The currently universal security design concept is one based on the boundaries of security domains. The concept is implementable in a traditional modeled data center due to the deployment based on different applications with different physical domains and the boundary of a physical network is that of the security domain. As the prevalence of virtualization and cloud computing technologies applying in data centers, the server resources have been virtualized to computing resource pool and the location of the virtual machine carrying different applications is no longer fixed. Physical boundaries of applications cannot be traced in the pool and the traditional security deployment mode relying on physical boundaries is no longer applicable.
As a result, the chief problem for security construction of the cloud data center to be addressed is the deploying location of security.