2.1 Introduction

Cloud infrastructure consists of servers, storage, network, management and deployment software, and platform virtualization. Therefore, cloud infrastructure security is the most important part of cloud security, and any attacks to the cloud infrastructure will cause a large amount of service disruption. On the other hand, virtualization is an important underlying technology in cloud infrastructures that provides dynamic resource allocation and service provisioning, especially in Infrastructure‐as‐a‐Service (IaaS). With this technology, multiple operating systems (OSs) can co‐reside on the same physical machine without interfering with each other (Xiao and Xiao 2013). However, virtualization is the source of a significant security concern in cloud infrastructure. Because multiple VMs run on the same server, and because the virtualization layer plays a considerable role in the operation of a VM, a malicious party has the opportunity to attack the virtualization layer. A successful attack would give the malicious party control over the all‐powerful virtualization layer, potentially compromising the confidentiality and integrity of the software and data of any VM (Keller et al. 2010).

Although infrastructure security is more relevant to customers of IaaS, similar consideration should be given to providers' Platform‐as‐a‐Service (PaaS) and ...