LitArk » Books » Politics

Castro-Leon Enrique - Building the Infrastructure for Cloud Security a Solutions view

Here you can read online Castro-Leon Enrique - Building the Infrastructure for Cloud Security a Solutions view full text of the book (entire story) in english for free. Download pdf and epub, get meaning, cover and reviews about this ebook. City: Berkeley;CA, year: 2014, publisher: Apress, Imprint, genre: Politics. Description of the work, (preface) as well as reviews are available. Best literature library LitArk.com created for fans of good reading and offers a wide selection of genres:

Romance novel Science fiction Adventure Detective Science History Home and family Prose Art Politics Computer Non-fiction Religion Business Children Humor

Choose a favorite category and find really read worthwhile books. Enjoy immersion in the world of imagination, feel the emotions of the characters or learn something new for yourself, make an fascinating discovery.

Book:
Building the Infrastructure for Cloud Security a Solutions view
Author:
CastroLeon Enrique / Yeluri Raghu
Publisher:
Apress, Imprint
Genre:
Books / Politics
Year:
2014
City:
Berkeley;CA
Rating:
5 / 5
Favourites:
Add to favourites
Your mark:
- 100
- 1
- 2
- 3
- 4
- 5

Description
Author's other books
Similar books

Building the Infrastructure for Cloud Security a Solutions view: summary, description and annotation

We offer to read an annotation, description, summary or preface (depends on what the author of the book "Building the Infrastructure for Cloud Security a Solutions view" wrote himself). If you haven't found the necessary information about the book — write in the comments, we will try to find it.

Castro-Leon Enrique: author's other books

Who wrote Building the Infrastructure for Cloud Security a Solutions view? Find out the surname, the name of the author of the book and a list of all author's works by series.

Building the Infrastructure for Cloud Security a Solutions view — read online for free the complete book (whole text) full work

Below is the text of the book, divided by pages. System saving the place of the last page read, allows you to conveniently read the book "Building the Infrastructure for Cloud Security a Solutions view" online for free, without having to search again every time where you left off. Put a bookmark, and you can go to the page where you finished reading at any time.

Light

Font size:

↓

↑

Reset

Interval:

↓

↑

Bookmark:

Make

Raghu Yeluri and Enrique Castro-Leon Building the Infrastructure for Cloud Security A Solutions view 10.1007/978-1-4302-6146-9_1

Raghu Yeluri 2014

1. Cloud Computing Basics

Raghu Yeluri 1 and Enrique Castro-Leon

(1)

CA, US

Abstract

In this chapter we go through some basic concepts with the purpose of providing context for the discussions in the chapters that follow. Here, we review briefly the concept of the cloud as defined by the U.S. National Institute of Standards and Technology, and the familiar terms of IaaS, PaaS, and SaaS under the SPI model. What is not often discussed is that the rise of cloud computing comes from strong historical motivations and addresses shortcomings of predecessor technologies such as grid computing, the standard enterprise three-tier architecture, or even the mainframe architecture of many decades ago.

From a security perspective, the main subjects for this bookperimeter and endpoint protectionwere pivotal concepts in security strategies prior to the rise of cloud technology. Unfortunately these abstractions were inadequate to prevent recurrent exploits, such as leaks of customer credit card data, even before cloud technology became widespread in the industry. Well see in the next few pages that, unfortunately for this approach, along with the agility, scalability, and cost advantages of the cloud, the distributed nature of these third-party-provided services also introduced new risk factors. Within this scenario we would like to propose a more integrated approach to enterprise security, one that starts with server platforms in the data center and builds to the hypervisor operating system and applications that fall under the notion of trusted compute pools, covered in the chapters that follow.

Defining the Cloud

We will use the U.S. governments National Institute of Standards and Technology (NIST) cloud framework for purposes of our discussions in the following chapters. This provides a convenient, broadly understood frame of reference, without our attempts to treat it as a definitive definition or to exclude other perspectives. These definitions are stated somewhat tersely in The NIST Definition of Cloud Computing

The model consists of three main layers (see Figure ), laid out in a top-down fashion: global essential characteristics that apply to all clouds, the service models by which cloud services are delivered, and how the services are instantiated in the form of deployment models. There is a reason for this structure thats rooted in the historical evolution of computer and network architecture and in the application development and deployment models. Unfortunately most discussions of the cloud gloss over this aspect. We assume readers of this book are in a technology leadership role in their respective fields, and very likely are influential in the future direction of cloud security. Therefore, an understanding of the dynamics of technology evolution will be helpful for the readers in these strategic roles. For this purpose, the section that follows covers the historical context that led to the creation of the cloud.

Figure 1-1.

