There are five major cloud actors: cloud consumer, cloud provider, cloud carrier, cloud auditor and cloud broker. Each actor is an entity (a person or an organization) that participates in a transaction or process and/or performs tasks in cloud computing.
- Cloud provider - The cloud provider is a person, an organization; it is the entity responsible for making a service available to interested parties through different cloud offerings. A cloud provider acquires and manages the computing infrastructure required for providing the service, runs the cloud software that provides the service, and makes arrangement to deliver the cloud services to the cloud consumers through network access. A cloud provider’s activities can be described in five major areas, i.e., service deployment, service orchestration, cloud service management, security, and privacy.
- Physical Layer - The Physical Resource Layer includes hardware computing resources such as computers (CPU and memory), networks (routers, firewalls, switches, network links and interfaces) and storage components (hard disks) and other physical computing infrastructure elements, as well as facility resources such as heating, ventilation, and air conditioning (HVAC), power, communications, and other aspects of the physical plant. This layer consists of physical storage and is under control of the cloud provider. It is often geographically distant from the consumer and the law enforcement. Forensic artifacts for the hardware layer include hard disks, network logs, router logs, etc. This layer also includes data center artifacts such as access records, facility logs, activity logs, interior and exterior camera footage, biometrics records, visitor records, organization chart and contact information, etc.
- Resource Abstraction and Control Layer - The Resource Abstraction and Control Layer contains the system components that Cloud Providers use to provide and manage access to the physical computing resources through software abstraction. Resource abstraction components typically include software elements such as hypervisors, virtual machines, virtual data storage, and other computing resource abstractions
- Service layer - The Service Layer is where Cloud Providers define interfaces for Cloud Consumers to access the computing services. Access interface of each of the three service models are provided in this layer. It is possible, though not necessary, that SaaS applications can be built on top of PaaS components and PaaS components can be built on top of IaaS components.
- Cloud service management
- Security
- Privacy
- Cloud consumer - The cloud consumer represents a person or organization that maintains a business relationship with, and uses the service from a cloud provider. A cloud consumer browses the service catalog from a cloud provider, requests the appropriate service, sets up service contracts with the cloud provider, and uses the service. The cloud consumer is the principle stakeholder for the cloud computing service.
i.
Saas
ii.
Paas
iii.
Iaas
i.
Business support
ii.
Provisioning /
configuration
iii.
Portability /
interoperability
As the principle
stakeholder for cloud computing service, the consumer is responsible to demand
visibility and control, be aware of its own risks from cloud migration, and
make sure that appropriate security controls are implemented. However,
guidelines on assessing forensic risks and concerns are still largely missing
for consumers.
- Cloud auditor - A cloud auditor is a party that can perform an independent examination of cloud service controls with the intent to express an opinion thereon. Audits are performed to verify conformance to standards through review of objective evidence. A cloud auditor can evaluate the services provided by a cloud provider in terms of security controls, privacy impact, performance, etc. The audit may involve interactions with both cloud consumer and cloud provider
- Security audit
- Privacy impact audit
- Performance audit
- Cloud broker - A cloud broker is an entity that manages the use, performance and delivery of cloud services and negotiates relationships between cloud providers and cloud consumers. As cloud computing evolves, the integration of cloud services can be too complex for cloud consumers to manage. As shown in Fig 2 below, a cloud consumer may request cloud services from a cloud broker, instead of contacting a cloud provider directly, and in this case the actual cloud providers are invisible to the cloud consumer and the cloud consumer interacts directly with the cloud broker. The cloud broker may create a new service by combining multiple services or by enhancing an existing service. In general, a cloud broker can provide services in service intermediation, service aggregation and service arbitrage.
- Cloud carrier - A cloud carrier acts as an intermediary that provides connectivity and transport of cloud services between cloud consumers and cloud providers. Cloud carriers provide access to consumers through network, telecommunication and other access devices. As shown in Fig 3 below, the cloud provider arranges for two unique Service Level Agreements (SLAs), one with a cloud carrier (e.g., SLA2) and one with a cloud consumer (e.g., SLA1). A cloud provider may request dedicated and encrypted connections to ensure the cloud services are consumed at a consistent level according to the contractual obligations with the cloud consumers. In this case, the provider may specify its requirements on capability, flexibility and functionality in SLA2 in order to provide essential requirements in SLA1.
Post a Comment