses included.
6. Exit Plan
The extent of exit planning should be dependent on the materiality of the outsourcing arrangement
and potential impact to the on-going operations of the FI. The following considerations should be
taken into account:
Agreed procedure and tools used for deletion of data in a manner that data is rendered
irrecoverable.
Removal of all financial institution’s data (e.g. customer data) and confirmation that all data
has been rendered irrecoverable on termination of the outsourcing arrangement.
Transferability of outsourced services (e.g. to a third party or back to the FI) for the purpose of
continuity of service.
For recovery of data for the purpose of continuity of service, financial institutions should ensure
that the following are in place where appropriate:
A legal agreement that commits the CSP to assist in the exit process. The agreement may
also commit the service provider to support testing of the exit plan on an agreed frequency.
These should include the format and manner in which data is to be returned to the FI, as well
as contractually obligated support from the vendor. If the FI is using proprietary vendor
software provided by the CSP, the data must remain usable should the contract be
terminated.
Data elements to be extracted and returned to the financial institution should be agreed upon
at the start of the outsourcing arrangement and reviewed whenever there are material
changes to the outsourcing arrangement.
7. Financial and Continuity Risk
A CSP should be reviewed for its financial and operational capabilities. These should include a check
of its ongoing viability, as well as its ability to service its debt. Such a review should occur at least
annually, and the outcome included when the FI reviews its exit plans.
12. ABS Cloud Computing Implementation Guide 1.1
Page 12 of 25
Section 4 : Key controls recommended when entering into a Cloud
outsourcing arrangement
This implementation guideline forms the minimum/baseline controls that CSPs should have in place.
However, FIs with specific needs should liaise with their CSPs on a bilateral basis to implement any
additional specific requirements.
1. Encryption
Controls for encryption and tokenisation can be used interchangeably, so they are combined in the
guidance matrix and can be used in a complementary or stand-alone fashion depending on the
solution.
Encryption is the process of encoding messages or information in ways such that the output is
rendered unintelligent. Encryption can be used to protect the confidentiality of sensitive data, provide
some assurance that data has not been tampered with, and is also useful for non-repudiation.
Conversely, improper design of encryption systems and processes can lead to insecure
implementations that provide a false sense of security. This can also occur when key management is
weak.
Encryption can be applied in most cloud computing use cases and should be an integral control to
secure sensitive information such as authentication credentials, personally identifiable information,
credit card information, financial information, emails, and computer source code.
CSPs will usually provide segregation via logical controls in a virtual environment, an FI should risk
assess these in combination with other controls such as encryption or tokenisation.
Control Objectives:
Provide assurance that only authorized parties can gain access to the data in transit and at
rest.
Provide assurance that the confidentiality and/or integrity of the data has not been
compromised.
Provide authentication of source and non-repudiation of message.
Considerations / Good Practice
The FI should ensure that the following controls are considered when implementing encryption in
cloud outsourcing arrangement:
Sensitive data including data backups should be subjected to appropriate encryption controls
both in-motion and at-rest.
Details on the encryption algorithms, corresponding key-lengths, data flows, and processing
logic should be appropriately reviewed by subject matter experts to identify potential
weaknesses and points of exposure.
Detailed policies and procedures should be in place to govern the lifecycle of cryptographic
keys from generation, storage, usage, revocation, expiration, renewal, to archival of
cryptographic keys.
Stringent control should be exercised over cryptographic keys to ensure that secret keys are
generated and managed securely, for instance within a Hardware Security Module (HSM).
Details on the location, ownership and management of the encryption keys and HSM should
be agreed between the FI and the CSP. The FI should take into consideration the need and
ability to administer the cryptographic keys and the HSMs themselves.
HSMs and other cryptographic material should be stored on segregated secure networks
where access is carefully controlled, and are not accessible from subnets used by CSP’s
other customers or for every day staff access.
If using a Content Delivery Network (CDNs) ensure there are appropriate controls in place for
encryption key and certificate management. It is recommended that Extended Validation (EV)
or Organisation Validation (OV) certificates are used to ensure robust organisational identity
controls are in place. Secure certificate management protocols should also be considered.
