The security risks of cloud computing and ambiguity of security mechanisms implemented on an ondemand cloud service such as Platform-as-a-Service (PaaS), continues to raise concerns by cloud consumers. These concerns continue to hinder the adoption of the potentials offered by provisioning of computer resources of this scale. It also indicates a lot needs to be done to improve security controls implemented on cloud computing services as a whole. There is the need to understand and evaluate security mechanisms and controls implemented to preserve the confidentiality, integrity and availability of data stored, processed and accessed in the cloud. Also there is the need to ensure these mechanisms meet security standards and requirements to mitigate any security risks. Although most organisations and cloud service providers (CSPs) have various information security management systems they used to evaluate their computer security and CSPs try to obtain security certifications based on industry standards, cloud customers are however not sure of the security mechanisms implemented on cloud services and how these mechanism are integrated to provide adequate security for their data and applications developed and deployed in the cloud. This research study highlights the use of a systematic and comprehensive approach developed by the researcher to understand in detail, the security architecture of PaaS clouds. This approach presents the development of a security framework which is used as a tool in an attempt to identify and evaluate security mechanism implemented on each PaaS component. The primary findings and preliminary analysis of the evaluation enabled the researcher determine the security provisions, capabilities and limitations of security features implemented on this type of cloud delivery model.
|Date of Award||20 Apr 2016|
|Supervisor||ELLA PEREIRA (Director of Studies) & CHRISTOPHER BEAUMONT (Supervisor)|
- PaaS Cloud Models
- Cloud Service Provider
- Cloud Services