RESEARCH FEATURE
0018-9162/12/$31.00 © 2012 IEEE Published by the IEEE Computer Society JULY 2012 73
tion,
2
the use of a third-party auditor to verify the integrity
of data stored in the cloud,
3,4
and access control based on
data attributes and semantics.
5,6
Some trust management experts recommend applying
multiple security policies to authenticate users, manage
identities, and protect data from unauthorized users.
Amazon administrators, for example, log and routinely
audit any access to customers’ data or operating systems.
6
Each of these research efforts aims to develop a secu-
rity solution for a specific threat, yet such methods are
incompatible with cloud services, which sometimes have
vastly different security requirements. Some services in-
volve public information that needs only basic security.
Others, such as banking transactions, involve more sensi-
tive information. To date, no single security architecture
satisfies this requirements mix. As the “Why Not Protect
at the Highest Level?” sidebar describes, the one-level-
fits-all approach of traditional client-server architectures
wastes resources and makes service use unnecessarily
complex.
To fill the need for a more discerning security archi-
tecture, we are exploring a security-on-demand design
that applies security algorithms and protocols according to
three stages in the service data’s life cycle: in transmission,
C
loud computing makes it possible for content pro-
viders to quickly deploy and scale services and
benefit from low-cost, pay-by-use models, while
service users enjoy the flexibility that Internet-
based computing provides. Cloud services generally take
the form of software as a service (SaaS), platform as a ser-
vice (PaaS), or infrastructure as a service (IaaS). Successful
commercial solutions include Amazon’s EC2/S3, Google
Apps, and force.com.
However, the very flexibility and rapid provisioning
that cloud computing offers pose serious obstacles to any
security architecture.
1
Users find it difficult to fully trust
cloud-based services because cloud-based data storage and
protection methods are largely user transparent. There is
no way to know, for example, if the service providers have
properly deleted users’ purged data or if they are saving it
for their own reasons, such as passing on the user’s name
to third parties offering products related to the provided
service or extracting privacy information for malicious
use.
2
Current research on cloud security is still in the early
stages, and no universal model or set of techniques has
yet emerged. Methods include segregating user resources
during data processing to prevent widespread virus infec-
An architecture that differentiates security according to service-specific
characteristics avoids an unnecessary drain on IT resources by protect-
ing a variety of cloud computing services at just the right level.
Jianyong Chen, Yang Wang,
and Xiaomin Wang
Shenzhen University, China
On-Demand
Security
Architecture
for Cloud
Computing