E-Book, Englisch, 314 Seiten
Winkler Securing the Cloud
1. Auflage 2011
ISBN: 978-1-59749-593-6
Verlag: Elsevier Science & Techn.
Format: EPUB
Kopierschutz: Adobe DRM (»Systemvoraussetzungen)
Cloud Computer Security Techniques and Tactics
E-Book, Englisch, 314 Seiten
ISBN: 978-1-59749-593-6
Verlag: Elsevier Science & Techn.
Format: EPUB
Kopierschutz: Adobe DRM (»Systemvoraussetzungen)
Securing the Cloud is the first book that helps you secure your information while taking part in the time and cost savings of cloud computing. As companies turn to burgeoning cloud computing technology to streamline and save money, security is a fundamental concern. The cloud offers flexibility, adaptability, scalability, and in the case of security - resilience. Securing the Cloud explains how to make the move to the cloud, detailing the strengths and weaknesses of securing a company's information with different cloud approaches. It offers a clear and concise framework to secure a business' assets while making the most of this new technology.This book considers alternate approaches for securing a piece of the cloud, such as private vs. public clouds, SaaS vs. IaaS, and loss of control and lack of trust. It discusses the cloud's impact on security roles, highlighting security as a service, data backup, and disaster recovery. It also describes the benefits of moving to the cloud - solving for limited availability of space, power, and storage.This book will appeal to network and security IT staff and management responsible for design, implementation and management of IT structures from admins to CSOs, CTOs, CIOs and CISOs. - Named The 2011 Best Identity Management Book by InfoSec Reviews - Provides a sturdy and stable framework to secure your piece of the cloud, considering alternate approaches such as private vs. public clouds, SaaS vs. IaaS, and loss of control and lack of trust - Discusses the cloud's impact on security roles, highlighting security as a service, data backup, and disaster recovery - Details the benefits of moving to the cloud-solving for limited availability of space, power, and storage
Vic (J.R.) Winkler is a Senior Associate at Booz Allen Hamilton, providing technical consultation to U.S. Government clients. He is a published InfoSec and cyber security researcher as well as an expert in intrusion/anomaly detection.
Autoren/Hrsg.
Weitere Infos & Material
1;Front Cover;1
2;Securing the Cloud: Cloud Computer Security Techniques and Tactics;4
3;Copyright;5
4;Dedication;6
5;Table of Contents;8
6;Acknowledgments;14
7;About the Author;16
8;About the Technical Editor;18
9;Introduction;20
9.1;Book Audience;20
9.2;Terminology;20
9.3;Risk, Perception of Risk and Cloud Computing;21
9.4;Cloud Computing as a Tectonic Shift;22
9.5;Structure of the Book;22
9.6;Conclusion;25
10;Chapter 1. Introduction to Cloud Computing and Security;26
10.1;Understanding Cloud Computing;26
10.2;The IT Foundation for Cloud;29
10.3;The Bottom Line;33
10.4;An Historical View: Roots of Cloud Computing;35
10.5;A Brief Primer on Security: From 50,000 ft;38
10.6;A Brief Primer on Architecture;43
10.7;Security Architecture: A Brief Discussion;45
10.8;Cloud Is Driving Broad Changes;48
10.9;Summary;51
10.10;Endnotes;51
11;Chapter 2. Cloud Computing Architecture;54
11.1;Cloud Reference Architecture;54
11.2;Control over Security in the Cloud Model;62
11.3;Making Sense of Cloud Deployment;64
11.4;Making Sense of Services Models;68
11.5;How Clouds Are Formed and Key Examples;69
11.6;Real-world Cloud Usage Scenarios;74
11.7;Summary;77
11.8;Endnotes;77
12;Chapter 3. Security Concerns, Risk Issues, and Legal Aspects;80
12.1;Cloud Computing: Security Concerns;81
12.2;Assessing Your Risk Tolerance in Cloud Computing;92
12.3;Legal and Regulatory Issues;99
12.4;Summary;110
12.5;Endnotes;112
13;Chapter 4. Securing the Cloud: Architecture;114
13.1;Security Requirements for the Architecture;116
13.2;Security Patterns and Architectural Elements;127
13.3;Cloud Security Architecture;136
13.4;Planning Key Strategies for Secure Operation;146
13.5;Summary;148
13.6;Endnotes;148
14;Chapter 5. Securing the Cloud: Data Security;150
14.1;Overview of Data Security in Cloud Computing;150
14.2;Data Encryption: Applications and Limits;157
14.3;Cloud Data Security: Sensitive Data Categorization;162
14.4;Cloud Data Storage;170
14.5;Cloud Lock-in (the Roach Motel Syndrome);171
14.6;Summary;175
14.7;Endnotes;176
15;Chapter 6. Securing the Cloud: Key Strategies and Best Practices;178
15.1;Overall Strategy: Effectively Managing Risk;179
15.2;Overview of Security Controls;181
15.3;The Limits of Security Controls;187
15.4;Best Practices;190
15.5;Security Monitoring;199
15.6;Summary;209
15.7;Endnotes;210
16;Chapter 7. Security Criteria: Building an Internal Cloud;212
16.1;Private Clouds: Motivation and Overview;212
16.2;Security Criteria for Ensuring a Private Cloud;220
16.3;Summary;234
16.4;Endnotes;235
17;Chapter 8. Security Criteria: Selecting an External Cloud Provider;236
17.1;Selecting a CSP: Overview of Assurance;236
17.2;Selecting a CSP: Overview of Risks;242
17.3;Selecting a CSP: Security Criteria;249
17.4;Summary;257
17.5;Endnotes;257
18;Chapter 9. Evaluating Cloud Security: An Information Security Framework;258
18.1;Evaluating Cloud Security;259
18.2;Checklists for Evaluating Cloud Security;262
18.3;Metrics for the Checklists;274
18.4;Summary;274
18.5;Endnotes;275
19;Chapter 10. Operating a Cloud;278
19.1;From Architecture to Efficient and Secure Operations;280
19.2;Security Operations Activities;287
19.3;Summary;300
19.4;Endnotes;302
20;Index;304
