openstack-manuals/doc/security-guide/ch006_introduction-to-case-studies.xml

<?xml version="1.0" encoding="UTF-8"?>
<chapter xmlns:xi="http://www.w3.org/2001/XInclude"
  xmlns:xlink="http://www.w3.org/1999/xlink"
  xmlns="http://docbook.org/ns/docbook"
  version="5.0"
  xml:id="ch006_introduction-to-case-studies">
  <?dbhtml stop-chunking?>
  <title>Introduction to case studies</title>
  <para>This guide refers to two running case studies, which are
    introduced here and referred to at the end of each chapter.</para>
  <section xml:id="ch006_introduction-to-case-studies-idp44496">
    <title>Case study: Alice, the private cloud builder</title>
    <para>Alice deploys a private cloud for use by a government
      department in the US. The cloud must comply with relevant
      standards, such as FedRAMP. The security paperwork requirements
      for this cloud are very high. It must have no direct access to
      the internet: its API endpoints, compute instances, and other
      resources must be exposed to only systems within the
      department's network, which is entirely air-gapped from all
      other networks. The cloud can access other network services on
      the Organization's Intranet. For example, the authentication and
      logging services.</para>
  </section>
  <section xml:id="ch006_introduction-to-case-studies-idp46720">
    <title>Case study: Bob, the public cloud provider</title>
    <para>Bob is a lead architect for a company that deploys a large
      greenfield public cloud. This cloud provides IaaS for the masses
      and enables any consumer with a valid credit card access to
      utility computing and storage, but the primary focus is
      enterprise customers. Data privacy concerns are a big priority
      for Bob as they are seen as a major barrier to large-scale
      adoption of the cloud by organizations.</para>
  </section>
</chapter>