By Ramaswamy Chandramouli and Peter Mell
Cloud computing is a model for enabling convenient, on-demand network access to a shared pool of configurable computing resources that can be rapidly provisioned and released with minimal management effort or service provider interaction. With this pay-as-you-go model
of computing, cloud solutions are seen as having the potential to both dramatically reduce costs and
increase the rapidity of development of applications.
However, the security readiness of cloud computing is commonly
cited among IT executives as the primary barrier preventing organizations from immediately leveraging this new technology. These problems are real and arise from the nature of cloud computing: broad
network access, resource pooling, and on-demand service.
In this article, we survey some of these challenges and the set of
security requirements that may be demanded in the context of various
cloud service offerings (noted in the article as No. 1, No. 2, and so on).
The security challenges and requirements we survey not only involve
core security operations, such as encryption of data at rest and in transit, but also contingency-related operations, such as failover measures.
The survey touches upon the various artifacts or entities involved
in IT services, such as the users, data, applications, computing plat-
forms and hardware. We call the enterprise or government agency
subscribing to the cloud services as the “cloud user” and the entity
hosting the cloud services as the “cloud provider.”
To further refine the definition of cloud computing presented
above, we classify cloud computing service offerings into three serv-
ice models.
Service Models
Software as a service (SaaS). The capability provided to the consumer
is the use of a provider’s applications running on a cloud infrastructure. The applications are accessible from various client devices
through a thin client interface such as a web browser. The consumer
does not manage or control the underlying cloud infrastructure,
including network, servers, operating systems, storage, or even individual application capabilities, with the possible exception of limited
user-specific application configuration settings. Examples of this
include the case of a cloud provider offering a software application
used for a specific business function, such as customer relationship
management or human resources management, on a subscription or
usage basis rather than the familiar purchase or licensing basis.
Platform as a service (PaaS). The capability provided to the consumer is the deployment of consumer-created or acquired applications onto the cloud infrastructure. These applications are created
using programming languages and tools supported by the provider.
The consumer does not manage or control the underlying cloud infrastructure including network, servers, operating systems, or storage,
but has control over the deployed applications and possibly application hosting environment configurations. Examples of this include the
case of a cloud provider providing a set of tools for developing and
deploying applications using various languages (for example, C, C++,
Java) under a whole application framework (JEE, .NET, and so forth).
Infrastructure as a service (IaaS). The capability provided to the
consumer is provision processing, storage, networks, and other fundamental computing resources where the consumer is able to deploy
and run arbitrary software, which can include operating systems and
applications. The consumer does not manage or control the underlying cloud infrastructure but has control over operating systems, storage, deployed applications, and possibly limited control of select
networking components (for example, host firewalls). Examples of this
include the case of a cloud provider providing physical and virtual
hardware (servers, storage volumes) for hosting and linking all enterprise applications and storing all enterprise data—in other words, the
infrastructure backbone for an enterprise’s data center.
Survey of Security Challenges
In reviewing the security challenges and requirements of cloud computing, we will look first at the necessary interactions between the cloud
users, the users’ software clients, and the cloud infrastructure or services.
The Users
When an enterprise subscribes to a cloud service, it may have a diverse
user base consisting of not only its own employees but also its partners, suppliers, and contractors. In this scenario, the enterprise may
need an effective identity and access management function and therefore require the following security requirements:
• support for a federation protocol for authentication of users (No. 1)
and
• support for a standardized interface to enable the cloud user (or the
cloud user’s system administrator) to provision and de-provision
members of their user base (No. 2).
Many commercial cloud services are now beginning to provide
support for the security assertion markup language (SAML) federation protocol (which contains authentication credentials in the form
of SAML assertions) in addition to their own proprietary authentication protocol, and hence we do not see a big obstacle in meeting the
first of the above requirements.
As far as the user provisioning and de-provisioning requirement is
concerned, many of the cloud providers still use their own proprietary
interfaces for user management. There exist common, machine-neu-tral formats or XML vocabularies for expressing user entitlements or
access policies, such as the extensible access control markup language
(XACML), and for user provisioning and de-provisioning with capabilities such as the service provision markup language (SPML). Until
Crossroads
www.acm.org/crossroads
Spring 2010/ Vol. 16, No. 3
