Authentication
The act of identifying or verifying the eligibility of a station, originator, or individual to access specific categories of information. Typically, a measure designed to protect against fraudulent transmissions by establishing the validity of a transmiss
Authorization
The granting of right of access to a user, program, or process.
Content Delivery Network (CDN)
A service where data is replicated across the global Internet.
Corporate Governance
The relationship between the shareholders and other stakeholders in the organization versus the senior management of the corporation.
Database as a Service
In essence, a managed database service.
Demilitarized Zone (DMZ)
Isolates network elements such as e-mail servers that, because they can be accessed from trustless networks, are exposed to external attacks.
Enterprise Risk Management
The set of processes and structure to systematically manage all risks to the enterprise.
Hardware Security Module (HSM)
A device that can safely store and manage encryption keys. This can be used in servers, data transmission, protecting log files, etc.
Management Plane
Controls the entire infrastructure, and parts of it will be exposed to customers independent of network location, it is a prime resource to protect.
Object Storage
Objects (files) are stored with additional metadata (content type, redundancy required, creation date, etc.). These objects are accessible through APIs and potentially through a web user interface.
Redundant Array of Inexpensive Disks (RAID)
Instead of using one large disk to store data, one can use many smaller disks (because they are cheaper).
An approach to using many low-cost drives as a group to improve performance, yet also provides a degree of redundancy that makes the chance of data l
Security Alliance's Cloud Controls Matrix
A framework to enable cooperation between cloud consumers and cloud providers on demonstrating adequate risk management.
Software Defined Networking (SDN)
A broad and developing concept addressing the management of the various network components.
The objective is to provide a control plane to manage network traffic on a more abstract level than through direct management of network components