Hi, everyone. Welcome to the sixth chapter in our Tencent Cloud Solutions Architect Professional Course, Information Security. At the end of this chapter, you'll be able to understand generally accepted Cloud security systems and standards, the security responsibility sharing principals of Tencent Cloud, the data life cycle, Tencent Cloud's data security solutions, and access management implementation in Tencent Cloud. In this chapter, we'll cover three sections : Cloud security systems and standards, data security protection and Tencent Cloud and access control management in Tencent Cloud. This video will cover the first section, Cloud Security Systems and Standards. Subsequent videos will cover the remaining two sections. Let's get started with Section 1, Cloud Security Systems and Standards. In this video, we'll cover the basic principles of Cloud security, Cloud security standards, the security responsibility sharing model, and it Tencent Cloud's Security System. The basic Cloud security principles consist of security protection against attacks and security objectives. For security protection, the goal is to reduce the costs while reducing the surface and effect of attacks. For security objectives, the goal is to ensure integrity, confidentiality, and availability. The Cloud security standards include international certification standards such as CSA STAR, certification standards in mainland China and certification standards in other countries and regions. Many of the different certification standards are listed here for your reference. CSA 4.0 defines 13 fields in two categories and describes the challenges and measures for Cloud security from strategic and tactical perspectives. Governance domains include governance and enterprise risk management, legal issues, contracts and electronic discovery, compliance and audit management and information governance. Operation domains include management plane and business continuity, infrastructure security, virtualization and containers, incident response, application security, data security and encryption, Identity, entitlement and access management, security as a service and other related cloud technologies. Another international certification standard is ISO 27001:2013. The compliance requirements include security policy, information security organization, asset management, access control, cryptography, human resources security, physical and environmental security, operations security, communications security and information systems acquisition, development and maintenance. The Trusted Cloud service, TRUCS certification is currently the only authoritative certification system for Cloud services in mainland China. Sixteen metrics in three categories that cover 90 percent of the issues set out in the SLAs for the services promised by cloud service providers. Tencent Cloud has been awarded the TRUCS certification for multiple services and it was also one of the first providers to pass the trusted Cloud Gold Class Operations Special Assessment. The three evaluation categories are data security, service quality, and protection of rights and interests. The 16 specific metrics are listed here for reference. Focusing on compliance, the Architecture of Cybersecurity Classified Protection 2.0 consists of two parts, management and technology. The management requirements include policy and system security, organization and resource security, human resource security, construction management security, and maintenance management security. The technical requirements include physical environment security, communication network security, area boundary security, computing environment security, and security management center. Now let's look at the security responsibility sharing model. Cloud security protection requires customers and Cloud vendors to share the responsibility by taking effective measures for backup and protection. The following chart shows which security aspects of security belong to the customer, Tencent Cloud, or are shared among the two. Tencent Cloud's security system consists of basic security, security protection and security management. The basic security features that come with Tencent Cloud services are designed to meet customer security baseline. Security protection layers consist of server, network, data, application, and business. Security management services include security operation center, security situation awareness, business risk intelligence, security governance, and QAPIT.
