Deep Dive on Popular Security Models and Strategies of Cloud Computing

Abstract

Cloud computing has been an ever inspiring paradigm transforming people’s lifestyles and working patterns in recent decades. Due to its dynamic provisioning of IT capabilities, cloud computing emerges as a horizon by serving critical applications. But the unavailability of security standards and models makes cloud computing security more puzzling during the transfer of sensitive information across the cloud. Various models such as the multi-tenancy model, risk accumulation model, cloud cube model, and mapping model are some of the existing security approaches of cloud computing. The multi-tenancy model offers multiple applications running on the cloud, in which virtualization isolates viruses, intrusions, and tampered information. Likewise, the risk accumulation model mitigates the inheritance of security risks from SaaS, PaaS to IaaS by satisfying SLA demands, data protection, and compliance. Cloud cube model facilitates figuration description of security attribute, which consists of four model parameters. Each parameter provides security protection at its corresponding levels encompassing interoperability, data protection, and security boundaries. More significantly, the mapping model includes compliance checks, security controls, and ontologies. Although the security models present a lateral view of cloud data protection, some security issues still need to be addressed. Several cloud security strategies are constructed for mitigating the security risks during the migration of businesses to the cloud ecosystem. For instance, secured access of physical and software entities, assessing virtualization security risks, controlling through outsourcing risks, and interoperability are some of the security strategies at the deployment level. Likewise, some of the operational procedures are providing assurance to the business flow, giving alerts proactively, preventing data leakage, notifying security incidents and response, and auditing the security incidents. Some of the security strategies include protecting the data from overspending or misspending on security controls. During security analytics, advanced automation through artificial intelligence techniques has increasingly been receiving attention in recent decades. Typically, authentication through verification and validation can perform security controls over constrained environments. Blockchain models combined with cloud security provide advanced reliability and scalability. Besides, strong security models and strategies need addressing to combat potential hackers. This chapter aims to enlighten some of the novel security models and approaches in cloud computing.