Cloud computing has become pivotal for businesses due to its transformative impact on the design, deployment, and scalability of IT services. The cloud also offers on-demand access to a shared pool of resources, enabling businesses to achieve operational efficiency and flexibility without significant investment in infrastructure. Despite the numerous benefits of cloud computing, research has shown that there are significant issues with security on the cloud and they encompass significant data breaches, unauthorised access, and systemic design vulnerabilities. These issues constitute a major impediment to the growth and adoption of cloud computing systems, as businesses are wary of significant breaches which compromise sensitive data and ultimately erode customer trust. Further exploration of the security issues reveals that architectural design threats are the most common cause of cloud security breaches and Hybrid Cloud computing Systems are highly susceptible to this threat due to the integration of multiple components from Private, Public and On-prem Infrastructures. This thesis proposes a Security Reference Architecture (SRA), tailored specifically for Hybrid Cloud Computing Environments. It provides a framework for tackling the security challenges which are inherent in the integration of public and private cloud environments. Also, drawing from the literature review, the study evaluates existing security reference architectures and identifies gaps and best practices which inform the design of the proposed SRA. The architecture integrates principles of Defence-In-Depth Strategy and Least Privilege to ensure a robust security posture which aligns with the dynamic nature of Hybrid clouds.
| Date of Award | 6 May 2025 |
|---|
| Original language | English |
|---|
| Supervisor | Gary Allen (Main Supervisor) & Richard Hill (Co-Supervisor) |
|---|