Lesson 6: Cloud & Zero Trust

Cloud Deployment Models

• Public: Multi-tenant, shared resources, pay-as-you-go (AWS, Azure, Google Cloud)
• Private: Dedicated infrastructure, single organization (on-premises or hosted)
• Hybrid: Integrates public scalability with private security
• Community: Shared infrastructure for organizations with common compliance needs

Multi-Tenant = "Shared Elevator" (saves money, crowded) Single-Tenant = "Private Elevator" (only yours, costly)

Cloud Service Models

• IaaS (Infrastructure as a Service): Rent VMs, storage (AWS EC2, Azure VMs)
  • Customer: OS, apps, data | Provider: Hardware, networking
• PaaS (Platform as a Service): Dev tools, databases (Heroku, Google App Engine)
  • Customer: Apps, data | Provider: OS, runtime
• SaaS (Software as a Service): Ready-to-use apps (Office 365, Salesforce)
  • Customer: Just use it, data | Provider: Everything else
• FaaS (Function as a Service): Serverless (AWS Lambda, Azure Functions)
  • Customer: Code | Provider: Execution environment

Cloud Security

Shared Responsibility Model:

• Provider: Physical security, hypervisor, DDoS protection
• Customer: Data encryption, IAM, OS patching

Responsibility varies by model (IaaS requires more customer responsibility than SaaS)

Key Technologies:

• SDN (Software-Defined Networking): Separates control/data planes for flexible security policies
  • Use for: Automating large networks, dynamic security rules
• SDWAN (Software-Defined WAN): Securely connects distributed networks over internet
  • Use for: Multiple office locations, replacing MPLS
• SASE (Secure Access Service Edge): Combines SDWAN + Zero Trust (Zscaler)
  • Use for: Remote workers, cloud apps, simplified security

Zero Trust Architecture (ZTA)

Core Principles:

• "Never Trust, Always Verify": Every access request is untrested, even from inside
• Microsegmentation: Divide network into tiny isolated zones
• Continuous Monitoring: Real-time checks for anomalies

Key Components (NIST SP 800-207):

• Policy Engine: "Brain" that decides access based on risk
• Policy Administrator: Enforces Policy Engine decisions
• Policy Enforcement Point (PEP): "Gatekeeper" that allows/denies access

How Zero Trust Works:

1. User tries to access resource
2. Policy Engine checks: Who they are (MFA), device security, location/time
3. Policy Administrator grants limited access
4. PEP enforces filtering
5. Continuous monitoring detects anomalies

Zero Trust vs Traditional:

• Traditional: "Trust but verify" (castle walls)
• Zero Trust: "Never trust" (every room has a lock)

Implementation Options:

• Secured Zones: Network/data segmentation
• Threat Scope Reduction: Minimize attack surface

Why Zero Trust:

• Cloud adoption (data lives in AWS/Azure)
• Remote work (access from everywhere)
• IoT proliferation (easy targets)

Embedded Systems & IoT

Key Risks:

• Limited compute power → weak encryption
• Default credentials → easy exploitation
• Unpatchable firmware → long-term vulnerabilities

Security Frameworks:

• IoTSF: Best practices for IoT devices
• ETSI IoT Standards: EU guidelines

Industrial Systems (ICS/SCADA):

• Components: PLCs, HMIs, data historians
• Threats: Stuxnet-style attacks on critical infrastructure
• Industrial sector: Mining, refining (high heat/pressure furnaces, pumps)

Resilient Cloud Architecture

• Geo-Redundancy: Data replicated across regions (AWS S3 Cross-Region Replication)
• Auto-Scaling: Dynamically adjusts resources (Kubernetes pods)
• Containerization: Isolates apps in lightweight environments (Docker, Kubernetes)

Centralized vs Decentralized:

Centralized:

• Easier to enforce policies and monitor
• Smaller attack surface
• Single point of failure
• Examples: Banking systems, corporate intranets

Decentralized:

• More resilient (no single point of failure)
• Larger attack surface
• Harder to manage
• Examples: Blockchain, P2P networks

Architecture Models

• Client-Server: Centralized control, easy to manage, single point of failure
• Peer-to-Peer (P2P): Decentralized, scalable, hard to secure
• Hybrid: Balanced model, moderate security
• Monolithic: All-in-one, tightly coupled, difficult to scale