PRIVATE VIRTUAL INFRASTRUCTURE
Cloud computing describes a new supplement, consumption and delivery model of IT services based on Internet and it typically evolves over the Internet provision of dynamically scalable and often virtualized resources. Cloud Computing places organization's sensitive data in control to third party which introduces a significant level of risk on the privacy and security of sensitive data of organization. The main responsibility of Private Virtual Infrastructure (PVI) is to share the security of cloud computing between the service provider and client and elimination of risk exposure between the two.
Cloud computing is a Web-Based processing, whereby shared resources, software and information are provided to computers and other devices such as Smartphone's over the Internet. Cloud computing has the ability to provide computing resources dynamically and corporate sector can change their Information Technology strategy fundamentally. As the technology evolves, Cloud computing brings up a new way to do business but also bring some new challenges, especially when considering the security and privacy of the information stored in the cloud computing servers. Cloud computing utilizes massively scalable computer resources and delivered them as a service using Internet as a Backbone. Cloud computing facilitates computational resources to be shared among vast number of consumers which curtails costs in ownership of Information Technology. The IaaS Model (Infrastructure as a Service) model of Cloud Computing provides on-demand online computing infrastructure which not only cut's down costs but makes all of the facilities required for a datacenter application available over the Internet which clients can purchase as an outsourced service. Nowadays almost all the companies are adopting Cloud Computing Services which not only improves the scalability but also make the companies have global reach of clients. Cloud Computing requires a new model for handling the security. PVI enables the client to build a virtual infrastructure that meets these requirements. Private Virtual Infrastructure
Private Virtual Infrastructure (PVI) meets the goals of a shared security posture where all resources necessary for the Virtual Datacenter are securely isolated from greater cloud. Nayyar (2011),pointed out that it provides secure provisioning of commodity Internet Resources which isolates the client datacenter to operate in its own virtual domain. This Virtual datacenter is under the full control of information owner whereas the fabric is under the direct control of the Service Provider. Both the parties agree to share security information between themselves and other parties in the cloud to achieve situational awareness of the security postures at all the times. To verify the Cloud Server Security, each service in the cloud needs to report security properties present and report must be verified. These properties must be cryptographically bound and signed such that anyone wishing to verify the properties has proper authorizations and permission to do so. Trusted Computing techniques are chosen to verify these settings and report the configuration of the fabric in PVI. Added Requirements for PVI are communications to and within PVI should be done via VPN (Virtual Private Networking) and via proper encryption with IPSec or SSL Tunnels which provides confidentiality on the networks and prevents eavesdropping and spoofing in PVI.
Cloud Computing Security
According to Krautheim (2011), Cloud Computing security requires total awareness of the threats to Network, Infrastructure and Information. The biggest security weakness and advantage to Cloud Computing Services is: Abstraction. Abstraction allows the cloud to be pervasive and removes knowledge of the underlying fabric of processors, storage and networking; however without knowledge of the underlying fabric, information owners...
References: 1. Krautheim, J.F.,(2010).”Private Virtual Infrastructure for Cloud Computing”, International Journal of Computer Science and Information Security , 8, 5, pp.1-5.
2. Nakayama, H., A.Jamalipour and N.Kato,(2010).”Network Based Traitor Tracing Technique using Traffic Pattern”, IEEE Transactions on Information Forensics and Security, 5, 2, pp.300-312.
3. Nayyar, A.,(2011).”Private Virtual Infrastructure Model for Cloud Computing”, International Journal of Software Engineering Research & Practices, 1, 1, pp.10-14.
4. Peng, B., B.Cui and X.Li,(2009).”Implementation Issues of a Cloud Computing Platform”, IEEE Transactions on Data Engineering, 12, 8, pp.1-8.
Please join StudyMode to read the full document