13. ABS Cloud Computing Implementation Guide 1.1
Page 13 of 25
Carefully designed processes including appropriate key ceremonies should be in place if
cryptographic keys and SSL private key containers belonging to the FI need to be introduced
into the CSP environment.
Encryption keys used for the encryption of FI data should be unique and not shared by other
users of the cloud service.
Other guidance on encryption requirements should be drawn from the MAS Technology Risk
Management Guidelines.
14. ABS Cloud Computing Implementation Guide 1.1
Page 14 of 25
2. Tokenisation
Controls for encryption and tokenisation can be used interchangeably, so they are combined in the
guidance matrix and can be used in a complementary or stand-alone fashion depending on the
solution.
Cloud computing generally involves the transmission of data to the CSP for processing or storage. In
some cases, data not essential for the delivery of the cloud service is transmitted to and stored by the
CSP, resulting in excessive sharing and unnecessary exposure of potentially sensitive information.
It is in the best interest of the FI to minimise its data footprint so as to reduce the vulnerability surface
and potential threat vectors. Tokenisation can provide effective risk reduction benefits by minimising
the amount of potentially sensitive data exposed to the public.
Tokenisation is the process of replacing the sensitive data with a non-sensitive equivalent value (also
referred to as token) that has no correlation or meaning with the dataset. A tokenised dataset retains
structural compatibility with the processing system and allows the data to be processed without any
context or knowledge of the sensitive data, thereby potentially allowing a different set of security
requirements to be imposed on the recipient of the tokenised data. The FI can de-tokenise and
restore context to the processed tokenised data by replacing the tokens with their original values.
Tokenisation can be applied to all data that is not required to be processed by the service provider,
and is commonly used to protect sensitive information such as account numbers, phone numbers,
email addresses, and other personal identifiable information.
Tokenisation does not reduce the security or compliance requirements, but it could reduce the
complexity of their implementation.
Control Objectives:
Minimise the amount of data that needs to be shared with a third party.
Provide assurance that only authorized parties can gain access to the data.
Considerations / Good Practice
The security and robustness of a tokenisation system is dependent on many factors and the FI should
ensure that following controls are considered in the implementation of tokenisation in a cloud
outsourcing arrangement:
Careful risk assessment and evaluation should be performed on the tokenisation solution to
identify unique characteristics and all interactions and access to the sensitive data.
The Cloud service provider must not have any means to restore the tokens to the original
data values such as access or control over the tokenisation system or tokenisation logic.
Systems that perform tokenisation should remain under the direct management of the FI.
15. ABS Cloud Computing Implementation Guide 1.1
Page 15 of 25
3. Dedicated equipment or ‘Private Cloud’
By its nature cloud is a distributed environment, so this requirement is a key consideration when
architecting a solution on Hybrid or Public Cloud infrastructure
CSPs will usually provide segregation via logical controls in a virtual environment, an FI should risk
assess these in combination with other controls such as encryption or tokenisation.
In certain circumstances, such segregation may be bypassed or in the event of a system failure, data
could be accessible by exploiting data dumps and accessing infrastructure shared memory.
Operational complexity of virtual architectural models can also result in a weakened security model.
To assist in development of Cloud infrastructure, FIs should assess the level of maturity, information
and support available to assist with virtual architectural models.
For situations where particularly sensitive information assets are used, an FI may consider dedicated
equipment or a ‘Private Cloud’.
Leveraging dedicated hardware also allows an FI to simplify the landscape for the location and control
of its data.
Control Objectives
Remove the confidentiality and integrity risks associated with data co-mingling or shared
tenancy environments.
Ensure that it is possible to track and manage the location of all FI information assets.
Provide a high level of assurance that information assets can be accessed only by authorised
individuals.
In the event of a system failure, ensure that information assets cannot be accessed by error
or malfeasance.
Ensure that data is retained in accordance with FI data retention policies.
Considerations / Good Practice
When planning private cloud architecture, ensure that all access to the environment is
considered, this should include any CSP administrative access, as well as physical access
controls.
When planning private cloud architecture require that the CSP contractually guarantees
dedicated hardware and its location.
Review the backup locations of systems and data. Data residency requirements should be
considered for all locations of sensitive FI data.
Ensure that security monitoring controls provide assurance of the isolation of the
environment.
