From ee137015e528b66289fc1ca822e2089c9aed309a Mon Sep 17 00:00:00 2001 From: sicarie Date: Fri, 2 Oct 2015 15:23:21 -0700 Subject: [PATCH] Updating Bob's Introduction to Case Studies Making it a better foil to Alice's for comparison, including IaaS focus, PCI compliance, LDAP auth, and ELK stack for logging. Change-Id: Ifbd195625b6b6d25698e96a7f0d4959f5901a7bb Partial-Bug: #1349540 --- .../introduction-to-case-studies.rst | 21 +++++++++++++------ 1 file changed, 15 insertions(+), 6 deletions(-) diff --git a/security-guide/source/introduction/introduction-to-case-studies.rst b/security-guide/source/introduction/introduction-to-case-studies.rst index fe3cf402..8ea57fed 100644 --- a/security-guide/source/introduction/introduction-to-case-studies.rst +++ b/security-guide/source/introduction/introduction-to-case-studies.rst @@ -30,9 +30,18 @@ and correlation rules to better monitor the state of her cloud. Case study: Bob, the public cloud provider ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -Bob is a lead architect for a company that deploys a large greenfield -public cloud. This cloud provides IaaS for the masses and enables any -consumer with a valid credit card access to utility computing and -storage, but the primary focus is enterprise customers. Data privacy -concerns are a big priority for Bob as they are seen as a major barrier -to large-scale adoption of the cloud by organizations. +Bob is the lead architect for a company deploying a new public cloud, +focused on Infrastructure as a Service (IaaS). While this cloud will be +open for any consumer with a valid credit card to have access to utility +computing and storage, the primary focus will be enterprise customers. +This means Bob's primary certification concern is PCI compliance, and +his tooling will be developed around the auditing and reporting there, +as well as the specific domains included in the PCI audit. As Bob's team +is technically skilled in the Linux domain, he will be utilizing LDAP +for federation. With plans to scale the cloud rapidly, Bob selects an +open source log management deployment built for large-volumes of events +with a highly customizable view. Data privacy and security concerns are +the top barrier to adoption of the cloud, so Bob will also implement +strict internal processes and two-factor authentication around +sensitive assets, as well as allowing customers to leverage this for +logins as well.