Policy implementation

RGPV: Cloud Computing: Unit 4


Policy-  A principle of behaviour, conduct etc. thought to be desirable or necessary, especially as formally expressed by a government or other authoritative body.

Implementation-  The process of moving an idea from concept to reality. In business, engineering and other fields, implementation refers to the building process rather than the design process.

The policy implementation in cloud is carried out basically in 3 levels-

1. Policy Field Level- The Oragnizational level and Frontline levels are managed by the Policy level .It is most important to recognize that no levels act in isolation the Terminologies,Decisions,and instructions of one level influence the others.

2. Organizational  Level-  It checks how the recommended  ideas is  really going to work. At this level organizations can act either as Authorizers or Service Provider .

3. Front Lines Level- Who works  closest with our information comes in it. It understand the consequences,and  have  experience .

The areas  that must be addressed by the cloud security policy are-

1.Access  control-   Access control (AC) is the selective restriction of access to a place or other  resource. The act of accessing may mean consuming, entering, or using.

2.Data Protection- Data protection refers to the point that data should not be lost,damaged or corrupted while being used by different resources.we should have the backup of the data as well.

3. Confidentality- Confidentiality involves a set of rules or a promise that limits access or places restrictions on certain types of information.

4. Data Integrity- Data integrity  refers to the validity of data. Data integrity can be compromised in a number of ways:

  Human errors when data is entered

  Errors that occur when data is transmitted from one computer to another

  Software bugs or viruses

  Hardware malfunctions, such as disk crashes

  Natural disasters, such as fires and floods


5. Identification and Authentication-  The process of comparing a biometric data sample against all of the systems databased reference templates in order to establish the identity of the person trying to gain access to the system is termed as identification.

The process of identifying an individual, usually based on a username and password. In security systems is authentication. It  merely ensures that the individual is who he or she claims to be, but says nothing about the access rights of the individual.

6. Accountability- Accountability is the acknowledgment and assumption of responsibility for actions, products, decisions, and policies.






Related topics

Professor Jayesh video tutorial

Please use contact page in this website if you find anything incorrect or you want to share more information about the topic discussed above.