The emergence of e-commerce/e-government as well as Web 2.0 media/content-rich web-portals (e.g., YouTube®, Facebook®, etc.) has motivated the need to grow computing infrastructures on-demand. In order to provide a rich user interface and fast online-services to their users, many businesses/governments have moved towards cloud computing. The cloud concept allows entities to grow/shrink the necessary compute and storage resources as needed without having to invest in their own infrastructure. The cloud provides an on-demand compute and storage model that makes it possible for many companies/businesses to cope with the demands of their growing/shrinking user base via a pay-for-what-you-need model.
Cloud computing allows companies to consolidate their infrastructure and grow it on-demand. Rather than having to rely on physical hardware, companies may opt to either 1) Host virtual environments in their physical data centers (a private-cloud model) or 2) outsource their compute needs to a third party, which then provides access to virtualized resources (e.g., a public cloud offering such as Amazon®'s AWS). The technology that makes cloud computing a reality is the concept of virtualization. Virtualization of servers and storage components (e.g., disk) allows cloud service providers to provide their customers with elastic compute (virtual computers) and storage (virtual disks) on demand. Virtualization relies on the concept of being able to create virtual machine (VM) instances that are basically self-contained images that allow the execution of its contents as if they were running on a physical computer, where each VM has an operating system and a given software stack to support a specific operation or service. Cloud users will then have the ability to launch new virtual machines based on pre-configured VMs to cope with increasing user demand (peak times) and turn them off when no longer needed.
Prior to the cloud, a user's data would reside in the service provider's data center. This meant that each service provider (e.g., a bank or government agency) was responsible for guaranteeing the integrity and safety of the given service, IT infrastructure, and data. By pushing data and the services that manipulate the data to the cloud, service providers no longer have control/the ability to protect their data, thus they are at the mercy of the cloud provider. Moreover, multi-tenancy is another issue cloud users have to deal with, as their data and services may reside on the same physical servers as other companies'. This means that even if a given service provider does his/her best to provide secure entry to their services (running on one VM), their efforts might be for naught as their services may reside on the same physical machine as that of other users who may not have security as their priority. This means that in the event that one VM within the same cloud infrastructure/physical system is compromised, other tenants within the same infrastructure/physical system may be now vulnerable as hypervisor root-kits have been shown to allow attackers to be able to break out of the sandbox (isolated protection) provided by the hypervisor.