How the Jericho Cloud Cube model dimensions like perimeterised, de-perimeterised and proprietary, open differentiate the cloud formations from each other?
Jericho cloud cube model
Jericho Forum is an international independent group of information security leaders & their focus is on how to protect and secure cloud networks. They put forward a model that helps to categorize a cloud network based on four-dimensional factors. The Jericho Cloud Cube Model describes the multidimensional elements of cloud computing, framing not only cloud use cases, but also how they are deployed and used. The Cloud Cube Model, established and developed by the Jericho Forum, assists in categorizing cloud networks based on four dimensions:
- Internal/External
- Proprietary/Open
- Perimeterised/De-perimeterized
- Insourced/Outsourced
Four-Dimensional model:
1. Physical Location of Data: Data can be stored inside or outside, which ultimately establishes the organization's boundaries.
2. Ownership: Ownership can be proprietary or open; it not just measures the ownership of technology but also its interoperability, data use, and ease of data transfer, as well as the degree of vendor application lock-in.
3. Security Range: The range can be perimeterized or de-perimeterized; which determines whether actions take place within or outside of the security border, firewall, etc.
4. Sourcing: Services can be in-sourced or out-sourced and that refers to whether the service is provided by the client or the service provider.
1. DIMENSION: PHYSICAL LOCATION - INTERNAL OR EXTERNAL
- The internal and external cloud forms are the most fundamental cloud types. The physical placement of the data is defined by the internal and external dimensions. It recognizes if the data lives within or outside of your organization's boundaries. If it is within your physical border, it is Internal; if it is outside of your physical border, it is External. In this case, data kept in a private cloud deployment is deemed internal, whereas data kept outside the private cloud is deemed external. It is critical to stress that the idea that the internal is always more secure than the exterior is incorrect. The most secure usage model makes use of both internal and external cloud types.
- For example, virtualized hard drives in a company's data center are internal, whereas Amazon SC3 is external.
2. DIMENSION: OWNERSHIP - PROPRIETARY OR OPEN
- This is the dimension that specifies the 'ownership' of cloud technologies, services, interfaces, and so on. It denotes the degree of interoperability, as well as permitting "data/application transportability" between clouds. It also highlights any limitations on the ability to distribute apps. your systems and other cloud forms, as well as the freedom to withdraw or upload data from or to a Proprietary, indicates that the entity delivering the service retains control of the means of provision. As a result, when operating in proprietary clouds, you may be unable to switch to another cloud provider without substantial work or expenditure. The most inventive technological developments are frequently made in the proprietary sector. As a result, the proprietor may choose to impose limitations through patents and by making the underlying technology a trade secret.
- Open clouds use non-proprietary technology, which means that there are more suppliers, and you are not as limited in your ability to exchange data and interact with chosen parties utilizing the same open technology. Open services are widely used and have a documented open standard. An untested notion is that the clouds that best facilitate cooperation among many enterprises will be Open.
3. DIMENSION: SECURITY RANGE-PERIMETERISED OR DE-PERIMETERISED
- The third dimension indicates the "architectural mentality" - are you functioning within or outside of the typical IT perimeter? De-perimeterisation has always been associated with the progressive failure/removal/shrinkage/collapse of the old silo-based IT perimeter.
- Perimeterisation entails continuing to function inside the conventional IT perimeter, which is frequently signified by "network firewalls." Collaboration is hampered by this approach. When working in perimeter regions, you may easily extend your own organization's perimeter into the external cloud computing dom via a VPN and running the virtual server in your IP domain, utilizing your directory services to regulate acc When the computation process is over, you may return your perimeter to its original conventional location. The sort of system perimeter is considered a traditional, although virtual, perimeter.
- The term "de-perimeterised" indicates that the system perimeter is designed under the concepts specified in the Jericho Forum's Commandments and Collaboration Oriented Architectures Framework. The Cloud Cube Model's de-perimeterised spaces utilize both internal and exterior domains, although day cooperation and sharing should not be considered internal or external. Rather, it is regulated and limited to the parties chosen by the organizations that use it.
4. DIMENSION: SOURCING-INSOURCED OR OUTSOURCED
- This dimension answers the question, "Who do you want to operate your clouds?"
Insourced: the service is performed by your employees under your supervision.
Outsourced: a third party provides the service.
Outsourced: a third party provides the service.
- These two states indicate who is in charge of delivering the cloud service(s) you utilize. This is essentially a policy problem (i.e., a business choice, not a technical or architectural choice) that must be incorporated into a contract with the cloud provider.
- It is vital to remember that few firms that have traditionally provided bandwidth, software, or hardware will be able to move seamlessly to become cloud service providers. Organizations seeking cloud services must acquire the capacity to quickly establish legally enforceable cooperation agreements and dissolve them just as quickly once they are no longer required. To reduce the danger of a data breach or leak, while ending a contract with a provider, an organization should verify that the data is properly erased from the service provider's infrastructure (including backups).
Comments
Post a Comment