CCC Batch Processing
Batch processing services enable users to execute large-scale, parallelizable computing tasks, such as data processing, analytics, and batch jobs. These services automatically allocate and manage compute to execute batch jobs efficiently and cost-effectively. Users can specify job requirements, dependencies, and scheduling preferences to optimize job execution.
Release Details
Version:
DEV
Assurance Level:
Release Manager:
DB
Development Build
Contributors
DT
Development Team
Change Log
- Development build - no formal changelog available
Capabilities
ID | Title | Description | Threat Mappings |
---|---|---|---|
CCC.BatchProc.F01 | Data Processing | Processing large volumes of data or time consuming operations in batches (groups) without requiring user interaction during execution. | 0 |
CCC.BatchProc.F02 | Job Scheduling | Allows workloads to be executed base on a schedules. | 0 |
CCC.BatchProc.F03 | Event Triggers | Allows workloads to be executed base on an event. | 0 |
CCC.BatchProc.F04 | Manual Triggers | Ability to trigger a job manually when needed. | 0 |
CCC.BatchProc.F05 | Dynamic Resource Allocation | Automatically provision computing resources based on job requirements at the start of execution and deallocate them once the job is completed. | 0 |
CCC.BatchProc.F06 | VPC Support | Ability to deploy compute resources in your VPC for network isolation. | 0 |
CCC.BatchProc.F07 | Job Definitions | Defines job configurations, including compute resources, environment variables, and execution parameters. | 0 |
CCC.BatchProc.F08 | Job Queues | Ability to organize jobs into queues with execution priorities. | 0 |
CCC.BatchProc.F09 | Job Dependencies | Ability to define dependencies between jobs to execute them in a specific order. | 0 |
CCC.BatchProc.F10 | Job Orchestration | Ability to coordinate and manage the execution of multiple jobs to ensure they run in order based on conditions to meet performance or business requirements. | 0 |
CCC.BatchProc.F11 | Multinode Parallel Jobs | Support for running HPC (High Performance Computing) workloads that span multiple computing instances. | 0 |
CCC.BatchProc.F12 | Array Jobs | Ability to run a single job across multiple data inputs or parameters concurrently. | 0 |
CCC.BatchProc.F13 | Container Support | Native support for containerized workloads using Docker containers. | 0 |
CCC.BatchProc.F14 | Retry Policy | Ability to configure retry logic for failed jobs. | 0 |
CCC.BatchProc.F15 | Integration with Data Sources and Sinks | Seamlessly integrates with various data sources (for reading inputs) and data sinks (for storing outputs) such as object storage, databases, data streams and data warehouses. | 0 |
CCC.BatchProc.F16 | List Jobs | Ability to list the jobs with their job status such as succeeded, failed, running, pending or submitted. | 0 |
CCC.BatchProc.F17 | Cancel Jobs | Ability to cancel jobs that are in submitted, pending or runnable states. | 0 |
CCC.BatchProc.F18 | Terminate Jobs | Ability to terminate jobs that are already running. | 0 |
CCC.Core.F01 | Encryption in Transit Enabled by Default | The service automatically encrypts all data using industry-standard cryptographic protocols prior to transmission via a network interface. | 0 |
CCC.Core.F02 | Encryption at Rest Enabled by Default | The service automatically encrypts all data using industry-standard cryptographic protocols prior to being written to a storage medium. | 0 |
CCC.Core.F04 | Transaction Rate Limits | The service can throttle, delay, or reject excess requests when transactions exceed a user-specified rate limit, and always provides industry-standard throughput up to that limit. | 1 |
CCC.Core.F06 | Access Control | The service automatically enforces user configurations to restrict or allow access to a specific component or a child resource based on factors such as user identities, roles, groups, or attributes. | 1 |
CCC.Core.F07 | Event Publication | The service automatically publishes a structured state-change record upon creation, deletion, or modification of data, configuration, components, or child resources. | 1 |
CCC.Core.F09 | Metrics Publication | The service automatically publishes structured, numeric, time-series data points related to the performance, availability, and health of the service or its child resources. | 1 |
CCC.Core.F10 | Log Publication | The service automatically publishes structured, verbose records of activities, operations, or events that occur within the service. | 1 |
CCC.Core.F14 | API Access | The service exposes a port enabling external actors to interact programmatically with the service and its resources using HTTP protocol methods such as GET, POST, PUT, and DELETE. | 0 |
