Verfügbarkeit: Securing the cloud

Securing the cloud: cloud computer security techniques and tactics

Gespeichert in:

Bibliographische Detailangaben
1. Verfasser:	Winkler, Vic (VerfasserIn)
Format:	Buch
Sprache:	English
Veröffentlicht:	Amsterdam [u.a.] Elsevier, Syngress 2011
Schlagworte:	Cloud computing / Security measures Cloud Computing Computersicherheit
Online-Zugang:	Inhaltsverzeichnis
Beschreibung:	XXIV, 290 S. graph. Darst.
ISBN:	9781597495929

Internformat

MARC


LEADER	00000nam a2200000 c 4500
001	BV036959984
003	DE-604
005	20120412
007	t
008	110117s2011 d\|\|\| \|\|\|\| 00\|\|\| eng d
015			\|a GBB0A5042 \|2 dnb
020			\|a 9781597495929 \|c pbk \|9 978-1-59749-592-9
020			\|z 1597495921 (pbk.) \|9 1597495921 (pbk.)
035			\|a (OCoLC)706971355
035			\|a (DE-599)BVBBV036959984
040			\|a DE-604 \|b ger \|e rakwb
041	0		\|a eng
049			\|a DE-83 \|a DE-739
084			\|a ST 200 \|0 (DE-625)143611: \|2 rvk
084			\|a ST 276 \|0 (DE-625)143642: \|2 rvk
100	1		\|a Winkler, Vic \|e Verfasser \|0 (DE-588)1013266331 \|4 aut
245	1	0	\|a Securing the cloud \|b cloud computer security techniques and tactics \|c Vic (J.R.) Winkler
264		1	\|a Amsterdam [u.a.] \|b Elsevier, Syngress \|c 2011
300			\|a XXIV, 290 S. \|b graph. Darst.
336			\|b txt \|2 rdacontent
337			\|b n \|2 rdamedia
338			\|b nc \|2 rdacarrier
650		4	\|a Cloud computing / Security measures
650	0	7	\|a Cloud Computing \|0 (DE-588)7623494-0 \|2 gnd \|9 rswk-swf
650	0	7	\|a Computersicherheit \|0 (DE-588)4274324-2 \|2 gnd \|9 rswk-swf
689	0	0	\|a Cloud Computing \|0 (DE-588)7623494-0 \|D s
689	0	1	\|a Computersicherheit \|0 (DE-588)4274324-2 \|D s
689	0		\|5 DE-604
856	4	2	\|m Digitalisierung UB Passau \|q application/pdf \|u http://bvbr.bib-bvb.de:8991/F?func=service&doc_library=BVB01&local_base=BVB01&doc_number=020874887&sequence=000002&line_number=0001&func_code=DB_RECORDS&service_type=MEDIA \|3 Inhaltsverzeichnis
999			\|a oai:aleph.bib-bvb.de:BVB01-020874887

