5. Representations Extensions
5.1.1. Domains and generic framework
The graphical representations shown in the following sub-sections, aim to highlight what are the levels of the enterprise architecture framework of a company that want to go into the cloud, that must be carefully evaluated considering one by one all the areas of interest.
In Chapter 4 some best practices and respective recommendations have been de- scribed for each domain. These recommendations have been, then, taken in account to extend the architectural representation. The matrices proposed are composed on the ordinate axis by the five layers that characterize the structure of a generic enterprise architecture framework and on the abscissa axis by the most significant recommenda- tions.
Each recommendation can involve one or more layers. In order to highlight the impor- tance of the recommendations and, thus, the possibility that a danger might occur at that level, the intersection of the two layers is emphasized by a particular yellow symbol of warning.
Application security and encryption
After a careful analysis, we selected the most significant recommendations for the application security and encryption area which are related to possible issues against which a company may incur. These are the number 2, 5, 6, 9, 12 and 13. They deal in particular with the management of credential and encryption keys, the need of en- cryption for particular data and files, as well as the compliance to existing encryption standards.
As can be seen in the matrix in Figure 5.2, the first recommendation useful is the num- ber 2: ”The management of application credentials is critic: they should be protected and secured” and involves the ”Application” layer.
The recommendations number 5 ”It is important to use encryption to separate the stor- age and the usage of data”, number 12 ”Check if the data are encrypted also during
Figure 5.2.: Graphical representation for application security and encryption domain
the transit inside the cloud provider’s network. Cloud provider’s network is more secure than the Internet but, anyway, it’s shared between different customers” and number 13 ”It’s possible that in IaaS scenario, also virtual machines files and temporary data need to be encrypted” involve, instead, the ”Data” layer.
The recommentations number 6 ”The chosen encryption system should conform to the existing industry and government standards” and number 9 ”Keys used to encrypt data must themselves be protected when they are stored, in transit or backed-up” in the end, involve the ”Strategy” Layer.
Governance and risk management
After a careful analysis, the most significant recommendations for the governance and risk management area, related to possible issues against which a company may incur are the number 1 and 6. They deal in particular with activities that should be executed no matter what is the cloud provider.
As is possible to see in the matrix in Figure 5.3, the first recommendation useful is the number 1 ”To guarantee that fixed requirements are met, it’s necessary to perform se- curity controls, assessment and audits. Audits are important to determine how data are stored and used and, most important, how they are secured” and involves the ”Data” layer.
The second recommendation useful is the number 6 ”The risk management procedure should consider the identification and evaluations of assets, the identification and, con- sequently, the analysis of possible threats and vulnerabilities and the strength of the
Figure 5.3.: Graphical representation for governance and risk management domain
impact on the assets. Possible scenarios should be evaluated and different risk treat- ment plans should be analyzed and developed” and it involves, instead, the ”Strategy” and the ”Technology” layers.
Incident management
A careful analysis, led to the choice of determined recommendations deemed the most significants in order to understand possible issues against which a company may incur. In this area the most significant recommendations are the number 1 and 6. Both of them deal of the description of the enterprise architecture and of the important features related to incidents and ways to minimize incidents consequences. As is possible to see in the matrix in Figure 5.4, the first recommendation useful is the number 1 ”One of the first things that a cloud customer should do before the service is deployed, is to explicitly define what is considered an incident and what a mere event” and involves the ”Strategy” layer. The second recommendation useful is the number 6 ”If there are data labeled as private, then they have to be encrypted in order to reduce the consequences of a possible incident” and it involves, instead, the ”Data” layer.
Portability and interoperability
A careful analysis, led to the choice of determined recommendations deemed the most significants in order to understand possible issues against which a company may incur.
Figure 5.4.: Graphical representation for incident management domain
This time, the most significant recommendations have been considered are the num- ber 4, 6 and 10. They mainly deal with the applications interfaces and data formats used, as well as security measures for transferring data and for storing them.
As is possible to see in the matrix in Figure 5.5, the first recommendation useful is the
Figure 5.5.: Graphical representation for portability and interoperability domain
number 4 ”Identify and understand any kind of dependencies related to applications and data. Moreover, the presence of interfaces, APIs or functions that are not com- patible with the new cloud provider should be determined” and this time, involves two levels: both ”Data” and ”Application” layer.
The second recommendation useful is the number 6 ”Identify the best tool to guarantee security of data when they are transferred and backed up” and it involves the ”Data” layer.
In the end also another recommendation is useful: the number 10 ”If there are cus- tomized tools, it is important to understand that, to allow portability, they have to be re- designed and implemented again. A possible alternative is that the new cloud provider provides these tools” and it involves the ”Data” layer as the previous recommendation.
Privacy
The most significant recommendations for the provacy area, related to possible issues against which a company may incur are the number 5, 7 and 8. These recommenda- tions deal in particular to the categorization of the data used by the company, security procedures adopted by the company to handle data breaches and data requirements defined by laws and regulations.
Figure 5.6.: Graphical representation for privacy domain
As is possible to see in the matrix in Figure 5.6, the first recommendation useful is the number 5 ”It is important that a procedure to handle breaches is carefully defined.” and involves the ”Business” layer. The second recommendation useful is the number 7 ”If there are some data that should not be seen by competitors, think twice about storing them into the cloud” and it involves, instead, the ”Strategy” layer. As the recom- mendation already mentioned, also the recommendation number 8 ”Companies should
check if they can store specific data into the cloud, that is if it is permitted by the law and regulations” is useful and involves the ”Strategy” layer.
Security and disaster recovery
Concerning the security and disaster recovery area is not shown any matrix. This be- cause all the best practices described in Chapter 4, are related to the relation between company and cloud provider. Since the choice of the cloud vendor is made a priori, the extension, does not relate with the architectural description of the company made a priori, does not affect this area.
Service availability
Regarding the service availability area, all the best practices described in Chapter 4, are related to the SLA and the availability of web services and of resources by the clud vendor. This means that the choice has depended on the cloud vendors. Also this time it has already done a priori. However, it is still possible to make some important considerations. Indeed, the exemplification of a possible scenario described in Chapter 4, made us understand that service availability is really important to do not impact the mission of the company. As already stated there are threats that can influence the availability, temporarily or permanently and thus they can have negative effects on the mission of the company and its business.
All these considerations lead us to the inference that the level involved is the ”Business” layer. Thus, how is possible to see in the matrix in Figure 5.7, it is marked with the symbol of warning of yellow colour.
Final Framework Extended
Figure 5.8 shows a global vision of the framework. As is possible to see in that matrix, this time we can find on the abscissa axis all domains of a company that must be taken into account to understand if move into the cloud is or is not the right choise. On the ordinate axis, instead, the matrix is composed by the five layers that characterize the structure of a generic enterprise architecture framework. In this representation each matches between the elements of the ordinate axis with the elements of the abscissa axis produces different types of warning. The types of warning depend on how many recommendations or factors (in the case of the service availability) of the differents do- mains, involve the architectural elements that represents a company.
Figure 5.7.: Graphical representation for service availability domain
recommendations to evaluate are two the symbol of warning is orange and if the rec- ommendations to evaluate are three or more the symbol of warning is red. As already explaned in the paragraph above, concerning the security and disaster recovery, there are no symbols of warning that involve the that domain.