Intercloud Security Considerations

Cloud computing is a new design pattern for large, distributed data centers. Service providers offering applications including search, email, and social networks have pioneered this specific to their application. Recently they have expanded offerings to include compute-related capabilities such as virtual machines, storage, and complete operating system services. The cloud computing design yields breakthroughs in geographical distribution, resource utilization efficiency, and infrastructure automation. These “public clouds” have been replicated by IT vendors for corporations to build “private clouds” of their own. Public and private clouds offer their end consumers a “pay as you go” model - a powerful shift for computing, towards a utility model like the electricity system, the telephone system, or more recently the Internet. However, unlike those utilities, clouds cannot yet federate and interoperate. Such federation is called the “Intercloud”. Building the Intercloud is more than technical protocols. Ablueprint for an Intercloud economy must bearchitected with a technically sound foundation and topology. As part of the overall Intercloud Topology, this paper builds on the technology foundation emerging for the Intercloud and specifically delves into details of Intercloud security considerations such as Trust Model, Identity and Access Management, governance considerations and so on.