CCC.Core.F19 | Resource Scaling | The service may be configured to scale child resources automatically or on-demand. | 1 |
Threats
ID | Title | Description | External Mappings | Capability Mappings | Control Mappings |
---|---|---|---|---|---|
CCC.Core.TH01 | Access is Granted to Unauthorized Users | Logic designed to give different permissions to different entities may be misconfigured or manipulated, allowing unauthorized entities to access restricted parts of the service, its data, or its child resources. This could result in a loss of data confidentiality or tolerance of unauthorized actions which impact the integrity and availability of resources and data. | 1 | 1 | 0 |
CCC.Core.TH02 | Data is Intercepted in Transit | Data transmitted by the service is susceptible to collection by any entity with access to any part of the transmission path. Packet observations can be used to support the planning of attacks by profiling origin points, destinations, and usage patterns. The data may also be vulnerable to interception or modification in transit if not properly encrypted, impacting the confidentiality or integrity of the transmitted data. | 1 | 1 | 0 |
CCC.Core.TH03 | Deployment Region Network is Untrusted | Systems are susceptible to unauthorized access or interception by actors with social or physical control over the network in which they are deployed. If the geopolitical status of the deployment network is untrusted, unstable, or insecure, this could result in a loss of confidentiality, integrity, or availability of the service and its data. | 1 | 1 | 0 |
CCC.Core.TH04 | Data is Replicated to Untrusted or External Locations | Systems are susceptible to unauthorized access or interception by actors with political or physical control over the network in which they are deployed. Confidentiality may be impacted if the data is replicated to a network where the geopolitical status is untrusted, unstable, or insecure. | 1 | 1 | 0 |
CCC.Core.TH05 | Interference with Replication Processes | Misconfigured or manipulated replication processes may lead to data being copied to unintended locations, delayed, modified, or not being copied at all. This could lead to compromised data confidentiality and integrity, potentially also affecting recovery processes and data availability. | 1 | 1 | 0 |
CCC.Core.TH06 | Data is Lost or Corrupted | Services that rely on accurate data are susceptible to disruption in the event of data loss or corruption. Any actions that lead to the unintended deletion, alteration, or limited access to data can impact the availability of the service and the system it is part of. | 1 | 1 | 0 |
CCC.Core.TH07 | Logs are Tampered With or Deleted | Tampering or deletion of service logs will reduce the system's ability to maintain an accurate record of events. Any actions that compromise the integrity of logs could disrupt system availability by disrupting monitoring, hindering forensic investigations, and reducing the accuracy of audit trails. | 1 | 1 | 0 |
CCC.Core.TH09 | Runtime Logs are Read by Unauthorized Entities | Unauthorized access to logs may expose valuable information about the system's configuration, operations, and security mechanisms. This could jeopardize system availability through the exposure of vulnerabilities and support the planning of attacks on the service, system, or network. If logs are not adequately sanitized, this may also directly impact the confidentiality of sensitive data. | 1 | 1 | 0 |
CCC.Core.TH11 | Publications are Incorrectly Triggered | Incorrectly triggered publications may disseminate inaccurate or misleading information, creating a data integrity risk. Such misinformation can cause unintended operations to be initiated, conceal legitimate issues, and disrupt the availability or reliability of systems and their data. | 1 | 1 | 0 |
CCC.Core.TH12 | Resource Constraints are Exhausted | Exceeding the resource constraints through excessive consumption, resource-intensive operations, or lowering of rate-limit thresholds can impact the availability of elements such as memory, CPU, or storage. This may disrupt availability of the service or child resources by denying the associated functionality to users. If the impacted system is not designed to expect such a failure, the effect could also cascade to other services and resources. | 1 | 1 | 0 |
CCC.Core.TH14 | Older Resource Versions are Used | Running older versions of child resources can expose the system to known vulnerabilities that have been addressed in more recent versions. If the version identifier is detected by an attacker, it may be possible to exploit these vulnerabilities to compromise the confidentiality, integrity, or availability of the system and its data. | 1 | 1 | 0 |