Remerciez-le!

Remerciez @Admin pour avoir partagé cet document gratuitement, de la manière la plus simple, en partageant sur les réseaux sociaux.

Openstack security guide OpenStack Security Guide May current OpenStack Security Guide current - - Copyright ? OpenStack Foundation Some rights reserved This book provides best practices and conceptual information about securing an OpenStack cloud Except

OpenStack Security Guide May current OpenStack Security Guide current - - Copyright ? OpenStack Foundation Some rights reserved This book provides best practices and conceptual information about securing an OpenStack cloud Except where otherwise noted this document is licensed under Creative Commons Attribution License http creativecommons org licenses by legalcode i C COpenStack Security Guide May current Table of Contents Preface ix Conventions ix Document change history ix Introduction Acknowledgments Why and how we wrote this book Introduction to OpenStack Security boundaries and threats Introduction to case studies System documentation System documentation requirements Case studies Management Continuous systems management Integrity life-cycle Management interfaces Case studies Secure communication Introduction to TLS and SSL TLS proxies and HTTP services Secure reference architectures Case studies API endpoints API endpoint con ?guration recommendations Case studies Identity Authentication Authentication methods Authorization Policies Tokens Future Federated Identity Checklist Dashboard Basic web server con ?guration HTTPS HTTP Strict Transport Security HSTS Front end caching Domain names Static media iii COpenStack Security Guide May current Secret key Session back end Allowed hosts Cross Site Request Forgery CSRF Cookies Cross Site Scripting XSS Cross Origin Resource Sharing CORS Horizon image upload Upgrading Debug Compute How to select virtual consoles Object Storage First thing to secure the network Securing services general Securing storage services Securing proxy services Object Storage authentication Other notable items Case studies Identity management Alice's private cloud Bob's public cloud Networking Networking architecture Networking services Securing OpenStack Networking services Networking services security best practices Case studies Message queuing Messaging security Case studies Data processing Introduction to Data processing Deployment Con ?guration and hardening Case studies Databases Database back end considerations Database access control Database transport security Case studies Tenant data privacy Data privacy concerns iv COpenStack Security Guide May current Data encryption Key management Case studies Hypervisor and virtualization layer Hypervisor selection Hardening the virtualization layers Case studies Instance security management Security services for instances Case studies Monitoring and logging Forensics and incident response Case studies Compliance Compliance overview Understanding the audit process Compliance activities Certi ?cation and compliance statements Privacy Case studies A Community support Documentation ask openstack org OpenStack mailing lists The OpenStack wiki The Launchpad Bugs area The OpenStack IRC channel Documentation feedback OpenStack distribution packages Glossary v C COpenStack Security Guide May current List of Figures Attack types An example diagram from the OpenStack Object Storage Administration Guide Object Storage network architecture with a management node OSAM vii C COpenStack Security Guide May current Preface Conventions ix Document change history ix Conventions The OpenStack documentation uses several typesetting conventions Notices Notices take these forms Note A handy tip or reminder Important Something you must be aware of before proceeding Warning Critical information about the risk of data loss or security issues Command prompts prompt Any user including the root user can run commands that are pre ?xed with the prompt prompt The root user must run commands that are pre ?xed with the prompt You can also pre ?x these commands with the