Gain assurance that firewall rules are effective, with particular attention to ingress and egress
traffic.
Ensure that assets are effectively managed and any system obsolescence is addressed.
16. ABS Cloud Computing Implementation Guide 1.1
Page 16 of 25
4. Change Management and Privileged User Access Management (PUAM)
Where outsourcing is concerned, it is expected that the FI maintains effective control over their data.
The CSP should have in place controls that facilitate management of privileged accounts, as well as
near real time capability to review any privileged activities to ensure they are in line with approved
processes. Consideration should be given to Application, OS, Database and Network layers.
Where PaaS, or SaaS is used, the FI should consider the mode by which they are notified of material
changes to the CSP’s IT environment and have the ability to review the changes. CSPs can help FIs
maintain appropriate oversight of material changes by establishing dedicated compliance programs
that facilitate deep engagement between the FIs and the CSPs.
Control Objectives
Ensure the confidentiality and integrity of FI’s data.
Ensure oversight of major changes that could impact the stability and security of the cloud
operating environment.
Manage change appropriately.
Detect unauthorised or erroneous changes.
Considerations / Good Practice
Change management procedures should be mutually agreed between the CSP and the FI.
Such procedures should be formalised, and include change request and approval procedures,
as well as a reporting component.
Change management governance should be incorporated into regular Service Level
Management meetings.
Procedures for emergency and standard changes should be agreed, including the roles and
responsibilities for change management.
Users with privileged system access should be clearly defined and subject to regular user
access reviews. It is recommended these should occur monthly.
Privileged User access should be clearly tracked and reported, and be linked to an agreed
and approved change request. Note it is not always necessary for the CSP to disclose
change requests to the FI.
All privileged user access should be monitored and peer reviewed in a timely manner. The
speed with which this review occurs should be commensurate with the criticality of the
information assets in the Cloud.
The Privileged User Administration function should be subject to segregation of duties and
separate from any user administrator function.
17. ABS Cloud Computing Implementation Guide 1.1
Page 17 of 25
5. Virtualised Environment Security
As stated in the previous section, there are a number of scenarios where virtualisation can introduce
new threat vectors to Cloud architectures. This is because such environments are sharing hardware
between customers, and relying on logical and virtual controls to ensure data is segregated and
secured.
Potential compromise of hardware, Operating System (OS) images or virtualisation management
software such as hypervisors must be considered and managed.
Control Objectives
Ensure the confidentiality and integrity of data in a virtualised cloud architecture.
In the event of a software or hardware failure, ensure that information assets remain secure
or are securely removed.
Considerations / Good Practice
Virtual images should be thoroughly penetration tested.
Virtual Images should have controls in place to provide assurance of their integrity.
Administrative interfaces should be on a segregated management network that is not
accessible from the operational subnets.
Where encryption is used, the encryption keys should be stored separately from virtual
images and information assets.
Security monitoring should be in place to detect and provide early warning of any
compromises.
18. ABS Cloud Computing Implementation Guide 1.1
Page 18 of 25
6. User Access Management and Segregation of Duties
User Access Management provides controlled access to information systems allowing staff, business
partners and suppliers to perform their business activities, while protecting the information and
systems from unauthorised access.
The full life-cycle of user access management must be considered when implementing a cloud
outsourcing arrangement. This includes the definition of identify and access management
requirements, approval, provisioning, credential management, access review and revocation.
Control Objectives
Ensure the confidentiality and integrity of FI’s data.
Permit users access only to the information assets they require to perform their role.
Ensure segregation of duties is in place for sensitive roles.
Considerations / Good Practice
Identity and Access management should be a paramount consideration when performing a
cloud outsourcing arrangement, and should incorporate both technical and business user
access management. A clear business owner should be identified to ensure accountability,
and ownership of each role defined.
An FI’s Identity and Access management policies and standards should be applied in full in
the CSP environments used by the FI to ensure consistency.
For end users, especially where corporate users are concerned, federation of Active Directory
credentials could be used to allow an FI’s existing processes and infrastructure to be
leveraged.
User Access Administration should be subject to strict segregation of duties and maker /
checker controls, especially where the CSP has access to or is managing systems or
software. Changes in role access rights should be regularly reviewed by an independent
assurance function or the role’s owner.
