BA05 Lack Of Resource Isolation Of Cloud Application
Context | Compliance manager works with cloud application |
Problem | Lack of data, code, network isolation of cloud applications caused by misconfigurations and vulnerabilities of cloud infrastructure |
Solution | Define data isolation testing procedures (SLA); |
References | R.9 Isolation failure [ENISA]; Isolation Failure [QUIRC]; Data Isolation Testing Level [Casola]; |
Type | ns:type_ThreatPattern |
Victim | su:comp_CloudApplication |
Aggressor | su:comp_ComplianceManager |
Aggr. role | ns:role_Client |
STRIDE | ns:STRIDE_Information_Disclosure; ns:STRIDE_Tampering |
Threat |