Windows Azure Security OverviewMicrosoft 3
cloud services operating systemthat serves as the development, servicehosting and service management environment for the Windows Azure platform. Windows Azureprovides developers with on-demand compute and storage to host, scale, and manage webapplications on the Internet through Microsoft® datacenters.With Windows Azure, Microsoft hosts data and programs belonging to customers. WindowsAzure must therefore address information security challenges above and beyond traditional on-or off-premises IT scenarios. This document describes the array of controls Windows Azurecustomers can use to achieve their required level of security, and determine if the capabilitiesand controls are suitable for their unique requirements.
Audience and Scope
The intended audience for this whitepaper includes:
Developers interested in creating applications that run on Windows Azure
Technical decision makers (TDMs) considering Windows Azure to support new orexisting servicesT
he focal point of this whitepaper is the Windows Azure “operating system as an online service”
platform component, and does not provide detailed coverage of any of the related WindowsAzure platform components such as Microsoft SQL Azure, AppFabric, or Microsoft Codename
The discussion is focused around Windows Azure's security features and functionality. Althougha minimal level of general information is provided, readers are assumed to be familiar withWindows Azure basic concepts as described in other references provided by Microsoft. Links to
further information are provided in the “References & Further Reading” section at the end of this
document.A Glossary is also included at the end of this document that defines terms highlighted in
asthey are introduced.
Security Model Basics
Before delving deeper into the technical nature of Windows Azure’s security features, this
section provides a brief overview of its security model. Again, this overview assumes readers arefamiliar with basic Windows Azure concepts, and focuses primarily on security-related items.
Customer View: Compute, Storage, and Service Management
Windows Azure is designed to abstract much of the infrastructure that typically underliesapplications (servers, operating systems, web & database software, and so on) so that