Paradigm shift towards cloud computing offers plethora of advantages both for cloud users and Cloud Service Provider (CSP). For cloud users, it offers saving of cost, scaling of resources, pay per use, elastic and on-demand services. On the other hand, it offers centralized resource management and provisioning of operations, safety and security for CSP. By holding multiple virtual IT resources (CPUs, storage servers, network components and software) over the internet, Infrastructure-as-a-Service (IaaS) serves as fundamental layer for all other delivery models. Along with benefits of IaaS, there exists several security and privacy issues and threats to confidentiality, integrity, authentication, access control and availability. In this paper, detailed study of IaaS components, associated security and privacy issues are explored and counter measures for the same are determined. Furthermore, as a result of the study, Model for IaaS Security and Privacy (MISP) is proposed. The model presents a cubical structure and adds more features than the existing models to enhance the security and privacy of data and operations and guide security assessment for safer adoption by enterprises.
IOS Press, Inc.
6751 Tepper Drive
Clifton, VA 20124
Tel.: +1 703 830 6300
Fax: +1 703 830 2300 firstname.lastname@example.org
(Corporate matters and books only) IOS Press c/o Accucoms US, Inc.
For North America Sales and Customer Service
West Point Commons
Lansdale PA 19446
Tel.: +1 866 855 8967
Fax: +1 215 660 5042 email@example.com