410 KB | 3 files | PDF
The purpose of this paper is to analyze IaaS protection options from the viewpoint of security functionality and the architecture that governs their deployment.
Infrastructure as a service (IaaS) is one of the three main cloud service types where the cloud consumer consumes a great variety of resources such as computing (virtual machines or VMs), virtual network, storage and utility programs (DBMS). Any large-scale offering of this service is feasible only through a virtualized infrastructure at the service provider.
At the minimum, this infrastructure is made up of resources such as virtualized hosts together with associated virtual network and hardware/software for data storage An IaaS’s consumer's total set of interactions with these resources constitute the set of use cases for IaaS cloud service. These use cases have associated security requirements and these requirements are met by protection options enabled by available security solutions/technologies.
The purpose of this paper is to analyze these protection options from the viewpoint of: (a) security functionality they can provide and (b) the architecture that governs their deployment, so that IaaS consumers can decide on the most appropriate security configuration for their VM instances depending upon the profile of the applications running in them.
The attached zip file includes:
This checklist will help make sure you ask the important questions that will affect your colocation services and your eventual purchase decisions. ... More >>
The guidelines in this document include requirements on servers to mitigate the execution of malicious or corrupt BIOS code. ... More >>
This excerpt from chapter 2 deals with contracting for maintenance for both hardware and software purposes in the initial negotiation. ... More >>