This Article 
 Bibliographic References 
 Add to: 
Don't Trust. And Verify: A Security Architecture Stack for the Cloud
September/October 2010 (vol. 8 no. 5)
pp. 83-86
Gunnar Peterson, Arctec Group
Cloud computing requires a new security model. One promising model employs technology "patterns": gateways, monitoring, security token services, and policy enforcement points. These patterns help promote a healthy "distrust and verify" approach to cloud security.

1. "What Is Cloud Computing?" video, Joyent, 2008;
2. C. Hoff, "Incomplete Thought—Cloudanatomy: Infrastructure, Metastructure & Infostructure," blog, 19 June 2009; .
3. M. Ranum, "What Is 'Deep Inspection'?"; editorialsdeepinspect.
4. W. Gross, "Don't Care," Pacific Investment Management Company, Mar. 2010; .

Index Terms:
cloud computing, cloud security, software as a service, platform as a service, infrastructure as a service, infostructure, metastructure, security token services, policy enforcement points, policy decision points, security and privacy
Gunnar Peterson, "Don't Trust. And Verify: A Security Architecture Stack for the Cloud," IEEE Security & Privacy, vol. 8, no. 5, pp. 83-86, Sept.-Oct. 2010, doi:10.1109/MSP.2010.149
Usage of this product signifies your acceptance of the Terms of Use.