Foundations and Technological Landscape of Cloud Computing
Table 3
Cloud computing core technologies and associated vulnerabilities.
Layer
Functionality
Vulnerabilities
(1) Application
Provide services through web applications and web services.
(v1) Vulnerabilities of web services (v2) Vulnerabilities of client-side environments (v3) Vulnerabilities of authentication and authorization (v4) Vulnerabilities of encryption mechanisms and keys
(2) Platform
Provide programming interfaces and mediate communications between software and the underlining platform.
(v5) Vulnerabilities of a cloud platform (v6) Vulnerabilities of access to platform administrative and management interfaces
(3) Infrastructure
Provide computing and storage capabilities and connectivity to a global network.
(v7) Vulnerabilities of a virtual machine (v8) Vulnerabilities of virtual network communications (v9) Vulnerabilities of data sanitization (v10) Vulnerabilities of access to infrastructure administrative and management interfaces
(4) Unified resources
Three main features of hypervisors: operate multitenant virtual machine and application built up on it; provide isolation to multiple guest VMs; support administrative work to create, migrate, and terminate virtual machine instances.
(v11) Vulnerabilities of a virtualized hypervisors and its interfaces (v12) Vulnerabilities of multi-tenant environments (v13) Vulnerabilities of shared network components
(5) Fabric
Cloud physical infrastructure including servers, processors, storages, and network devices hosted in the data center.
