current
Copyright © 2013 OpenStack Foundation
Except where otherwise noted, this document is licensed under Creative Commons Attribution 3.0 License |
2014-04-26
Abstract
This book provides best practices and conceptual information about securing an OpenStack cloud.
Contents
- Preface
- 1. Acknowledgments
- 2. Why and how we wrote this book
- 3. Introduction to OpenStack
- 4. Security Boundaries and Threats
- 5. Introduction to Case Studies
- 6. System Documentation Requirements
- 7. Case Studies: System Documentation
- 8. Management Introduction
- 9. Continuous Systems Management
- 10. Integrity Life-cycle
- 11. Management Interfaces
- 12. Case Studies: Management Interfaces
- 13. Introduction to SSL/TLS
- 14. Case Studies: PKI and Certificate Management
- 15. SSL Proxies and HTTP Services
- 16. API Endpoint Configuration Recommendations
- 17. Case Studies: API Endpoints
- 18. Identity
- 19. Dashboard
- Basic Web Server Configuration
- HTTPS
- HTTP Strict Transport Security (HSTS)
- Front end Caching
- Domain Names
- Static Media
- Secret Key
- Session Backend
- Allowed Hosts
- Cookies
- Password Auto Complete
- Cross Site Request Forgery (CSRF)
- Cross Site Scripting (XSS)
- Cross Origin Resource Sharing (CORS)
- Horizon Image Upload
- Upgrading
- Debug
- 20. Compute
- 21. Object Storage
- 22. Case Studies: Identity Management
- 23. State of Networking
- 24. Networking Architecture
- 25. Networking Services
- 26. Securing OpenStack Networking Services
- 27. Networking Services Security Best Practices
- 28. Case Studies: Networking
- 29. Message Queuing Architecture
- 30. Messaging Security
- 31. Case Studies: Messaging
- 32. Database Backend Considerations
- 33. Database Access Control
- 34. Database Transport Security
- 35. Case Studies: Database
- 36. Data Privacy Concerns
- 37. Data Encryption
- 38. Key Management
- 39. Case Studies: Tenant Data
- 40. Hypervisor Selection
- 41. Hardening the Virtualization Layers
- 42. Case Studies: Instance Isolation
- 43. Security Services for Instances
- 44. Case Studies: Instance Management
- 45. Forensics and Incident Response
- 46. Case Studies: Monitoring and Logging
- 47. Compliance Overview
- 48. Understanding the Audit Process
- 49. Compliance Activities
- 50. Certification & Compliance Statements
- 51. Privacy
- 52. Case Studies: Compliance
- A. Community support
- Glossary