In the cloud, we can define stakeholders in two categories:
- Cloud provider: This is the one who provides cloud services
- Cloud consumer: This is the one who consumes cloud services
In cloud security, compliance is defined on the shared responsibility model. Here, the cloud provider is responsible for managing security and compliance at the physical infrastructure level, hypervisor level, physical network level, storage level, and orchestration layer.
The cloud consumer assumes responsibility for managing security and compliance from the virtual machine level to the application level.
In AWS it's a bit more clarified, and here the security responsibility model is defined in three different categories:
- A shared ...