Information Technology Reference
In-Depth Information
may result in software patches that need to be applied. The resourcing and
management of software patching is perhaps one of the motivators for con-
sidering cloud adoption, since anything relating to the services that are
provided will be managed by the cloud provider. SaaS is the best example of
fully delegating the responsibility to the provider; for IaaS, it only applies to
the infrastructure itself, not the systems or services that run on them.
However, one aspect that enterprises should consider is the way in which a
cloud provider manages the installation of patches, particularly those cloud
providers who originate from a history of being a data center. Traditionally,
images of the system would be created by the data center, which was a snap-
shot of a particular instance. This could then be deployed rapidly, without
having to build an installation from scratch every time. In the era of rapid
provisioning, this means that new images have to be created each time a
patch is installed, resulting in lots of images being created. As the cloud
computing industry matures, more and more cloud providers will reject this
practice and utilize automation to dynamically build instances on top of very
basic images. This ensures that the latest software updates are incorporated
into the instance but also permits extra instances to be dynamically provi-
sioned to enable service elasticity. Thus, software patches can be kept in one
repository (and therefore managed) and be called upon only when they are
required.
This is an important issue to consider for an enterprise. The IT depart-
ment does not want to be investing significant resources into protecting
instances, only to find that the instance is built upon an image with a known
vulnerability.
19.4 Cloud Security Concerns
The top security concerns of cloud users are as follows:
1.
Availability
: Cloud requirements for availability are concerned with
denying illegitimate access to computing resources and prevent-
ing external attacks such as denial-of-service attacks. Additional
issues to address include attempts by malicious entities to control,
destroy, or damage computing resources and deny legitimate access
to systems. While availability is being preserved, confidentiality
and integrity have to be maintained. Requirements for this category
should address how to ensure that computing resources are avail-
able to authorized users when needed.
2.
Authentication
: Cloud requirements for authentication specify the
means of authenticating a user when the user is requesting service
on a cloud resource and presenting his or her identity. The authenti-
cation must be performed in a secure manner. Strong authentication
Search WWH ::
Custom Search