Published: November 6, 2011
Author(s)
Ramaswamy Chandramouli
Conference
Name: IADIS International Conference Applied Computing 2011
Dates: 11/06/2011 - 11/08/2011
Location: Rio de Janeiro, Brazil
Citation: pp. 527-530
With the increasing adoption of cloud computing service models – Infrastructure as a Service (IaaS), Platform as a Service (PaaS) and Software as a Service (SaaS), proper implementation of adequate and appropriate security protection measures has become a primary area of concern. In an enterprise computing architectural stack, the components in all layers are owned or controlled by a single entity – the enterprise. However, in cloud service environments, the control of the various layers is split between the cloud provider and the cloud subscriber based on the cloud service model. In this paper, we analyze the impact of this difference in control on the set of actual security protection measures that can be implemented in the various layers for different cloud service models. We also point out the value of access to lower layers for implementing protection measures for components at a higher layer.
With the increasing adoption of cloud computing service models – Infrastructure as a Service (IaaS), Platform as a Service (PaaS) and Software as a Service (SaaS), proper implementation of adequate and appropriate security protection measures has become a primary area of concern. In an enterprise...
See full abstract
With the increasing adoption of cloud computing service models – Infrastructure as a Service (IaaS), Platform as a Service (PaaS) and Software as a Service (SaaS), proper implementation of adequate and appropriate security protection measures has become a primary area of concern. In an enterprise computing architectural stack, the components in all layers are owned or controlled by a single entity – the enterprise. However, in cloud service environments, the control of the various layers is split between the cloud provider and the cloud subscriber based on the cloud service model. In this paper, we analyze the impact of this difference in control on the set of actual security protection measures that can be implemented in the various layers for different cloud service models. We also point out the value of access to lower layers for implementing protection measures for components at a higher layer.
Hide full abstract
Keywords
cloud provider; cloud service models; cloud subscriber; hypervisor; security protection; virtual machine
Control Families
None selected