Implementation of Cloud Services in a Business Environment
62
7.5
Virtual Security in the Cloud
Virtual security refers to the non-physical part of the cloud’s IT-infrastructure
covering for example applications, services, operating systems, databases, or tools.
Several best practices have been discovered, including Cloud Time Service, Identity
Management, Access Management, Break-Glass Procedures, Key Management, or
Auditing. Furthermore virtual security deals with topics related to encryption, data
protection, and Security-As-A-Service (Harauz, Kaufman, & Potter, 2009, pp. 61-
64) & (
Sitaram & Manjunath, 2011, p. 310).
7.5.1
Cloud Time Service
Cloud Time Service promotes the time synchronization of all operative systems in
the cloud. A correct time is not only necessary to enable interoperability between
different systems, but also for analysis of system logs (Sitaram & Manjunath, 2011,
p. 309). Commonly used is the Network Time Protocol (NTP), developed by David
L. Mills, which synchronizes the internal clocks of computers according to a time
reference. A further security option is to encrypt the reference source (Windl, Dalton,
Martinec, & Worley, 2006).
7.5.2
Identity Management
Identity Management’s task is to guarantee the three basic requirements of cloud
security: confidentiality, integrity, and availability. Identity Management should be
able to scale according to the usually number of users in the cloud system, it should
satisfy and comply with applicable legal and policy requirements, as well as it should
maintain historical records for further investigation (if requested). A special meaning
is attributed to Identity Management with regard to the identity lifecycle management
of users, because users’ roles and activities change over time (Sitaram &
Manjunath, 2011, pp. 309-310) & (Rickmann, Diefenbach, & Bruening, 2013, pp.
64-65).