Számítási felhő biztonsági kérdései

Cloud Computing has become one of the most dynamically developing area of the IT in the recent years. The on-demand and elastic use and the network access of the information resources and services significantly decreased the costs, but the expectations against such IT security criteria, as the availability of the services or the confidentiality of their data. This is especially true, when the clouds are used in critical IT environments. In the course of our TAMOP research project “Security issues of Cloud Computing”, we disclose the security issues of the Infrastructure as a Service (IaaS) type clouds especially as far as the users are concerned. We work up information security service levels that include the virtual machines, networks, applications and storages. For a concrete cloud implementation, we develop such framework that automatically builds the security elements into the runtime system correspond to the security service level in question. In our paper, we describe the characteristics of cloud services, the architectural build up of the IaaS type clouds and the role of virtualization in the cloud implementations. We introduce the features of a widely used open source cloud implementation. Finally, we demonstrate the potential, how to use the security as a service (SECaaS), which will probably play an important role in our research project.