NIST cloud computing definition

The Clouds Essential Characteristics

The main motivation behind the pervasive adoption of cloud use today is economic. Cloud technology allows taking a very expensive asset, such as a $200 million data center, and delivering its capabilities to individual users for a few dollars per month, or even for free, in some business models. This feat is achieved through resource pooling , which is essentially treating an asset like a server as a fungible resource; a resource-intensive application might take a whole server, or even a cluster of servers, whereas the needs of users with lighter demands can be packed as hundreds or even thousands to a server.

This dynamic range in the mapping of applications to servers has been achieved through virtualization technology. Every intervening technology and the organizations needed to run them represent overhead. However, the gains in efficiency are so large that this inherent overhead is rarely in question. With applications running on bare-metal operating systems, it is not unusual to see load factors in the single digits. Cloud applications running on virtualized environments, however, typically run utilizations up to 60 to 80 percent, increasing the application yield of a server by several-fold.

Cloud applications are inherently distributed, and hence they are necessarily delivered over a network . The largest applications may involve millions of users, and the conveyance method is usually the Internet. An example is media delivery through Netflix, using infrastructure from Amazon Web Services. Similarly, cloud applications are expected to have automated interfaces for setup and administration. This usually means they are accessible on demand through a self-service interface. This is usually the case, for instance, with email accounts through Google Gmail or Microsoft Outlook.com .

With the self-service model, it is imperative to establish methods for measuring service . This measuring includes guarantees of service provider performance, measurement of services delivered for billing purposes, and very important from the perspective of our discussion, measurement of security along multiple vectors. The management information exchanged between a service provider and consumers is defined as service metadata . This information may be facilitated by auxiliary services or metaservices .

The service provider needs to maintain a service pool large enough to address the needs of the largest customer during peak demand. The expectation is that, with a large customer base, most local peaks and valleys will cancel out. In order to get the same quality of service (QoS), an IT organization would need to size the equipment for expected peak demand, leading to inefficient use of capital. Under some circumstances, large providers can smooth out even regional peaks and valleys by coordinating their geographically disperse data centers, a luxury that mid-size businesses might not be able to afford.

The expectation for cloud users, then, is that compute, network, and data resources in the cloud should be provided on short order. This property is known as elasticity . For instance, virtual machines should be available on demand in seconds, or no more than minutes, compared to the normal physical server procurement process that could take anywhere from weeks to years.

At this point, we have covered the what questionnamely, the essential characteristics of the cloud. The next section covers service models, which is essentially the how question.

The Cloud Service Models

The unit of delivery for cloud technology is a service . NIST defines three service models, affectionately known as the SPI model, for SaaS, PaaS, and IaaS, or, respectively, software, platform, and infrastructure services.

Light

Font size:

↓

↑

Reset

Interval:

↓

↑

Bookmark:

Make

Similar books «Building the Infrastructure for Cloud Security a Solutions view»

Look at similar books to Building the Infrastructure for Cloud Security a Solutions view. We have selected literature similar in name and meaning in the hope of providing readers with more options to find new, interesting, not yet read works.

Souvik Pal

Cloud Computing Solutions: Architecture, Data Storage, Implementation and Security

Mrs. Lavanya S

Building Cloud and Virtualization Infrastructure: A Hands-on Approach to Virtualization and Implementation of a Private Cloud Using Real-time Use-cases

Mansura Habiba

Hybrid Cloud Infrastructure and Operations Explained: Accelerate your application migration and modernization journey on the cloud with IBM and Red Hat

Sasha Kranjac

Microsoft Defender for Cloud Cookbook: Protect multicloud and hybrid cloud environments, manage compliance and strengthen security posture

Josh Armitage

Cloud Native Security Cookbook

Pushpa Herath

Azure Cloud Security for Absolute Beginners: Enabling Cloud Infrastructure Security with Multi-Level Security Options

Prasenjit Sarkar

Oracle Cloud Infrastructure for Solutions Architects: A practical guide to effectively designing enterprise-grade solutions with OCI services

Silvano Gai

Building a Future-Proof Cloud Infrastructure: A Unified Architecture for Network, Security and Storage Services

Reese

Cloud Application Architectures: Building Applications and Infrastructure in the Cloud

McKendrick

Learn Ansible automate cloud, security, and network infrastructure using Ansible 2.x

Mustafa Toroman

Mastering Azure Security: Safeguard your Azure workload with innovative cloud security measures

Haishi Bai

Exam Ref 70-535 Architecting Microsoft Azure Solutions

Reviews about «Building the Infrastructure for Cloud Security a Solutions view»

Discussion, reviews of the book Building the Infrastructure for Cloud Security a Solutions view and just readers' own opinions. Leave your comments, write what you think about the work, its meaning or the main characters. Specify what exactly you liked and what you didn't like, and why you think so.