Got it

4C's for Security of Cloud-Native Highlighted

Latest reply: Jan 19, 2022 10:44:52 887 14 8 0 1

 

Every layer of the Cloud Native security architecture builds on the previous one. The Code layer benefits from robust foundation security layers (Cloud, Cluster, Container). By addressing security at the Code-level, you cannot protect against weak security standards in the base layers.                                             

4c

4Cs of Cloud Native

CLOUD

In many respects, a Kubernetes cluster's trusted computing base is the Cloud. If the Cloud layer is vulnerable, the components placed on top of it are not guaranteed to be safe. Each cloud provider has its own set of security guidelines for executing workloads safely in its environment.

The cloud is regarded as the foundation of security layers. Because developers cannot set application security at the code level, steps must be done at the cloud level. It all comes down to executing secure workloads in the environment of the individual cloud provider.

Cloud provider security 

Read the documentation for security industry standards if you are deploying a Kubernetes cluster on your own hardware or with a different cloud provider.

huawei cloud

Huawei Cloud

             Image Source:  Huawei Cloud 

·        Data safety

·        Management of Identity and Access (IAM)

·        Administration (policies for preventing, detecting and mitigating threats)

·        Data preservation and business continuity planning

·        Compliance with the law


Cloud security may appear to be traditional IT security, but its structure necessitates a distinct strategy. Before we go into the specifics, let's define cloud security.


⚫ CLUSTER

The cluster layer follows the cloud, and Kubernetes often is regarded as the de facto orchestration platform. RBAC, Pod security and network policies, secret management, logging, and monitoring are all things to consider while utilizing Kubernetes.

K8

 Logo - Kubernetes

Image Source:  Kubernetes Website

 

There are two main types of concerns in securing Kubernetes:

  • Securing the cluster components that are configurable

  • Securing the applications which run in the cluster


Want to know more about Kubernetes --> Link 


⚫ CONTAINER SECURITY

This layer discusses container security management as well as recommended practices. Certain security best practices must be followed while building apps inside a container. First and foremost, avoid running privileged containers. Except for system containers such as monitoring or logging agents, most programs do not require root access to function.

container

Container

             Image Source:  Kubernetes Website


⚫ CODE

    The last C in the cloud-native security layer is code. Strengthening security into an application’s code is one of the best practices in DevSecOps. 

 

What you think, Which Layer’s security is most important?

 

Please feel free to leave a message and engage in a discussion in the comment section. Thank you very much!


The post is synchronized to: Community Blog

  • x
  • convention:

Irina
Admin Created Jan 18, 2022 12:26:18

Hi, @BAZ
Because your article was very valuable and qualitative, we've decided to feature it on our Blog collection: https://forum.huawei.com/enterprise/en/forum.php?mod=collection&action=view&ctid=431

Congrats!
View more
  • x
  • convention:

faysalji
Author Created Dec 4, 2021 12:23:59

Important topic, Well written. Thank you
View more
  • x
  • convention:

BAZ
BAZ Created Dec 5, 2021 12:16:48 (0) (0)
Glad you like it.  
Sirajs
Created Dec 4, 2021 14:01:50

very useful information ..thanks for sharing
View more
  • x
  • convention:

BAZ
BAZ Created Dec 5, 2021 12:17:07 (0) (0)
Welcome dear  
Saqib123
Created Dec 4, 2021 18:23:56

Thanks for sharing 4C's for Security of  Cloud-Native-4442591-1
View more
  • x
  • convention:

Irshadhussain
Created Dec 4, 2021 18:41:51

Good
View more
  • x
  • convention:

Irshadhussain
Created Dec 4, 2021 18:41:59

4C's for Security of  Cloud-Native-4442619-1
View more
  • x
  • convention:

NTan33
Created Dec 5, 2021 02:34:44

Concepts that are important indeed.
View more
  • x
  • convention:

Dia0205
Created Dec 5, 2021 06:50:43

Thanks for sharing.
View more
  • x
  • convention:

IndianKid
Author Created Dec 5, 2021 07:33:28

good topic BAZ bhai
View more
  • x
  • convention:

MahMush
Author Created Dec 5, 2021 08:27:32

Very detailed information, well written....
View more
  • x
  • convention:

12
Back to list

Comment

You need to log in to comment to the post Login | Register
Comment

Notice: To protect the legitimate rights and interests of you, the community, and third parties, do not release content that may bring legal risks to all parties, including but are not limited to the following:
  • Politically sensitive content
  • Content concerning pornography, gambling, and drug abuse
  • Content that may disclose or infringe upon others ' commercial secrets, intellectual properties, including trade marks, copyrights, and patents, and personal privacy
Do not share your account and password with others. All operations performed using your account will be regarded as your own actions and all consequences arising therefrom will be borne by you. For details, see " User Agreement."

My Followers

Login and enjoy all the member benefits

Login

Block
Are you sure to block this user?
Users on your blacklist cannot comment on your post,cannot mention you, cannot send you private messages.
Reminder
Please bind your phone number to obtain invitation bonus.
Information Protection Guide
Thanks for using Huawei Enterprise Support Community! We will help you learn how we collect, use, store and share your personal information and the rights you have in accordance with Privacy Policy and User Agreement.