Page 605 - (ISC)² CISSP Certified Information Systems Security Professional Official Study Guide
P. 605

security event management.

               The cloud shared responsibility model is the concept that when an
               organization uses a cloud solution, there is a division of security and

               stability responsibility between the provider and the customer. The
               different forms of cloud service (such as SaaS, PaaS, and IaaS) may
               each have different levels or division points of shared responsibility. A
               SaaS solution places most of the management burden on the shoulders
               of the cloud provider, while IaaS management leans more toward the

               customer. When electing to use a cloud service, it is important to
               consider the specifics of the management, troubleshooting, and
               security management and how those responsibilities are assigned,
               divided, or shared between the cloud provider and the customer.


               Grid Computing

               Grid computing is a form of parallel distributed processing that

               loosely groups a significant number of processing nodes to work
               toward a specific processing goal. Members of the grid can enter and
               leave the grid at random intervals. Often, grid members join the grid
               only when their processing capacities are not being taxed for local
               workloads. When a system is otherwise in an idle state, it could join a
               grid group, download a small portion of work, and begin calculations.
               When a system leaves the grid, it saves its work and may upload

               completed or partial work elements back to the grid. Many interesting
               uses of grid computing have developed, ranging from projects seeking
               out intelligent aliens, performing protein folding, predicting weather,
               modeling earthquakes, planning financial decisions, and solving for
               primes.

               The biggest security concern with grid computing is that the content of
               each work packet is potentially exposed to the world. Many grid

               computing projects are open to the world, so there is no restriction on
               who can run the local processing application and participate in the
               grid’s project. This also means that grid members could keep copies of
               each work packet and examine the contents. Thus, grid projects will
               not likely be able to maintain secrecy and are not appropriate for

               private, confidential, or proprietary data.
   600   601   602   603   604   605   606   607   608   609   610