With the increasing adoption of cloud computing service models - Infrastructure as a Service (IaaS), Platform as a Service (PaaS) and Software as a Service (SaaS), proper implementation of adequate and appropriate security protection measures has become a primary area of concern. In an enterprise computing architectural stack, the components in all layers are owned or controlled by a single entity - the enterprise. However, in cloud service environments, the control of the various layers is split between the cloud provider and the cloud subscriber based on the cloud service model. In this paper, we analyze the impact of this difference in control on the set of actual security protection measures that can be implemented in the various layers for different cloud service models. We also point out the value of access to lower layers for implementing protection measures for components at a higher layer.
Proceedings Title: IADIS International Conference Applied Computing 2011, November 6 - 8, 2011
Conference Dates: November 6-8, 2011
Conference Location: Rio De Janeiro, -1
Pub Type: Conferences
cloud provider, cloud service models, cloud subscriber, hypervisor, security protection, virtual machine