Cloud cartography definition
Cloud cartography refers to a method used to map the virtual infrastructure of cloud computing environments. This technique identifies how virtual machines (VMs) are distributed across a cloud provider's physical infrastructure. In other words, cloud cartography is like creating a map that shows where everything is located inside a cloud computing system.
However, the problem is that an attacker can analyze the network patterns and configurations and create a map of where everything is located inside a cloud. To counter the issue, cloud computing providers create maps of their cloud infrastructure themselves to identify vulnerabilities and optimize performance.
See also: port mapper, network database
How does cloud cartography work?
- 1.Data collection. To gather information, you can use various tools such as cloud service provider APIs, collect publicly available information, and analyze the network traffic and its configuration.
- 2.Resource and service mapping. First, you have to determine what types of resources, such as virtual machines or storage buckets, are being used and how. You need to identify which cloud services, such as CDNs and databases, are being used, too.
- 3.Physical and geographical mapping. Physical mapping starts with measuring network latency to make educated guesses about where the servers are located. Performance metrics can also help infer which physical servers host specific virtual machines.
- 4.Visualization and analysis. Specialized map tools can show the relationships between resources and their physical locations. What’s left is to use those maps to identify potential vulnerabilities, such as single points of failure.