Glossary
Tenant
A tenant is someone who uses IaaS, Paas, or SaaS.
Isolation
Isolation means that each tenant's data and programs are separate from other tenants.
External interface
A tenant-facing application that processes user input and allows for the ingestion of user-controlled and untrusted data.
Interface complexity
A software component's potential for abuse by a malicious actor aiming to escalate their privileges in the environment.
Attack surface
The attack surface is the sum of the attack vectors that an actor can use to access an environment.
Trust boundary
A trust boundary is the place where you decide how much you trust someone else with your data and programs
Security boundary
A security boundary is like a trust boundary but it also keeps people from seeing your data and programs
Primary boundaries
Security boundaries that can independently achieve varying degrees of isolation in a could service environment.
Secondary boundaries
Unlike primary boundaries, secondary boundaries are not independent security boundaries. They must be used in conjunction with primary boundaries to increase a cloud environment's isolation level.
Hardening
Hardening is the process of making a system more secure by adding layers of protection.
Control Plane
The control plane is the collection of backend components in charge of policy establishment, such as resource orchestration and provisioning of access.