Datensatz im Suchindex

_version_	1804143684794449920
adam_text	Contents Acknowledgments ...........................................................xiii About the Author ............................................................xv About the Technical Editor ..................................................xvii Introduction .................................................................xix CHAPTER 1 Introduction to Cloud Computing and Security .................1 Understanding Cloud Computing ..............................1 Cloud Scale, Patterns, and Operational Efficiency .........2 A Synergistic Trick ......................................3 Elasticity, Shape Shifting, and Security ...................3 The IT Foundation for Cloud ..................................4 Cloud Computing as Foundation for Cloud Services ......5 Cloud Computing Qualities ...............................7 The Bottom Line ..............................................8 An Historical View: Roots of Cloud Computing ..............10 Decentralization and Proliferation .......................10 Networking, the Internet, and the Web ..................11 Virtualization ...........................................12 A Brief Primer on Security: From 50,000 ft ...................13 Terminology and Principles .............................14 Risk Management ......................................17 Security Must Become a Business Enabler ...............17 A Brief Primer on Architecture ...............................18 Systems Engineering ....................................19 IT Architecture .........................................20 Security Architecture: A Brief Discussion .....................20 Defense in Depth .......................................23 Cloud Is Driving Broad Changes .............................23 Cloud Works Today ....................................24 Valid Concerns .........................................25 Summary ....................................................26 Endnotes....................................................26 CHAPTER 2 Cloud Computing Architecture ................................29 Cloud Reference Architecture ................................29 Revisiting Essential Characteristics ......................30 Cloud Service Models ..................................33 Cloud Deployment Models ..............................35 Control over Security in the Cloud Model ....................37 Cloud Application Programming Interfaces ..............39 Making Sense of Cloud Deployment ..........................39 Public Clouds ..........................................40 Private Clouds ..........................................40 Community Clouds .....................................41 Hybrid Clouds ..........................................41 Making Sense of Services Models ............................43 Cloud Software-as-a-Service ............................43 Cloud Platform-as-a-Service .............................43 Cloud Infrastructure-as-a-Service ........................43 How Clouds Are Formed and Key Examples .................44 Using Virtualization to Form Clouds ....................45 Using Applications or Services to Form Clouds ..........48 Real-world Cloud Usage Scenarios ...........................49 Virtualization Formed Clouds ...........................49 Application/Service Formed Clouds .....................51 Hybrid Cloud Models ...................................52 Summary ....................................................52 Endnotes....................................................52 CHAPTER 3 Security Concerns, Risk Issues, and Legal Aspects ...........55 Cloud Computing: Security Concerns .........................56 A Closer Examination: Virtualization ....................57 A Closer Examination: Provisioning .....................62 A Closer Examination: Cloud Storage ...................64 A Closer Examination: Cloud Operation, Security, and Networking ........................................66 Assessing Your Risk Tolerance in Cloud Computing ..........67 Assessing the Risk ......................................68 Information Assets and Risk ............................69 Privacy and Confidentiality Concerns ....................70 Data Ownership and Locale Concerns ...................71 Auditing and Forensics .................................72 Emerging Threats .......................................73 So, Is It Safe? ..........................................73 Legal and Regulatory Issues ..................................74 Third Parties ............................................75 Data Privacy ............................................79 Litigation ...............................................84 Summary ....................................................85 Endnotes....................................................87 CHAPTER 4 Securing the Cloud: Architecture .............................89 Security Requirements for the Architecture ....................91 Physical Security .......................................91 Cloud Security Standards and Policies ...................93 Cloud Security Requirements ............................94 Security Patterns and Architectural Elements .................102 Defense In-depth ......................................102 Honeypots .............................................104 Sandboxes .............................................104 Network Patterns ......................................104 The Importance of a CMDB ...........................107 Cabling Patterns .......................................109 Resilience and Grace ..................................110 Planning for Change ................................... Ill Cloud Security Architecture ................................. Ill Cloud Maturity and How It Relates to Security .........112 Jericho Forum .........................................113 Representative Commercial Cloud Architectures ........114 Representative Cloud Security Architectures ............115 Planning Key Strategies for Secure Operation ................121 Classifying Data and Systems ..........................121 Define Valid Roles for Cloud Personnel and Customers ........................................122 Summary ...................................................123 Endnotes...................................................123 CHAPTER 5 Securing the Cloud: Data Security ..........................125 Overview of Data Security in Cloud Computing .............125 Control over Data and Public Cloud Economics ........126 Organizational Responsibility: Ownership and Custodianship .....................................127 Data at Rest ...........................................128 Data in Motion ........................................130 Common Risks with Cloud Data Security ..............130 Data Encryption: Applications and Limits ...................132 Overview of Cryptographic Techniques ................133 Common Mistakes or Errors with Data Encryption .....135 Cloud Data Security: Sensitive Data Categorization ..........137 Authentication and Identity ............................137 Access Control Techniques ............................138 Data Categorization and the Use of Data Labels ........140 Application of Encryption for Data at Rest .............141 Application of Encryption for Data in Motion ..........142 Impediments to Encryption in the Cloud ...............143 Deletion of Data .......................................143 Data Masking .........................................144 Cloud Data Storage .........................................145 Cloud Lock-in (the Roach Motel Syndrome) .................146 Metadata ..............................................148 Avoiding Cloud Lock-in (the Roach Motel Syndrome) ___149 Summary ...................................................150 Endnotes...................................................151 CHAPTER 6 Securing the Cloud: Key Strategies and Best Practices ......153 Overall Strategy: Effectively Managing Risk .................154 Risk Management: Stages and Activities ...............154 Overview of Security Controls ..............................156 Cloud Security Controls Must Meet Your Needs ........156 NIST Definitions for Security Controls .................157 Unclassified Models ...................................158 Classified Model ......................................160 The Cloud Security Alliance Approach .................161 The Limits of Security Controls .............................162 Security Exposure Will Vary over Time ................164 Exploits Don t Play Fair ...............................164 Best Practices ...............................................165 Best Practices for Cloud Computing: First Principals ........................................165 Best Practices across the Cloud Community ............170 Other Best Practices for Cloud Computing: Cloud Service Consumers ..............................172 Other Best Practices for Cloud Computing: Cloud Service Providers ...............................173 Security Monitoring .........................................174 The Purpose of Security Monitoring ....................176 Transforming an Event Stream .........................177 The Need for C.I.A. in Security Monitoring ............183 The Opportunity for MaaS .............................184 Summary ...................................................184 Endnotes...................................................185 CHAPTER 7 Security Criteria: Building an Internal Cloud ................187 Private Clouds: Motivation and Overview ...................187 Security Implications: Shared versus Dedicated Resources ...................................189 Considerations for Achieving Cost Savings .............190 Private Clouds: The Castle