Where CSPs have access to the FI’s systems or software, this should be captured in an
identity and access management document, which should be reviewed at least annually for
the accuracy of requirements, and that the configuration in the document matches the system
state.
Access and usage of service, generic and administrator accounts should be controlled via
appropriate privileged user access management controls and activities logged for review.
Where development, QA and production environments exist in the Cloud, access should be
strictly controlled. Developers and Testers should not have any write access to production
environments. Production support should have limited read access in accordance with their
responsibilities.
19. ABS Cloud Computing Implementation Guide 1.1
Page 19 of 25
7. Collaborative Disaster Recovery Testing
Disaster recovery testing is an essential part of developing an effective disaster recovery strategy.
Where there is business critical function, the FI should plan and perform their own simulated disaster
recovery testing, testing jointly with the CSP where possible. If relevant, the outsourcing arrangement
should contain Business Continuity Planning (BCP) requirements on the CSP, in particular Recovery
Time Objectives (RTO) and Recovery Point Objectives (RPO).
Control Objectives:
Ensure the accuracy, completeness, and validity of recovery procedures.
Verify the capabilities of the personnel executing the recovery procedures.
Validate the accuracy of the information in the disaster recovery plan.
Verify that the time estimates for recovery are realistic.
Ensure that all changes in the computing environment are reflected in the disaster recovery
plan, and that all facilities are available.
Considerations / Good Practice
The CSP should develop disaster recovery and business continuity plans and share the plans
with the FI.
CSPs should obtain necessary certifications (e.g. ISO27001 and validated against ISO27018)
and their processes should be audited by independent third parties with such audit reports
made available to the FI.
Put in place a communications plan or an automated call tree that covers both CSP and FI
staff.
Ensure that the FI’s Crisis Management team is fully aware of the CSP’s recovery plan.
When performing DR testing with the CSP, consider doing spot checks or testing on short
notice to validate their level of readiness for an actual disaster event.
Ensure that any deficiencies noted during testing are recorded, and the implementation of
corrective actions is monitored via the service management meetings.
20. ABS Cloud Computing Implementation Guide 1.1
Page 20 of 25
8. Security Events Monitoring and Incident Management
Cyber-attacks and the compromise of a computer system can only be detected in a timely fashion if
there is effective monitoring of the IT systems to differentiate legitimate and abnormal activities. As
attack sophistication increases with the complexities of modern IT systems, it is imperative that
monitoring of IT systems progresses beyond typical health and performance metrics to include
security events and advanced analytics to correlate events across various systems at the network,
infrastructure, and application layers of the IT environment.
Timely detection of security incidents coupled with tight integration with incident response and
management processes can allow security incidents to be remediated speedily, thereby limiting
potential damages.
Control Objectives:
Provide early detection of network and system anomalies in the IT environment to facilitate
timely response to potentially developing security incidents.
Provide a reasonable level of retrospective detection of security incidents in the IT
environment as and when new threat intelligence is available.
Provide assurance that security incidents are appropriately escalated and notified to the
relevant stakeholders.
Considerations / Good Practice
Appropriate detection mechanisms should be in place at the network, system, and application
level to analyse activities that could affect the security and stability of the cloud service.
Appropriate monitoring infrastructure such as a Security Incident and Event Monitoring
(SIEM) system should be in place to provide automatic analysis, correlation, and triage of
security logs from the various monitoring systems.
An approach to leverage the data from the CSP’s SIEM architecture into the FI’s core
Intrusion Detection capability should be considered if possible.
Secure and robust security logging infrastructure such as consolidation of logs to an
independent system should be in place to ensure that the integrity and availability of the logs
are maintained.
Appropriate security systems and measures, such as network intrusion detection/prevention
systems (NIDPS), web application firewall (WAF), DDoS mitigation, and data leakage
prevention systems, should be deployed at strategic locations to detect and mitigate security
breaches and ongoing attacks.
Based on the materiality of the outsourcing arrangement, a Security Operations Centre (SOC)
operating on a 24x7 basis should be strongly recommended to provide active monitoring of
security events and timely escalation of security incidents.
A Computer Emergency Response Team (CERT) or Security Incident Response Team
(SIRT) should be in place to provide timely response to security incidents. Coordination
between the CSP and FIs’ teams should be formalised.
