Infrastructure as a Service

IaaS stands for Infrastructure as a Service. In this model of cloud, you can subscribe to the complete infrastructure (networking, computing, and storage) that is required to run your application. Here, you will get the building blocks that you need to assemble to run your application as per your requirement. Suppose you want to run one web application that is developed in PHP and MySQL. To run this on the IaaS platform you need to subscribe to computing, networking, and storage. Now, you will configure each of them to run your application.

As we have now got a fair understanding of the cloud and cloud models, let's see the architecture so that we can correlate it when we start learning about the security aspects:

In the aforementioned architecture, we can see that the base layer of every cloud is a physical server, storage, and network. On top of it, we have installed the Virtualization Layer (hypervisor), which abstracts all the resources.

Before the hypervisor, we have the Orchestration Layer, which communicates with the Virtualization Layer and makes available resource chunks (computing, storage, and network) to be shared among the multiple tenants on demand.

The user logs in to the cloud dashboard to subscribe the resource and starts running their service or application on it.

One thing we can see here is that the Security layer starts from base and goes up until the top. This means that we need to focus on the security aspect at each layer (from the physical layer to the user layer).