Well-known security experts decipher the most challenging aspect of
cloud computing-security
Cloud computing allows for both large and small organizations to
have the opportunity to use Internet-based services so that they
can reduce start-up costs, lower capital expenditures, use services
on a pay-as-you-use basis, access applications only as needed, and
quickly reduce or increase capacities. However, these benefits are
accompanied by a myriad of security issues, and this valuable book
tackles the most common security challenges that cloud computing
faces.
The authors offer you years of unparalleled expertise and
knowledge as they discuss the extremely challenging topics of data
ownership, privacy protections, data mobility, quality of service
and service levels, bandwidth costs, data protection, and
support.
As the most current and complete guide to helping you find your
way through a maze of security minefields, this book is mandatory
reading if you are involved in any aspect of cloud computing.
Coverage Includes:
* Cloud Computing Fundamentals
* Cloud Computing Architecture
* Cloud Computing Software Security Fundamentals
* Cloud Computing Risks Issues
* Cloud Computing Security Challenges
* Cloud Computing Security Architecture
* Cloud Computing Life Cycle Issues
* Useful Next Steps and Approaches
Autorentext
Ronald L. Krutz, PhD, is a senior information systems
security consultant with more than 30 years of experience. He
founded the CMRI Cybersecurity Center at Carnegie Mellon
University.
Russell Dean Vines is Chief Security Advisor for Gotham
Technology Group, LLC, and has been an information systems security
expert for over 25 years. They coauthored the bestselling CISSP
Prep Guide.
Zusammenfassung
Well-known security experts decipher the most challenging aspect of cloud computing-security
Cloud computing allows for both large and small organizations to have the opportunity to use Internet-based services so that they can reduce start-up costs, lower capital expenditures, use services on a pay-as-you-use basis, access applications only as needed, and quickly reduce or increase capacities. However, these benefits are accompanied by a myriad of security issues, and this valuable book tackles the most common security challenges that cloud computing faces.
The authors offer you years of unparalleled expertise and knowledge as they discuss the extremely challenging topics of data ownership, privacy protections, data mobility, quality of service and service levels, bandwidth costs, data protection, and support.
As the most current and complete guide to helping you find your way through a maze of security minefields, this book is mandatory reading if you are involved in any aspect of cloud computing.
Coverage Includes:
- Cloud Computing Fundamentals
- Cloud Computing Architecture
- Cloud Computing Software Security Fundamentals
- Cloud Computing Risks Issues
- Cloud Computing Security Challenges
- Cloud Computing Security Architecture
- Cloud Computing Life Cycle Issues
- Useful Next Steps and Approaches
Inhalt
Foreword xxi
Introduction xxiii
Chapter 1 Cloud Computing Fundamentals 1
What Cloud Computing Isn't 7
Alternative Views 8
Essential Characteristics 9
On-Demand Self-Service 9
Broad Network Access 10
Location-Independent Resource Pooling 10
Rapid Elasticity 10
Measured Service 11
Architectural Influences 11
High-Performance Computing 11
Utility and Enterprise Grid Computing 14
Autonomic Computing 15
Service Consolidation 16
Horizontal Scaling 16
Web Services 17
High-Scalability Architecture 18
Technological Influences 18
Universal Connectivity 18
Commoditization 19
Excess Capacity 20
Open-Source Software 21
Virtualization 22
Operational Influences 23
Consolidation 23
Outsourcing 26
Outsourcing Legal Issues 26
Business Process Outsourcing (BPO) Issues 28
IT Service Management 30
Automation 31
Summary 31
Chapter 2 Cloud Computing Architecture 33
Cloud Delivery Models 34
The SPI Framework 34
SPI Evolution 34
The SPI Framework vs. the Traditional IT Model 35
Cloud Software as a Service (SaaS) 37
Benefits of the SaaS Model 38
Cloud Platform as a Service (PaaS) 39
Cloud Infrastructure as a Service (IaaS) 41
Cloud Deployment Models 43
Public Clouds 44
Community Clouds 46
Private Clouds 48
Hybrid Clouds 49
Alternative Deployment Models 50
The Linthicum Model 50
The Jericho Cloud Cube Model 51
Expected Benefits 55
Flexibility and Resiliency 56
Reduced Costs 57
Centralization of Data Storage 58
Reduced Time to Deployment 58
Scalability 58
Summary 59
Chapter 3 Cloud Computing Software Security Fundamentals 61
Cloud Information Security Objectives 62
Confidentiality, Integrity, and Availability 63
Confidentiality 63
Integrity 64
Availability 64
Cloud Security Services 64
Authentication 64
Authorization 64
Auditing 65
Accountability 66
Relevant Cloud Security Design Principles 66
Least Privilege 67
Separation of Duties 67
Defense in Depth 67
Fail Safe 68
Economy of Mechanism 68
Complete Mediation 68
Open Design 69
Least Common Mechanism 69
Psychological Acceptability 69
Weakest Link 70
Leveraging Existing Components 70
Secure Cloud Software Requirements 70
Secure Development Practices 71
Handling Data 71
Code Practices 72
Language Options 73
Input Validation and Content Injection 73
Physical Security of the System 73
Approaches to Cloud Software Requirements Engineering 74
A Resource Perspective on Cloud Software Security Requirements 75
Goal-Oriented Software Security Requirements 76
Monitoring Internal and External Requirements 77
Cloud Security Policy Implementation and Decomposition 78
Implementation Issues 79
Decomposing Critical Security Issues into Secure Cloud Software Requirements 81
NIST 33 Security Principles 85
Secure Cloud Software Testing 86
Testing for Security Quality Assurance 87
Conformance Testing 89
Functional Testing 90
Performance Testing 92
Security Testing 94
Cloud Penetration Testing 99
Legal and Ethical Implications 100
The Three Pre-Test Phases 103
Penetration Testing Tools and Techniques ...