Cloud Computing - The Logical Model

At a high level, both cloud and traditional computing adhere to a logical model that helps identify different layers based on functionality. 

The four layers are :
  • Infrastructure: The core components of a computing system: compute, network, and storage.The foundation that everything else is built on. The moving parts.
  • Metastructure: The protocols and mechanisms that provide the interface between the infrastructure layer and the other layers. The glue that ties the technologies and enables management and configuration.
  • Infostructure: The data and information. Content in a database, file storage, etc.
  • Applistructure: The applications deployed in the cloud and the underlying application services used to build them. For example, Platform as a Service features like message queues, artificial intelligence analysis, or notification services.
The security at different levels is mapped to the different layers. The application security is managed at the applistructure layer while the data security is managed at the infostructure layer and the infrastructure security at the infrastructure layer. 

The difference between traditional computing and cloud security is at the metastructure level. Cloud metastructure includes the management plane components, which are network-enabled and remotely accessible. Another key difference is that, in the cloud, you tend to double up on each layer. Infrastructure, for example, includes both the infrastructure used to create the cloud as well as the virtual infrastructure used and managed by the cloud user. In the private cloud, the same organization might need to manage both; in the public cloud, the provider manages the physical infrastructure while the consumer manages their portion of the virtual infrastructure.


  1. Are you referring any book and share please

    1. For study purposes , I'm referring the cloud security alliance version 4 which is freely available on the internet.


Post a Comment

You may also like to read...

Identification, Authentication, Authorization, and Accountability

Access Control Models - DAC, MAC, RBAC , Rule Based & ABAC

How to Pass SSCP Exam in the First Attempt

Understanding Security Modes - Dedicated , System high, Compartmented , Multilevel