This Article 
 Bibliographic References 
 Add to: 
Monitoring Cloud Computing by Layer, Part 2
May/June 2011 (vol. 9 no. 3)
pp. 52-55
Jonathan Spring, Software Engineering Institute
This article presents a set of recommended restrictions and audits to facilitate cloud security. Monitoring cloud computing is complex; although outsourcing the decision might appear to simplify the problem, it might raise as many questions as it answers. By analyzing what the cloud provider and the customer are each responsible for at each cloud layer, it becomes easier to manage auditing and security monitoring.

1. A. Ranabahu and E.M. Maximilien, "A Best Practice Model for Cloud Middleware Systems," Proc. Best Practices in Cloud Computing: Designing for the Cloud Workshop, ACM Press, 2009, pp. 41–51; cloud-oopsla-09.pdf.
2. S.N. Foley et al., "A Framework for Heterogeneous Middleware Security," Proc. 18th Int'l Parallel and Distributed Processing Symp. (IPDPS 04), Workshop 1, IEEE CS Press, 2004.
3. W. Dorman, "CERT Basic Fuzzing Framework," blog, 26 May 2010; .
4. "Zzuf—Multi-purpose Fuzzer," CaCa Labs, 2011;
5. E.M. Maximilien et al., "IBM Altocumulus: A Cross-Cloud Middleware and Platform," Proc. 24th ACM SIGPLAN Conf. Companion on Object-Oriented Programming Systems Languages and Applications (OOPSLA 09), ACM Press, 2009, pp. 805–806.
6. L.M. Kaufman, "Data Security in the World of Cloud Computing," IEEE Security & Privacy, vol. 7, no. 4, 2009, pp. 61–64.
7. "Security Whitepaper: Google Apps Messaging and Collaboration Products," white paper, Google, 2010; ds_gsa_apps_whitepaper_0207.pdf.

Index Terms:
cloud computing, software as a service, platform as a service, infrastructure as a service, computer networks, middleware, computer security, network security
Jonathan Spring, "Monitoring Cloud Computing by Layer, Part 2," IEEE Security & Privacy, vol. 9, no. 3, pp. 52-55, May-June 2011, doi:10.1109/MSP.2011.57
Usage of this product signifies your acceptance of the Terms of Use.