Definition of a security incident and the various levels of severity should be appropriately
defined and agreed between the FI and the cloud service provider.
Criteria and performance requirement i.e. SLA for the escalation, notification, containment,
and closure of relevant security incident should be appropriately defined and agreed between
the FI and the CSP.
Review and testing of the security incident response plan should be conducted on a regular
basis by the CSP and involve the FI where appropriate.
Access to appropriate reports on relevant security incidents and root cause analysis should
be agreed between the FI and the CSP. Where the CSP has commercial, security or
intellectual property reasons to not disclose such reports directly to the FI, the use of a
mutually acceptable independent 3rd party can be agreed.
21. ABS Cloud Computing Implementation Guide 1.1
Page 21 of 25
9. Penetration Testing & Vulnerability Management
Testing the security of applications and infrastructure provides assurance of the security posture of a
service. Through the use of regular vulnerability assessments and penetration tests, assurance can
also be gained as to the effectiveness of security hardening and patching. Cloud environments
provide a unique challenge as testing is performed on a shared platform. Test tools are not able to
differentiate between flaws that can be exploited to cause damage and those that cannot. Penetration
tests attempt to exploit the vulnerabilities in a system to determine whether unauthorized access or
other malicious activity is possible and identify which flaws pose a threat to the application.
Vulnerability Assessment and Penetration Testing (VA/PT) is necessary and applicable where cloud
providers host external facing applications and process essential customer data. Some cloud
environments have restrictions on the type and times of VA testing that can be conducted.
Please refer to the ABS guidelines of Penetration Testing for further details, which can be found here:
http://abs.org.sg/docs/default-source/default-document-library/abs-pen-test-guidelines.pdf
Control Objectives
Identify vulnerable configurations and provide assurance as to the security posture of a
service.
Provide assurance of security processes including security patching and hardening.
Considerations / Good Practice
CSP penetration test reports can be used to gain assurance over the security of underlying
systems but the scope should be reviewed to fully understand what has been tested to ensure
that the final testing encompasses all of the systems involved in the provision of the
service(s).
The tests should take into consideration threats that are unique to cloud computing, such as
hypervisor jumping and weak application program interfaces.
Testers should be aware of typically security issues that are particular to cloud environments
and virtualisation in order to have an understanding of the types of issue that may exist in
such an environment.
FIs should engage the CSP prior to engaging VA/PT to understand any technical limitations of
testing.
All vulnerabilities should be risk assessed, tracked and managed / treated appropriately.
Where a CSP is responsible for remediation of identified vulnerabilities this should occur in
line with any SLA / timeframe agreed in the contract.
22. ABS Cloud Computing Implementation Guide 1.1
Page 22 of 25
10.Administrative Remote Access
Remote access is a tool often used by the FI or the CSP to allow connectivity from a remote location
to allow administration, system maintenance or software releases, as well as system support.
The inherent risk of allowing access from a remote location means that information and physical
security controls of the Data Centre can be by-passed, so strict controls are required if it is to be
permitted.
There are two aspects to cloud environments that need to be considered:
Remote access to the systems by the CSP to manage its own systems.
The various levels of remote access by the FI to both the platform and the systems that are in
the cloud environment.
Control objectives
Provide assurance that remote access to systems is secured against threats of
impersonation.
Provide assurance that user management controls are present and monitored for suspicious
activity.
Grant privileges in accordance with the requirement of the role, with appropriate segregation
of duties.
Considerations / Good Practice
Detailed documentation of all systems remote access procedures including security controls
management. This documentation should be regularly reviewed to ensure accuracy and
currency.
All interfaces to cloud computing infrastructure should be consistent where possible so that
remote access controls are uniformly controlled.
These interfaces should provide discrete segregated data flows to ensure that there is a
secured and auditable method of accessing systems and data.
Remote access security measures such as two factor authentication, and Virtual Private
Network (VPN) encryption should be implemented.
Where possible remote access network traffic should have defined source and destination.
End User Computing device controls should be considered, for instance access only from
recognized hardware using machine authentication, or virtual desktops interfaces to reduce
risk of malware contamination or unauthorized access.
