Designing a Secure Cloud Architecture: The SeCA Model

Designing a Secure Cloud Architecture: The SeCA Model

Thijs Baars (Utrecht University, The Netherlands) and Marco Spruit (Utrecht University, The Netherlands)
Copyright: © 2012 |Pages: 19
DOI: 10.4018/jisp.2012010102
OnDemand PDF Download:
$30.00
List Price: $37.50

Abstract

Security issues are paramount when considering adoption of any cloud technology. This article proposes the Secure Cloud Architecture (SeCA) model on the basis of data classifications which defines a properly secure cloud architecture by testing the cloud environment on eight attributes. The SeCA model is developed using a literature review and a Delphi study with seventeen experts, consisting of three rounds. The authors integrate the CI3A—an extension on the CIA-triad—to create a basic framework for testing the classification inputted. The data classification is then tested on regional, geo-spatial, delivery, deployment, governance and compliance, network, premise and encryption attributes. After this testing has been executed, a specification for a secure cloud architecture is outputted.
Article Preview

Introduction: In Search Of A Safe Delivery Model

The Cloud is called by some a paradigm-shift in computing (Voas & Zhang, 2009), by others it doesn’t even exist (Reuters, 2008). It is in this light that the presented research tries to formulate the complexities of cloud security. This new phenomena called the cloud does exist, however it is not a brand new technology. The cloud has always been here, under the name of “the internet”, and the idea of utilizing the internet as a storage and computing power provider isn’t new either. In 1993, Eric Schmidt, then CTO of Sun Microsystems, said in an email “When the network becomes as fast as the processor, the computer hollows out and spreads across the network” (Gilder, 2006). This “the network is the computer” concept is basically what the cloud is all about. Utilizing all the power that makes up the all-encompassing internet for better productivity and scalability. That being said, some still call it the new paradigm of computing. That is because the cloud is a new delivery model, or as Mulholland, Pyke, and Fingar state: “The big deal is that cloud computing is a disruptive delivery model. It’s an economic, not technological shift!” (Mulholland, Pyke, & Fingar, 2010, p. 24).

The National Institute for Standards and Technology (NIST[REMOVED REF FIELD]) defines cloud computing as: “a model for enabling convenient, on-demand network access to a shared pool of configurable computing resources (e.g., networks, servers, storage, applications, and services) that can be rapidly provisioned and released with minimal management effort or service provider interaction. This cloud model promotes availability and is composed of five essential characteristics, three service models, and four deployment models” (Mell & Grance, 2010, p. 1). The European Network and Information Security Agency (ENISA) defines the cloud similarly (Hogben & Catteddu, 2009), and these definitions will be used continuously in this paper when referring to the cloud (Figure 1).

Figure 1.

Key cloud computing characteristics

The definitions show that ASPs are more or less a part of the Cloud and that Software as a Service (SaaS) is actually a model within a cloud environment. Table 1 explains these characteristics of the cloud.

Table 1.
Cloud characteristics explained (adapted from Mell & Grance, 2010)
Cloud characteristicDescription
Abstracted resourcesUsing virtualisation, resources can be ‘created’ and scaled on the spot over one or more physical resources.
Instant scalability & flexibilityThe ability to add or remove virtual resources with the click on a button.
Near instantaneous provisioningThe ability to supply resources, services and such nearly instantaneous.
Shared resourcesMultiple tenants can share resources.
Service on demandGet the services needed on demand, and pay only for what you use (pay per hour basis, pay per use, etc.).
Programmatic managementAPIs provide interfaces to manage the cloud environment, e.g., via web interfaces.

Complete Article List

Search this Journal:
Reset
Open Access Articles: Forthcoming
Volume 12: 4 Issues (2018): 1 Released, 3 Forthcoming
Volume 11: 4 Issues (2017)
Volume 10: 4 Issues (2016)
Volume 9: 4 Issues (2015)
Volume 8: 4 Issues (2014)
Volume 7: 4 Issues (2013)
Volume 6: 4 Issues (2012)
Volume 5: 4 Issues (2011)
Volume 4: 4 Issues (2010)
Volume 3: 4 Issues (2009)
Volume 2: 4 Issues (2008)
Volume 1: 4 Issues (2007)
View Complete Journal Contents Listing