“Security is not a one-size-fits-all concept for cloud computing”. (Linthicum, D. 2010.) To further complicate matters, virtualization carries benefits making it common for cloud service providers (CSPs) to employ virtualization platforms in their host computing platform architecture where aspects such as speed, flexibility and agility move to the top of the list. Virtualization is a key enabling technology improving performance measures, hardware utilization and business continuity, including cost savings on energy, space and system administration among other benefits.Cloud computing service delivery models provided over the World Wide Web, such as Infrastructure as a Service (Iaas), Platform as a Service (PaaS) and Software as a Service (SaaS) are only as secure as the computer resources fuelling these services. “If the underlying system is insecure, the entire virtual infrastructure is insecure.” (Haletky, E.L. 2009: 60) If a virtualized architecture used to run the cloud is insecure, the integrity of the system as well as the services provided in the cloud may produce a security risk. Host security responsibilities in SaaS, PaaS and IaaS are the responsibility of the CSP, who has to be concerned about protecting hosts from host-based security threats. Some virtualization security threats such as virtual machine escape, system configuration drift, and insider threats by way of weak access control allow new threats to the hypervisor which carry into the public cloud computing environment. “The integrity and availability of the hypervisor are of utmost importance and are key elements to guarantee the integrity and availability of a public cloud built on a virtualized environment.” (Mather, T., Kumaraswamy, S., Latif, S. 2009:46) A vulnerable hypervisor could expose all user domains to malicious insiders. Hypervisors need to be protected from unauthorized users. Hypervisor virtualization is the essential ingredient that guarantees compartmentalization and isolation of customer virtual machines from each other in a multitenant environment. “Since virtualization is very critical to the IaaS cloud architecture, any attack that could compromise the integrity of the compartments will be catastrophic to the entire customer base on that cloud.”  Mather, T., Kumaraswamy, S., Latif, S. 2009:46). A proposed security model will introduce some of the aspects that need to be secured in the virtual environment to ensure a secure and sound cloud service over the WWW. CSPs should institute the necessary security controls, including restricting physical and logical access to hypervisor and other forms of employed virtualization layers.  To enact relevant security measures, the core needs to be secured as follows:

·   Hardware security