Security Management of Infrastructure as A Service in Cloud Computing

Cloud Computing represents a new computing model that poses many demanding security issues at all levels, e.g., network, host, application, and data levels. The variety of the delivery models presents different security challenges depending on the model and consumers’ Quality of Service (QoS) requirements. Confidentiality, Integrity, Availability, Authenticity, and Privacy are essential concerns for both Cloud providers and consumers as well. Infrastructure as a Service (IaaS) serves as the foundation layer for the other delivery models, and a lack of security in this layer will certainly affect the other delivery models, i.e., PaaS, and SaaS that are built upon IaaS layer. This paper presents a study of IaaS components’ security and determines vulnerabilities and countermeasures. Finally, a Security Model for IaaS (SMI) was proposed to guide security assessment and enhancement in IaaS layer.