This model allows consumers to simply use the applications provided by their service provider. Dropbox and Google Drive are examples of SaaS. Security-wise, the SaaS provider bears the sole responsibility for security (Sommer et al. 18). The second model offered by providers is Platform-as-a-Service (PaaS). PaaS allows customers to build and run their own applications on the provider’s infrastructure so that they do not have to build and maintain their own infrastructure to host the application. An example of this would be Microsoft Azure. While the provider bears the most burden for security in PaaS, the user must also ensure that the applications they build are secure. The third and final model offered by providers is Infrastructure-as-a-Service (IaaS). IaaS allows consumers some control over the systems, as they are allowed control over operating systems, storage, and deployed applications, as well as some network components, such as host firewalls, in some deployments (Mell et al. 3). Examples of IaaS include Amazon EC2 and Rackspace. In this model, the consumer assumes a larger role in the security of the systems they utilize. Understanding the various models offered by cloud providers and the level of security the user assumes in each, it is now possible to explore the possible attack vectors against cloud computing
This model allows consumers to simply use the applications provided by their service provider. Dropbox and Google Drive are examples of SaaS. Security-wise, the SaaS provider bears the sole responsibility for security (Sommer et al. 18). The second model offered by providers is Platform-as-a-Service (PaaS). PaaS allows customers to build and run their own applications on the provider’s infrastructure so that they do not have to build and maintain their own infrastructure to host the application. An example of this would be Microsoft Azure. While the provider bears the most burden for security in PaaS, the user must also ensure that the applications they build are secure. The third and final model offered by providers is Infrastructure-as-a-Service (IaaS). IaaS allows consumers some control over the systems, as they are allowed control over operating systems, storage, and deployed applications, as well as some network components, such as host firewalls, in some deployments (Mell et al. 3). Examples of IaaS include Amazon EC2 and Rackspace. In this model, the consumer assumes a larger role in the security of the systems they utilize. Understanding the various models offered by cloud providers and the level of security the user assumes in each, it is now possible to explore the possible attack vectors against cloud computing