Monitoring and Auditing in the Cloud

Monitoring and Auditing in the Cloud

Indira K., Vennila A
Copyright: © 2018 |Pages: 33
DOI: 10.4018/978-1-5225-3038-1.ch013
(Individual Chapters)
No Current Special Offers


The cloud computing is the term which have different services such as storage, servers, and applications which are delivered to an organization's computers and devices through the Internet for both technical and economical reasons. However they are many potential cloud users are reluctant to move to cloud computing on a large scale due to the unaddressed security issues present in cloud computing and so is increased the complexity of the infrastructures behind these services. So in this chapter, the challenges faced on both auditing and monitoring is identified. Accordingly it considers an investigation which uses to produce the major security audit issues present in cloud computing today based on a framework for security subsystems. To overcome the standards of auditing and process of auditing is briefly explained. There are also many platforms that provide cloud services also those domains are listed out with domain based monitoring process.
Chapter Preview


Cloud Computing has rapidly become a widely adopted paradigm for delivering services over the Internet. Many thought that once the National Institute of Standards and Technology (NIST) came up with a formal definition for cloud computing. The NIST cloud definition has three main components that consists of five key cloud characteristics: On demand self services, Rapid elasticity, Broad network access, Resource pooling and Measured Services. There are four cloud deployment models: Public Cloud, Private cloud, Hybrid Cloud and Community cloud. Finally three cloud service models incorporated: Software as a Service, Platform as a service and Infrastructure as a service. The entire cloud model is shown in Figure 1.

Figure 1.

Cloud model


Infrastructure as a Service

Infrastructure as a Service (IaaS) providers allow their customers access to different kinds of infrastructure. The provider typically provides this service by dividing a very large physical infrastructure resource into smaller virtual resources for access by the consumer. Sometimes the service provided is a complete virtual machine with an operating system. In other instances the service provided is simply for storage, or perhaps a bare virtual machine with no operating system. In cases where the operating system or other software is included, the cost of the required license is either amalgamated into the cost for the service, or included as an additional surcharge. IaaS providers are often service providers to other cloud providers (see Integrator).

Platform as a Service

Platform as a Service (PaaS) providers extend the software stack provided by IaaS to include middleware. Middleware generically refers to software such as a DB2 database, or runtime environments such as a Java Runtime Environment (JRE) or a Websphere application server. This middleware is a prerequisite to running more sophisticated applications, and provides a rich operating environment for the application to exploit. PaaS providers have two methods in which they facilitate the extra capacity needed for a large multitenant system.

Software as a Service

Application as a Service, or Software as a Service (SaaS) providers as they are more commonly known, typically provide a rich web-based interface to their customers. The customer, in most cases, is completely abstracted from the nuances of the application running behind the scenes. Tenant separation is often done at the application layer, leaving a common application, platform, and infrastructure layer underneath.

Roles in Cloud Computing

The cloud-computing paradigm defines three key roles. These roles each have different responsibilities and expectations relative to one another. Any party might have multiple roles depending on the context. See Figure 2.


Simply defined, a consumer consumes any service that is provided. In Exhibit 1.3, the SaaS provider exposes a SaaS to the SaaS consumer. The consumer is permitted access to this service for a fee of some sort, though in many instances this fee is augmented or replaced through advertising revenue. The consumer has no responsibility, nor access beyond the SaaS provided to them.


The providers in this case are both the PaaS provider and the SaaS provider. The PaaS provider provides a PaaS to the SaaS provider. The SaaS provider in turn provides an SaaS to the consumer. Ultimately, the provider is anyone who provides a service to one or more consumers.


The integrator role is sometimes referred to as a broker. The integrator essentially assembles the services of many providers under a new service.

Figure 2.

Roles on cloud infrastructure


Complete Chapter List

Search this Book: