Welcome to this first paper in the Solution for Private Cloud Security
series. This paper discusses private cloud security from the architectural perspective and seeks to define the problem domain, key scenarios, and create a structured approach that you will use to create a private cloud
security design. At this level, this guidance is mostly technology-agnostic and organizations that are implementing a heterogeneous private cloud will also benefit from this guidance.
The overall focus of this paper is on private cloud security and the special considerations that these environments bring. Hence, this content is intended only to cover the differences between private cloud security and traditional
data center security rather than the entire security domain. The differences may reflect entirely new issues introduced by private cloud, or areas that require refocus due to private cloud security exigencies.
Many of the principles that this paper covers also apply to public cloud models. However, public cloud environments bring additional complexity in terms of overall control of the infrastructure and the contractual relationship
between the provider and the consumer. This paper also acknowledges that many organizations are also considering incorporating public and private cloud provisioning into a hybrid cloud environment; however, hybrid cloud implementations are not the primary
This document is part of a collection of documents that comprise the Reference Architecture
for Private Cloud
document set. The Solution for Private Cloud is a community collaboration project. Please feel free to edit this document to improve its quality . If you would like to be recognized for your work on improving this document,
please include your name and any contact information you wish to share at the bottom of this page
The aim of this paper is to provide an architectural blueprint for implementing effective security within a private cloud environment.
Implementing a private cloud environment requires IT departments to re-evaluate many aspects of how they interact with their organization. A recent trend has been for business units to circumvent IT departments and source services
direct from an external hosted provider (sometimes referred to a “credit card clouds”). Hence, IT departments are increasingly considering themselves as a separate business unit whose job is to provide reliable IT services to the organization.
This change in the relationship between IT department and host organization has often been hindered by the inability to account effectively for the cost of the services that the IT department provides. Private cloud computing
provides the ability to allocate costs in a fair and metered manner to the service user in proportion to the user’s demand for those services.
Private cloud implementations also affect the way in which IT departments need to view security. The chief change is that security can no longer be viewed as a discrete silo that contains traditional capabilities such as authentication,
authorization, auditing, and so on. Instead, security in cloud implementations (whether private, public or hybrid) must be considered as a wrapper around every element of the cloud environment. This security model shows that to approach any part of the cloud
environment, the consumer or provider must pass through the security wrapper. Additionally, all communication between layers in the cloud model (for example, between infrastructure and platform layers) must also pass through security controls. Security also
applies to intra-layer communications, for example between in-memory processes and associated storage.
In summary, security is a universal factor that applies to every element of cloud operations. Designers, implementers, and operators must consider security factors in every interaction for each physical or logical component of the cloud environment.
This requirement for pervasive security results from changing organizational perspectives around the delivery of IT services. Increasingly, IT departments are breaking out from the traditional firewalled datacenter approach and
having to act as one of many possible service providers that host the organization’s IT services. Business units no longer have to contract with the internal provider and often source these services from external providers, such as public cloud vendors and
internal IT departments must recognize this change.
The opportunity with the move to private or hybrid cloud architectures is that it gives you the chance to re-examine the provisioning of security within your datacenter. You can take a holistic view of the central importance
of security and ensure that you achieve this goal within your private cloud design.
The next section defines the new security threats from the cloud and identifies the private cloud security domains within the Cloud Security Alliance (CSA) model.
The Cloud Security Alliance (CSA) is an independent grouping consisting of over 120 corporate members. In the organization’s own words, they have “a broad remit to address all aspects of cloud security, including compliance,
global security-related legislation and regulation, identity management, and the challenge of monitoring and auditing security across a cloud-based IT supply chain. CSA is becoming the focal point for security standards globally, aligning multiple, disparate
government policies on cloud security and putting forward standards for ratification by international standards bodies.”
After this brief introduction to private cloud security, you are now ready to dive deeper into the security architectural issues and challenges. These will be covered in the following sections:
Defining the Private Cloud Security Problem Domain
Cloud Security Challenges
Private Cloud Reference Model Security Perspective
Private Cloud Security Model