Multi layered security approach
Google also designs custom chips, including a hardware security chip called Titan that's currently being deployed on both servers and peripherals. Google server machines use cryptographic signatures to make sure they are booting the correct software. Google designs and builds its own data centers which incorporate multiple layers of physical security protections.Google's infrastructure provides cryptographic privacy and integrity for remote procedure called data-on-the-network, which is how Google services communicate with each other. The infrastructure automatically encrypts our PC traffic in transit between data centers. Google central identity service which usually manifests to end users as the Google log in page goes beyond asking for a simple username and password. It also intelligently challenges users for additional information based on risk factors such as whether they have logged in from the same device or a similar location in the past. Users can also use second factors when signing in, including devices based on the universal second factor U2F open standard.
Google services that want to make themselves available on the Internet register themselves with an infrastructure service called the Google front end(GFE), which checks incoming network connections for correct certificates and best practices. The GFE also additionally, applies protections against denial of service attacks. The scale of its infrastructure, enables Google to simply absorb many denial of service attacks, even behind the GFEs. Google also has multi-tier, multi-layer denial of service protections that further reduce the risk of any denial of service impact. Inside Google's infrastructure, machine intelligence and rules warn of possible incidents. Google conducts Red Team exercises simulated attacks to improve the effectiveness of it's responses.
The principle of Least Privilege says that each user should have only those privileges needed to do their jobs. In a least privilege environment, people are protected from an entire class of errors.
GCP customers use IAM(Identity and Access Management) to implement least privilege, and it makes everybody happier. There are four ways to interact with GCP's management layer:
- Web-based console
- SDK
- Command-line tools
- APIs
- Mobile app
GCP Resource Hierarchy
All the resources we use, whether they're virtual machines, cloud storage buckets, tables and big query or anything else in GCP are organized into projects. Optionally, these projects may be organized into folders. Folders can contain other folders. All the folders and projects used by our organization can be brought together under an organization node. Project folders and organization nodes are all places where the policies can be defined.All Google Cloud platform resources belong to a project. Projects are the basis for enabling and using GCP services like managing APIs, enabling billing and adding and removing collaborators and enabling other Google services. Each project is a separate compartment and each resource belongs to exactly one. Projects can have different owners and users, they're built separately and they're managed separately. Each GCP project has a name and a project ID that we assign. The project ID is a permanent unchangeable identifier and it has to be unique across GCP. We use project IDs in several contexts to tell GCP which project we want to work with. On the other hand, project names are for our convenience and we can assign them. GCP also assigns each of our projects a unique project number.
Folders let teams have the ability to delegate administrative rights, so they can work independently. The resources in a folder inherit IAM policies from the folder. Organisation node is the top of the resource hierarchy. There are some special roles associated with it.
Identity and Access Management(IAM)
IAM lets administrators authorize who can take action on specific resources. An IAM policy has:- A who part
- A can do
- What part
- An on which resource part
There are three kinds of roles in Cloud IAM. Primitive roles can be applied to a GCP project and they affect all resources in that project. These are the owner, editor, and viewer roles. A viewer can examine a given resource but not change it's state. If you're an editor, you can do everything a viewer can do, plus change its state. And owner can do everything an editor can do, plus manage rolls and permissions on the resource. The owner role can set up billing. Often, companies want someone to be able to control the billing for a project without the right to change the resources in the project. And that's why we can grant someone the billing administrator role.
IAM Roles
InstantAdmin Role lets whoever has that role perform a certain set of actions on virtual machines. The actions are listing compute engines, reading and changing their configurations, and starting and stopping them. We must manage permissions for custom roles. Some companies decide they'd rather stick with the predefined roles. Custom roles can only be used at the project or organization levels. They can't be used at the folder level. Service accounts are named with an email address. But instead of passwords, they use cryptographic keys to access resources.
Be that one you always wanted to be..