Degree Type

Creative Component

Semester of Graduation

Summer 2021

Department

Computer Science

First Major Professor

Dr. Doug Jacobson

Degree(s)

Master of Science (MS)

Major(s)

Information Assurance

Abstract

There has been a significant increase in cloud utilization over the past five years as cloud solutions have continued to mature, leading to an increased level of trust in cloud provider's ability to create high-availability, scalable, and secure platforms for IT deployments. Today, the cloud provides a nimble platform that allows for instant access to a pool of resources that can be deployed or decommissioned with minimal effort at an affordable rate, and in many cases, making the transition to cloud technology beneficial.

Migrating IT infrastructure to the cloud can simplify or complicate an organization’s security architecture. The difference depends on many factors, including the service model and deployment model that is utilized. SaaS solutions transfer the ownership of a large portion of the security responsibility from the customer to the cloud provider. Whereas with IaaS, a much smaller portion of the overall security is owned by the provider. There can also be more ambiguity in the cloud. With on-premise system, the perimeter is easily defined and therefore, easier to secure. In the cloud, those lines can become blurred, especially in multi-cloud ecosystems.

Security architectures for cloud deployments should be built with a defense-in-depth approach, placing critical assets behind multiple layers of security controls. Each layer in a defense-in-depth architecture focuses on securing a specific technology segment. The number of layers a company is responsible for will change depending on how a cloud solution is deployed and used. For IaaS deployments, the cloud customer will likely be responsible for securing network perimeters, platform resources, applications, and company data. Security controls deployed at each layer work to protect against specific threats, and when combined, the collection of controls and monitoring tools should create a strong defense against most attacks.

Copyright Owner

Dickman, Eric

File Format

PDF

Embargo Period (admin only)

7-12-2021

1

Share

COinS