Infrastructure as a Service

The easiest way to understand the differentiation is that a platform will run on top of the infrastructure. Phrased another way, the infrastructure is closer to the essential hardware than is the platform. This chapter examines Infrastructure as a Service (IaaS) from the more “traditional” point of view— one that deals with an infrastructure that supports the sort of applications that most users think of when they imagine cloud computing. It argues that each of the characteristics that make IaaS a compelling option for many enterprises also brings with it a set of risk factors that can lead to significant security issues for careless companies. In IaaS, the cloud service provider buys and maintains a server farm larger than most enterprises would need on anything like a regular basis. For customers of IaaS clouds, it provides another set of items on a security checklist that can help deliver the reasonable expectation of security.