Security of Cloud Computing

Security of Cloud Computing

Manel Medhioub, Manel Abdelkader, Mohamed Hamdi
DOI: 10.4018/978-1-4666-5888-2.ch142
(Individual Chapters)
No Current Special Offers

Chapter Preview



The Cloud Paradigm

The cloud computing paradigm introduced by the US National Institute for Standards and Technology (NIST) refers to the development and implementation of models for enabling ubiquitous, convenient, on-demand access to a shared set of configurable computing resources (e.g. networks, servers, storage, applications, and services) that can be rapidly provisioned and released with minimal management effort or service provider interaction. The Cloud Computing is based on five essential characteristics, three service models, and four deployment models.

The Cloud Computing is based on five essential characteristics which are:

  • On-Demand Self-Service: A consumer can unilaterally provision computing capabilities, such as server time and network storage, as needed automatically without requiring human interaction with each service provider.

  • Broad Network Access: Capabilities are available over the network and accessed through standard mechanisms that promote use by heterogeneous thin or thick client platforms (e.g., mobile phones, tablets, laptops, and workstations).

  • Resource Pooling: The provider's computing resources are pooled to serve multiple consumers using a multi-tenant model, with different physical and virtual resources dynamically assigned and reassigned according to consumer demand. Examples of resources include storage, processing, memory, and network bandwidth.

  • Rapid Elasticity: Consumers of cloud resources can flex their use of computer resources (process, storage, bandwidth, and memory) as needed (Winkler, 2011). Capabilities can be elastically provisioned and released to scale rapidly outward and inward commensurate with demand. To the consumer, the capabilities available for provisioning often appear to be unlimited and can be appropriated in any quantity at any time.

  • Measured Service: Cloud systems automatically control and optimize resource use by leveraging a metering capability at some level of abstraction appropriate to the type of service (e.g., storage, processing, bandwidth, and active user accounts). Resource usage can be monitored, controlled, and reported, providing transparency for both the provider and consumer of the utilized service.

Key Terms in this Chapter

Cloud Computing: A model for enabling convenient, on-demand net-work access, to a shared pool of resources that can be rapidly provisioned and released with minimal service provider interaction.

Software as a Service (SaaS): The delivery of applications as a service.

Risk: The net negative impact of the exercise of vulnerability.

Reliability: The capability to ensure constant operation of the system without disruption.

Vulnerability: A security weakness in a system that that could be exploited by an attacker to cause harm.

Infrastructure as a Service (IaaS): The delivery of computer infrastructure as a service.

Platform as a Service (PaaS): The delivery of a computing platform and solution as a service.

Complete Chapter List

Search this Book: