In its beginning, the Internet was much slower than it is today, requiring companies to host their own networks in order to interconnect their computer systems. As the Internet continues to evolve and become faster with each passing year, the ability has emerged for companies to cut costs by offloading their networks to companies who host these services over the Internet. This practice has widely come to be known as Cloud Computing. The benefits of such a service are many, but it does come with its own risks. Those who take advantage of such services are exposed to various attacks utilizing the Internet. These potential attacks include, but are not limited to, web browser attacks, Denial of Service (DoS) attacks, and Man-in-the-Middle attacks.
…show more content…
This model allows consumers to simply use the applications provided by their service provider. Dropbox and Google Drive are examples of SaaS. Security-wise, the SaaS provider bears the sole responsibility for security (Sommer et al. 18). The second model offered by providers is Platform-as-a-Service (PaaS). PaaS allows customers to build and run their own applications on the provider’s infrastructure so that they do not have to build and maintain their own infrastructure to host the application. An example of this would be Microsoft Azure. While the provider bears the most burden for security in PaaS, the user must also ensure that the applications they build are secure. The third and final model offered by providers is Infrastructure-as-a-Service (IaaS). IaaS allows consumers some control over the systems, as they are allowed control over operating systems, storage, and deployed applications, as well as some network components, such as host firewalls, in some deployments (Mell et al. 3). Examples of IaaS include Amazon EC2 and Rackspace. In this model, the consumer assumes a larger role in the security of the systems they utilize. Understanding the various models offered by cloud providers and the level of security the user assumes in each, it is now possible to explore the possible attack vectors against cloud computing
This model allows consumers to simply use the applications provided by their service provider. Dropbox and Google Drive are examples of SaaS. Security-wise, the SaaS provider bears the sole responsibility for security (Sommer et al. 18). The second model offered by providers is Platform-as-a-Service (PaaS). PaaS allows customers to build and run their own applications on the provider’s infrastructure so that they do not have to build and maintain their own infrastructure to host the application. An example of this would be Microsoft Azure. While the provider bears the most burden for security in PaaS, the user must also ensure that the applications they build are secure. The third and final model offered by providers is Infrastructure-as-a-Service (IaaS). IaaS allows consumers some control over the systems, as they are allowed control over operating systems, storage, and deployed applications, as well as some network components, such as host firewalls, in some deployments (Mell et al. 3). Examples of IaaS include Amazon EC2 and Rackspace. In this model, the consumer assumes a larger role in the security of the systems they utilize. Understanding the various models offered by cloud providers and the level of security the user assumes in each, it is now possible to explore the possible attack vectors against cloud computing