O'Reilly logo

Cloud Computing by James F. Ransome, John W. Rittinghouse

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

153
Chapter 6
Security in the Cloud
6.1
Chapter Overview
As discussed at the beginning of this book, cloud service providers are lever-
aging virtualization technologies combined with self-service capabilities for
computing resources via the Internet. In these service provider environ-
ments, virtual machines from multiple organizations have to be co-located
on the same physical server in order to maximize the efficiencies of virtual-
ization. Cloud service providers must learn from the managed service pro-
vider (MSP) model and ensure that their customers’ applications and data
are secure if they hope to retain their customer base and competitiveness.
Today, enterprises are looking toward cloud computing horizons to expand
their on-premises infrastructure, but most cannot afford the risk of compro-
mising the security of their applications and data. For example, IDC
recently conducted a survey
1
(see Figure 6.1) of 244 IT executives/CIOs
and their line-of-business (LOB) colleagues to gauge their opinions and
understand their companies’ use of IT cloud services. Security ranked first
as the greatest challenge or issue of cloud computing.
This chapter identifies current security concerns about cloud comput-
ing environments and describes the methodology for ensuring application
and data security and compliance integrity for those resources that are mov-
ing from on-premises to public cloud environments. More important, this
discussion focuses on why and how these resources should be protected in
the Software-as-a-Service (SaaS), Platform-as-a-Service (PaaS), and Infra-
structure-as-a-Service (IaaS) environments and offers security “best prac-
tices” for service providers and enterprises that are in or are contemplating
1. http://cloudsecurity.org/2008/10/14/biggest-cloud-challenge-security, retrieved 21 Feb
2009.
Chap6.fm Page 153 Friday, May 22, 2009 11:27 AM
154 Cloud Computing
moving into the cloud computing space. First, let’s review the concepts of
the three major cloud computing service provider models.
Software-as-a-Service
is a model of software deployment in which an
application is licensed for use as a service provided to customers on demand.
On-demand licensing and use relieves the customer of the burden of equip-
ping a device with every application to be used.
2
Gartner predicts that 30%
of new software will be delivered via the SaaS model by 2010.
Platform-as-a-Service
is an outgrowth of the SaaS application deliv-
ery model. With the PaaS model, all of the facilities required to support the
complete life cycle of building and delivering web applications and services
are available to developers, IT managers, and end users entirely from the
Internet, without software downloads or installation. PaaS is also some-
times known as “cloudware.” PaaS offerings include workflow facilities for
application design, application development, testing, deployment, and
hosting, as well as application services such as team collaboration, web ser-
vice integration and marshalling, database integration, security, scalability,
storage, persistence, state management, application versioning, application
Figure 6.1 Results of IDC survey ranking security challenges.
2. http://en.wikipedia.org/wiki/Software_as_a_service.
Chap6.fm Page 154 Friday, May 22, 2009 11:27 AM

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required