Keep? ......................193 Analysis to Support Architecture Decisions .............194 Security Criteria for Ensuring a Private Cloud ...............195 Network Considerations ...............................196 Data Center Considerations ............................202 Operational Security Considerations ....................206 Regulation ............................................208 Summary ...................................................209 Endnotes...................................................210 CHAPTER 8 Security Criteria: Selecting an External Cloud Provider ......211 Selecting a CSP: Overview of Assurance ....................211 Vendor Claims and Independent Verification ...........212 Selecting a CSP: Vendor Transparency .................215 Selecting a CSP: Overview of Risks .........................217 Risk Will Vary by Customer and by CSP ..............217 Assessing Risk Factors ................................218 Selecting a CSP: Security Criteria ...........................224 Security Criteria: Revisiting Defense-in-depth ..........225 Security Criteria: Other Considerations .................227 Additional Security-relevant Criteria ....................229 Summary ...................................................232 Endnotes...................................................232 CHAPTER 9 Evaluating Cloud Security: An Information Security Framework ........................................233 Evaluating Cloud Security ...................................234 Existing Work on Cloud Security Guidance or Frameworks ..............................235 Checklists for Evaluating Cloud Security ....................237 Foundational Security ..................................238 Business Considerations ...............................240 Defense-in-depth ......................................242 Operational Security ...................................246 Metrics for the Checklists ...................................249 Summary ...................................................249 Endnotes...................................................250 CHAPTER 10 Operating a Cloud ..........................................253 From Architecture to Efficient and Secure Operations ........255 The Scope of Planning .................................255 Physical Access, Security, and Ongoing Costs ..........256
any_adam_object	1
author	Winkler, Vic
author_GND	(DE-588)1013266331
author_facet	Winkler, Vic
author_role	aut
author_sort	Winkler, Vic
author_variant	v w vw
building	Verbundindex
bvnumber	BV036959984
classification_rvk	ST 200 ST 276
ctrlnum	(OCoLC)706971355 (DE-599)BVBBV036959984
discipline	Informatik
format	Book
fullrecord	<?xml version="1.0" encoding="UTF-8"?><collection xmlns="http://www.loc.gov/MARC21/slim"><record><leader>01538nam a2200385 c 4500</leader><controlfield tag="001">BV036959984</controlfield><controlfield tag="003">DE-604</controlfield><controlfield tag="005">20120412 </controlfield><controlfield tag="007">t</controlfield><controlfield tag="008">110117s2011 d\|\|\| \|\|\|\| 00\|\|\| eng d</controlfield><datafield tag="015" ind1=" " ind2=" "><subfield code="a">GBB0A5042</subfield><subfield code="2">dnb</subfield></datafield><datafield tag="020" ind1=" " ind2=" "><subfield code="a">9781597495929</subfield><subfield code="c">pbk</subfield><subfield code="9">978-1-59749-592-9</subfield></datafield><datafield tag="020" ind1=" " ind2=" "><subfield code="z">1597495921 (pbk.)</subfield><subfield code="9">1597495921 (pbk.)</subfield></datafield><datafield tag="035" ind1=" " ind2=" "><subfield code="a">(OCoLC)706971355</subfield></datafield><datafield tag="035" ind1=" " ind2=" "><subfield code="a">(DE-599)BVBBV036959984</subfield></datafield><datafield tag="040" ind1=" " ind2=" "><subfield code="a">DE-604</subfield><subfield code="b">ger</subfield><subfield code="e">rakwb</subfield></datafield><datafield tag="041" ind1="0" ind2=" "><subfield code="a">eng</subfield></datafield><datafield tag="049" ind1=" " ind2=" "><subfield code="a">DE-83</subfield><subfield code="a">DE-739</subfield></datafield><datafield tag="084" ind1=" " ind2=" "><subfield code="a">ST 200</subfield><subfield code="0">(DE-625)143611:</subfield><subfield code="2">rvk</subfield></datafield><datafield tag="084" ind1=" " ind2=" "><subfield code="a">ST 276</subfield><subfield code="0">(DE-625)143642:</subfield><subfield code="2">rvk</subfield></datafield><datafield tag="100" ind1="1" ind2=" "><subfield code="a">Winkler, Vic</subfield><subfield code="e">Verfasser</subfield><subfield code="0">(DE-588)1013266331</subfield><subfield code="4">aut</subfield></datafield><datafield tag="245" ind1="1" ind2="0"><subfield code="a">Securing the cloud</subfield><subfield code="b">cloud computer security techniques and tactics</subfield><subfield code="c">Vic (J.R.) Winkler</subfield></datafield><datafield tag="264" ind1=" " ind2="1"><subfield code="a">Amsterdam [u.a.]