Until recently, enterprises designed data centers with the mindset of supplying hosting, compute, storage, or other services with typical or standard organization types in mind. This mindset is a problem when considering modern-day data centers and cloud service offerings. As cloud-based application development continues to gain popularity and widespread adoption, it is important for us to recognize the benefits and efficiencies, along with the challenges and complexities. Cloud development typically includes integrated development environments, application lifecycle management components, along with application security testing. Unlike traditional deployments within a data center or even a hosted solution where network controls are ubiquitous and compensating perimeter controls are sometimes depended upon to offer application security, cloud applications often run in a comparatively unprotected fashion.
In this chapter, we will cover the following topics:
- Application programming interface
- Common infrastructure file formats – VMs
- Data and application federation
- Deployment
- Federated identity
- Identity management
- Portability and interoperability
- Lifecycle management
- Location awareness
- Metering and monitoring
- Open client
- Availability
- Privacy
- Resiliency
- Auditability
- Performance
- Management and governance
- Transaction and concurrency across clouds
- SLAs and benchmarks
- Provider exit
- Security
- Security controls
- Distributed computing reference model