Cloud Computing Security

Cloud Computing Security

Sean Carlin, Kevin Curran
DOI: 10.4018/978-1-4666-2041-4.ch002
(Individual Chapters)
No Current Special Offers


In this paper, the authors focus on Cloud Computing, which is a distributed architecture that centralizes server resources on quite a scalable platform so as to provide on demand’ computing resources and services The authors outline what cloud computing is, the various cloud deployment models and the main security risks and issues that are currently present within the cloud computing industry.
Chapter Preview


Cloud computing is not a new technology but rather a new delivery model for information and services using existing technologies. It uses the internet infrastructure to allow communication between client side and server side services/applications (Weiss, 2007). Cloud service providers (CSP’s) offer cloud platforms for their customers to use and create their web services, much like internet service providers offer costumers high speed broadband to access the internet. CSPs and ISPs both offer services. The cloud provides a layer of abstraction between the computing resources and the low level architecture involved. The customers do not own the actual physical infrastructure but merely pay a subscription fee and the cloud service provider grants them access to the clouds resources and infrastructure. A key concept is that the customers can reduce expenditure on resources like software licenses, hardware and other services (e.g., email) as they can obtain all these things from one source, the cloud services provider. Recent studies have found that disciplined companies achieved on average an 18% reduction in their IT budget from cloud computing and a 16% reduction in data centre power costs (McFedries, 2008). This paper provides an overview of the key aspects of Cloud Computing.

Cloud Architecture

Cloud computing has five key attributes which grant it some advantages over similar technologies and these attributes include:

  • Multitenancy (shared resources): Unlike previous computing models, which assumed dedicated resources dedicated to a single user or owner, cloud computing is based on a business model in which resources are shared at the network, host and application level.

  • Massive scalability: Cloud computing provides the ability to scale to tens of thousands of systems, as well as the ability to massively scale bandwidth and storage space.

  • Elasticity: Users can rapidly increase and decrease their computing resources as needed, as well as release resources for other uses when they are no longer required.

  • Pay as you go: Users pay for only the resources they actually use and for only the time they require them.

  • Self-provisioning of resources: Users self-provision resources, such as additional systems (processing capability, software & storage) and network resources (Mather, Kumaraswamy, & Latif, 2009).

There is a buzz around cloud computing, as users of the cloud services only have to pay for what they use and the resources that they need to cope with demanding situations can be adjusted depending on the demand. This is recognized as the cloud delivery model (SPI – see Figure 1) which consists of three services known as Software-as-a-service (SaaS), Platform-as-a-service (PaaS) and Infrastructure-as-a-service (IaaS). Software-as-a-service allows the users to utilize various applications from the cloud rather than using applications on their own computer. The cloud service provider would usually provide some sort of software development environment to allow applications to be developed for use within the cloud. The application programming interface (API) which the users use to access and interact with the software allows the user to use the software without having to worry about how or where the data is being stored or how much disk space is available as the cloud service provider will manage this for them.

Figure 1.

Showing layers of the cloud delivery model


Platform-as-a-service operates at a lower level than the SaaS. It is responsible for the management of the storage space, bandwidth allocation and computing resources available for the applications. It retrieves the resources needed to run the software and dynamically scales up these resources when more is needed. This service holds a key attribute of the cloud mentioned above as self-provisioning of resources. Infrastructure-as-a-service dynamically scales bandwidth allocation and server resources for the cloud. This service allows the cloud to operate during high traffic/demanding situations as resources are dynamically increased as they are needed. The pay as you go attribute plays a large role in this service as the user is charged for how much bandwidth or server resources are needed.

Complete Chapter List

Search this Book: