Article Preview
TopIntroduction: In Search Of A Safe Delivery Model
The Cloud is called by some a paradigm-shift in computing (Voas & Zhang, 2009), by others it doesn’t even exist (Reuters, 2008). It is in this light that the presented research tries to formulate the complexities of cloud security. This new phenomena called the cloud does exist, however it is not a brand new technology. The cloud has always been here, under the name of “the internet”, and the idea of utilizing the internet as a storage and computing power provider isn’t new either. In 1993, Eric Schmidt, then CTO of Sun Microsystems, said in an email “When the network becomes as fast as the processor, the computer hollows out and spreads across the network” (Gilder, 2006). This “the network is the computer” concept is basically what the cloud is all about. Utilizing all the power that makes up the all-encompassing internet for better productivity and scalability. That being said, some still call it the new paradigm of computing. That is because the cloud is a new delivery model, or as Mulholland, Pyke, and Fingar state: “The big deal is that cloud computing is a disruptive delivery model. It’s an economic, not technological shift!” (Mulholland, Pyke, & Fingar, 2010, p. 24).
The National Institute for Standards and Technology (NIST[REMOVED REF FIELD]) defines cloud computing as: “a model for enabling convenient, on-demand network access to a shared pool of configurable computing resources (e.g., networks, servers, storage, applications, and services) that can be rapidly provisioned and released with minimal management effort or service provider interaction. This cloud model promotes availability and is composed of five essential characteristics, three service models, and four deployment models” (Mell & Grance, 2010, p. 1). The European Network and Information Security Agency (ENISA) defines the cloud similarly (Hogben & Catteddu, 2009), and these definitions will be used continuously in this paper when referring to the cloud (Figure 1).
Figure 1. Key cloud computing characteristics
The definitions show that ASPs are more or less a part of the Cloud and that Software as a Service (SaaS) is actually a model within a cloud environment. Table 1 explains these characteristics of the cloud.
Table 1. Cloud characteristics explained (adapted from Mell & Grance, 2010)
Cloud characteristic | Description |
Abstracted resources | Using virtualisation, resources can be ‘created’ and scaled on the spot over one or more physical resources. |
Instant scalability & flexibility | The ability to add or remove virtual resources with the click on a button. |
Near instantaneous provisioning | The ability to supply resources, services and such nearly instantaneous. |
Shared resources | Multiple tenants can share resources. |
Service on demand | Get the services needed on demand, and pay only for what you use (pay per hour basis, pay per use, etc.). |
Programmatic management | APIs provide interfaces to manage the cloud environment, e.g., via web interfaces. |