Data Security in the Cloud
Ce guide de "Sécurisation de la donnée dans le Cloud" s’adresse aux professionnels en charge de concevoir ou de déployer des solutions Cloud – architectes, développeurs, référents sécurité… Il se concentre sur un levier fondamental de la sécurité des données : le chiffrement.
Catégorie : Commun Statut : Production 1 : Idée - 2 : Prototype - 3 : Validation - 4 : ProductionMots clés : Cloud, Sécurité, Données
Description
In a defence-in-depth approach, encryption is the first line of protection. It relies on robust algorithms (such as AES) and rigorous key management. This cryptographic protection is reinforced by other layers: strict access and identity policies, physical measures in data centres, organisational mechanisms (audits, separation of roles), as well as backup and monitoring devices. Together, these measures aim to ensure the confidentiality, integrity and availability of data.
This document focuses specifically on the central role of encryption in this defence architecture, providing an overview of threats, protection mechanisms tailored to each data state (at rest, in transit, in use), and concrete solutions applicable to different cloud environments. Each measure is described in operational terms, with an overview of its prerequisites, costs and implementation limitations.
Téléchargement