</subfield><subfield code="b">Elsevier, Syngress</subfield><subfield code="c">2011</subfield></datafield><datafield tag="300" ind1=" " ind2=" "><subfield code="a">XXIV, 290 S.</subfield><subfield code="b">graph. Darst.</subfield></datafield><datafield tag="336" ind1=" " ind2=" "><subfield code="b">txt</subfield><subfield code="2">rdacontent</subfield></datafield><datafield tag="337" ind1=" " ind2=" "><subfield code="b">n</subfield><subfield code="2">rdamedia</subfield></datafield><datafield tag="338" ind1=" " ind2=" "><subfield code="b">nc</subfield><subfield code="2">rdacarrier</subfield></datafield><datafield tag="650" ind1=" " ind2="4"><subfield code="a">Cloud computing / Security measures</subfield></datafield><datafield tag="650" ind1="0" ind2="7"><subfield code="a">Cloud Computing</subfield><subfield code="0">(DE-588)7623494-0</subfield><subfield code="2">gnd</subfield><subfield code="9">rswk-swf</subfield></datafield><datafield tag="650" ind1="0" ind2="7"><subfield code="a">Computersicherheit</subfield><subfield code="0">(DE-588)4274324-2</subfield><subfield code="2">gnd</subfield><subfield code="9">rswk-swf</subfield></datafield><datafield tag="689" ind1="0" ind2="0"><subfield code="a">Cloud Computing</subfield><subfield code="0">(DE-588)7623494-0</subfield><subfield code="D">s</subfield></datafield><datafield tag="689" ind1="0" ind2="1"><subfield code="a">Computersicherheit</subfield><subfield code="0">(DE-588)4274324-2</subfield><subfield code="D">s</subfield></datafield><datafield tag="689" ind1="0" ind2=" "><subfield code="5">DE-604</subfield></datafield><datafield tag="856" ind1="4" ind2="2"><subfield code="m">Digitalisierung UB Passau</subfield><subfield code="q">application/pdf</subfield><subfield code="u">http://bvbr.bib-bvb.de:8991/F?func=service&doc_library=BVB01&local_base=BVB01&doc_number=020874887&sequence=000002&line_number=0001&func_code=DB_RECORDS&service_type=MEDIA</subfield><subfield code="3">Inhaltsverzeichnis</subfield></datafield><datafield tag="999" ind1=" " ind2=" "><subfield code="a">oai:aleph.bib-bvb.de:BVB01-020874887</subfield></datafield></record></collection>
id	DE-604.BV036959984
illustrated	Illustrated
indexdate	2024-07-09T22:51:35Z
institution	BVB
isbn	9781597495929
language	English
oai_aleph_id	oai:aleph.bib-bvb.de:BVB01-020874887
oclc_num	706971355
open_access_boolean
owner	DE-83 DE-739
owner_facet	DE-83 DE-739
physical	XXIV, 290 S. graph. Darst.
publishDate	2011
publishDateSearch	2011
publishDateSort	2011
publisher	Elsevier, Syngress
record_format	marc
spelling	Winkler, Vic Verfasser (DE-588)1013266331 aut Securing the cloud cloud computer security techniques and tactics Vic (J.R.) Winkler Amsterdam [u.a.] Elsevier, Syngress 2011 XXIV, 290 S. graph. Darst. txt rdacontent n rdamedia nc rdacarrier Cloud computing / Security measures Cloud Computing (DE-588)7623494-0 gnd rswk-swf Computersicherheit (DE-588)4274324-2 gnd rswk-swf Cloud Computing (DE-588)7623494-0 s Computersicherheit (DE-588)4274324-2 s DE-604 Digitalisierung UB Passau application/pdf http://bvbr.bib-bvb.de:8991/F?func=service&doc_library=BVB01&local_base=BVB01&doc_number=020874887&sequence=000002&line_number=0001&func_code=DB_RECORDS&service_type=MEDIA Inhaltsverzeichnis
spellingShingle	Winkler, Vic Securing the cloud cloud computer security techniques and tactics Cloud computing / Security measures Cloud Computing (DE-588)7623494-0 gnd Computersicherheit (DE-588)4274324-2 gnd
subject_GND	(DE-588)7623494-0 (DE-588)4274324-2
title	Securing the cloud cloud computer security techniques and tactics
title_auth	Securing the cloud cloud computer security techniques and tactics
title_exact_search	Securing the cloud cloud computer security techniques and tactics
title_full	Securing the cloud cloud computer security techniques and tactics Vic (J.R.) Winkler
title_fullStr	Securing the cloud cloud computer security techniques and tactics Vic (J.R.) Winkler
title_full_unstemmed	Securing the cloud cloud computer security techniques and tactics Vic (J.R.) Winkler
title_short	Securing the cloud
title_sort	securing the cloud cloud computer security techniques and tactics
title_sub	cloud computer security techniques and tactics
topic	Cloud computing / Security measures Cloud Computing (DE-588)7623494-0 gnd Computersicherheit (DE-588)4274324-2 gnd
topic_facet	Cloud computing / Security measures Cloud Computing Computersicherheit
url	http://bvbr.bib-bvb.de:8991/F?func=service&doc_library=BVB01&local_base=BVB01&doc_number=020874887&sequence=000002&line_number=0001&func_code=DB_RECORDS&service_type=MEDIA
work_keys_str_mv	AT winklervic securingthecloudcloudcomputersecuritytechniquesandtactics

Verfügbarkeit

Es ist kein Print-Exemplar vorhanden.

Fernleihe Bestellen Achtung: Nicht im THWS-Bestand! Inhaltsverzeichnis

MARC

Datensatz im Suchindex

Es ist kein Print-Exemplar vorhanden.

Ähnliche Einträge