INTRODUCTION

Part 1 provides the foundation for the rest of this book as it introduces the concepts embodied within Cloud computing, describes the associated security threats and lists a few of the existing industry initiatives dedicated to improving the security of Cloud services.

Part 2 introduces a number of security architecture concepts and a conceptual Security Reference Model. This model is then applied to the different Cloud service models – Infrastructure as a Service (IaaS), Platform as a Service (PaaS), Software as a Service (SaaS) and Function as a Service (FaaS) – to show how the conceptual security services within the reference model can be delivered for each Cloud service model.

If you are already familiar with Cloud computing models, terminologies and associated risks then you could go straight to Part 2, although you may find the contents of Part 1 a useful refresher.

Throughout this book, I have italicised the names of the security services defined within the Security Reference Model (SRM). This is to distinguish between the name of a service such as identity management and the wider topic of identity management.