Cloud Security

While the Cloud is still undergoing a spectacular growth, with novel paradigms being proposed, novel architectures being deployed, and the supporting HW and SW solutions being subject to an exponential pace of innovation, cloud security is still a vexed issue. On the one hand, this is the byproduct of what is indicated above. With such a fast pace of transformation, focus is on technology advancements and delivery, rather than security. On the other hand, if security is not addressed, the risk introduced by the very same paradigm can eventually hinder the further deployment and adoption of cloud solutions, especially for environments where compliance is at a premium—think of hospitals, governmental agencies, or critical business segments. In this chapter, we have several objectives: propose a survey of the context of Cloud technology and related background, identify the threats and security actors in the identified scenario, and discuss cloud security services. Moreover, we provide a systematization of Cloud security, regrouping the different cloud security abstraction layers, and discussing the related most relevant challenges. We also provide an in-depth dive into the supporting HW components of some of currently deployed cloud solutions: ARM and RISC-V processors. We finally conclude our journey into cloud security with some remarks and indications about the road ahead toward a secure cloud. A Summary provides a digest of what is exposed in this chapter.