Readings and Media
Please review the following for this week:
Vic (J.R.) Winkler, Securing the Cloud, Cloud Computer Security Techniques and Tactics, 2011, Chapter 2
NIST SP 800-145, The NIST Definition of Cloud Computing, September 2011. (http://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-145.pdf)
Types of Cloud Computing cont.
Week 2 DISCUSSION: Community Cloud (1 pages)
Write one page using this weeks reading material. APA Format and provide two references at a minimum.
What do you see as some of the advantages and disadvantages of a community cloud?
Students must provide one input and respond to at least one input from another student.
Week 2 ASSIGNMENT: Cloud Computing Architecture (2 pages)
APA Format and provide two references at a minimum.
Write one paragraph (for each answer) in a separate document that you can upload (e.g., Microsoft Word file). Precede each answer with the question and its corresponding number.
1. What is the NIST definition of Cloud Software as a Service (SaaS)?
2. According to the Cloud Security Alliance (see www.cloudsecurityalliance.org/guidance/csaguide.pdf), its important to continually be aware of the trade-offs between extensibility (openness) and security responsibility taken on by the provider within the three Cloud Service Delivery Models. Please rate the relative extensibility and amount of security responsibility taken on by the cloud provider for each the three Cloud Service Delivery Models.
3. Looking into some of the drivers of cloud computing, the commoditization of collocation facilities led to the development of application service providers (ASPs). ASPs provided software applications tailored to an organization, owning both the application and the infrastructure. The ASP model eventually evolved into cloud computing, which brought new delivery models, such as the SPI framework, with its SaaS, PaaS, and IaaS service models, and various deployment models, such as private, community, public, and hybrid cloud models. At first glance, the ASP delivery concept may appear to be exactly like the SaaS delivery model. After all, the application is not hosted on the customers premises, its development is probably outsourced, the application may not be owned by the customer, multiple clients may access the application, and the users most likely have to access the software through a cloud-like structure, perhaps the Internet. However, there are some important differences between the two concepts. Please discuss some of these differences.