Privileged remote access should only be permitted by authorized exception or break glass
procedures and be time bound. Privileged remote access is inherently risky and must be
strictly controlled.
All privileged remote access is to be reviewed for appropriateness by independent and
qualified personnel.
Examples
Consider a microsite that is hosted by a CSP that is providing infrastructure as a service. From the
CSP’s point of view there should be strong authentication for the access to the network infrastructure /
hypervisor / storage as applicable. There is likely to be a platform to manage changes to the
infrastructure – adding / removing systems, assigning storage, changing network setup. Finally the
systems (Operating Systems, Databases, Application interfaces) themselves require secure remote
access (if used).
Consider a CRM platform as a service hosted by a CSP where the FI only has access to an
administration portal. An FI should consider reviewing the remote access controls of the CSP (and
any third parties) to the administration portal.
23. ABS Cloud Computing Implementation Guide 1.1
Page 23 of 25
11.Secure Software Development Life-cycle and Code Reviews
With the emergence of cloud computing, an increasingly greater number of applications are being
built on cloud platforms. Cloud service development requires a different approach than the traditional
software development life-cycle (SDLC) as the applications are no longer deployed on an on-
premises infrastructure with implicit security, compliance, control, operational transparency and
perceived service level requirements.
Secure SDLC methodology puts emphasis on incorporating security methodology into the SDLC
phases.
Above and beyond the typical secure SDLC, the secure SDLC methodology for cloud applications
requires explicit consideration of the integrity of code artefacts and of environments where
applications are developed and tested throughout each development iteration. Secure destruction of
data and a clean breakdown of environments must also be considered.
Control Objectives:
Ensure operational embedding of risk assessment, threat modelling, vulnerability
assessment, security testing, configuration review, remediation and security improvement
processes in the cloud application SDLC methodology.
Ensure that development and testing environments are protected from unauthorized access.
Ensure confidentiality and integrity of source codes, other code artefacts (e.g. compiled
codes, libraries, runtime modules) and system configuration in all environments.
Prevent inappropriate removal of code artefacts and system configurations from the
underlying systems of the development and testing environments.
Ensure timely removal of code artefacts and system configurations during environment tear-
down at the end of each development iteration.
Considerations / Good Practice
Content version controls, and strict processes for the migration of source code from one
environment to another must be clearly defined as part of a release management process.
Segregation of duties should be in place for code deployment.
Access to source code repositories and privileged access to the development and testing
environments are restricted to only specific authorized individuals.
Unencrypted production data should not be used for testing in the Cloud environment. Test
data must be depersonalised before it is transferred into the CSP’s environment.
Operating System images for environments should be strictly controlled.
Where source code is used for any material purposes, it is strongly recommended to perform
a risk assessment to determine if it is necessary to compile binaries within the FI’s own
networks and copy the binaries into the Cloud.
24. ABS Cloud Computing Implementation Guide 1.1
Page 24 of 25
12.Securing logs and backups
Most systems can produce logs and may require backups. Whilst often overlooked, securing these
logs and backups need careful consideration to ensure the confidentiality, integrity and availability of
this data. Both data in the direct control of FI and the CSP must be appropriately secured.
Control Objectives
Log data should have robust controls to ensure their confidentiality and integrity.
Log data should not contain sensitive information.
Ensure confidentiality of backup data.
Ensure that sensitive data stored in backups is wholly identifiable and can be securely
deleted.
Considerations / Good Practice
FIs should work with CSPs to understand the logging capabilities of the service in order to
gain assurance that there is no “unexpected” logging of data.
Establish requirements for forensic investigation including how to ensure that log data can be
acquired in a forensically sound manner.
Appropriate access control must be in place for backups and log data.
FIs should consider the contents of backups and encrypt sensitive data where appropriate.
FIs should give due consideration to the management of encryption keys used for backup
purposes.
The capability to recover data in a usable form should be regularly tested. Such restoration
tests must be conducted securely to minimise any risk of data leakage.
25. ABS Cloud Computing Implementation Guide 1.1
Page 25 of 25
Acknowledgements
The ABS Task Force Members:
1. ANZ Bank
2. Barclays Bank
3. DBS
4. Deutsche Bank
5. HSBC
6. OCBC
7. Singapore Exchange
8. Standard Chartered Bank
9. UOB