Seite 69 - Cloud Services and Big Data

Implementation of Cloud Services in a Business Environment
60
7.3
Cloud Security
A particular meaning is attached to security related issues in the cloud. The cloud
consists of a shared infrastructure, which can be customized to a company’s specific
needs. On a more holistic level, the cloud’s structure consists of a physical
infrastructure (including for example servers) and a virtual one (e.g. applications).
Hence the requirements for security in the cloud can also be divided into physical
security and virtual security. Basically cloud security should ensure integrity,
availability, and confidentiality for the ecosystem. Integrity refers to protection
against manipulation of the system (f.i. virus implanting, or corruption of data).
Availability, in terms of cloud security, refers to the ability of the infrastructure to
withstand a great amount of server requests, which includes both positive requests
from applications, as well as negative ones, like Denial of Service attacks.
Confidentiality is closely related to Integrity, as it should ensure, that there is no
unauthorized access to functions of the cloud infrastructure. Additionally security
objectives often also include the compliance with legal requirements. Limited
financial resources are a natural constraint for companies. Therefore the cost-
effectiveness of the implemented security measures should also be taken into
consideration. Ultimately the overall performance of the cloud system should not be
affected by cloud security mechanisms (Cloud Security Alliance, 2011, pp. 74-80) &
(
Sitaram & Manjunath, 2011, pp. 309-310).
7.4
Physical Security in the Cloud
Basically physical security means that the data center, which hosts the cloud
services, should be sufficiently secured against physical threats. These threats do
not only encompass attempts of illegal intrusion, but also protection against force
majeure like floods, as well as human failure such as unintended switching off the
air conditioning of the server storage room. Sitaram and Manjunath (2011, pp. 309-
310)
regard the presence of a multi-layered system as a key component for ensuring
physical security:
A dedicated staff responsible for monitoring and controlling