5Cloud Security and Privacy Management
Patrick Kamongi
University of North Texas, Denton, TX, USA
5.1 Introduction and Background
Cloud computing technologies support delivery and consumption of computing resources and products as on‐demand services. At the core of a cloud ecosystem, we observe five key actors (cloud consumer, cloud provider, cloud carrier, cloud auditor, and cloud broker), as defined in the National Institute of Standards and Technology (NIST) “Cloud Computing Reference Architecture” (http://www.nist.gov/customcf/get_pdf.cfm?pub_id=909505) and shown in Figure 5.1.
From the view of cloud system actors, there is a one‐to‐many interaction between them, as illustrated in Figure 5.2. At the service layer (shown in Figure 5.1), we can think of various abstracted interactions between the cloud provider via the cloud carrier to the cloud consumer, and vice versa. These interactions may use different service models, notably Infrastructure‐as‐a‐Service (IaaS), Platform‐as‐a‐Service (PaaS), and Software‐as‐a‐Service (SaaS). When architecting and consuming on‐demand cloud services, it is important to keep in mind the potential for software failures that could compromise data confidentiality, integrity, or availability.
Get Security, Privacy, and Digital Forensics in the Cloud now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.