Information Technology Reference
In-Depth Information
3
Cloud Broker Architecture
We introduce a Cloud Broker architecture that enables building of security reputation
of individual service provider and sharing the same with its customers. The proposed
broker architecture is shown in Figure 1 that includes various components namely: i)
Cloud Service Provider Interface (CSPI)
ii)
Enterprise users Interface (EUI)
iii)
Monitors (M)
and iv)
Trust Engine (TE)
. The entities involved in the architecture are
Cloud Service Providers (CSP) and Enterprise Users (EU). The CSP and the EU
register with broker. The registration of the CSP at the broker includes the agreement
with the broker to share security related information with the broker and in turn the
broker has a non-disclosure agreement with the service provider.
Fig. 1.
Cloud Broker Architecture
3.1
Cloud Service Provider Interface (CSPI)
This interface enables the service provider to provide details of its security practices
and security measures in place, allowing advertising its security strengths. In our
experience, we find cloud service providers try to provide the following security
measures as a basic step towards securing their customers environment:
i)
Protecting
individual virtual environment
ii)
Filter traffic between each virtual instances
iii)
Hardening the hypervisor
iv) Protecting the network infrastructure
v) Protecting the
data stored at each individual virtual instance
vi) Policy enforcement for
authentication and access management to individual virtual instances
vii) Patch
management
3.2
Enterprise User Interface (EUI)
This interface allows the enterprise users to input their security requirements, select
most appropriate cloud service provider for their security needs, provide feedback on
