Cloud computing protected:
Gespeichert in:
| 1. Verfasser: | |
|---|---|
| Format: | Buch |
| Sprache: | English |
| Veröffentlicht: |
[s.l.]
Recursive Press
2013
|
| Ausgabe: | 2013 edition |
| Schriftenreihe: | Security assessment handbook
|
| Schlagworte: | |
| Online-Zugang: | Inhaltsverzeichnis |
| Beschreibung: | Includes bibliographical references (pages 379-384) and index |
| Beschreibung: | xix, 391 pages illustrations 25 cm |
| ISBN: | 9780956355621 |
Internformat
MARC
| LEADER | 00000nam a2200000 c 4500 | ||
|---|---|---|---|
| 001 | BV041251459 | ||
| 003 | DE-604 | ||
| 005 | 20130926 | ||
| 007 | t | ||
| 008 | 130902s2013 a||| |||| 00||| eng d | ||
| 020 | |a 9780956355621 |9 978-0-9563556-2-1 | ||
| 020 | |z 0956355625 |9 0-9563556-2-5 | ||
| 035 | |a (OCoLC)859389714 | ||
| 035 | |a (DE-599)BVBBV041251459 | ||
| 040 | |a DE-604 |b ger |e rakwb | ||
| 041 | 0 | |a eng | |
| 049 | |a DE-29T | ||
| 084 | |a ST 276 |0 (DE-625)143642: |2 rvk | ||
| 100 | 1 | |a Rhoton, John |e Verfasser |4 aut | |
| 245 | 1 | 0 | |a Cloud computing protected |c by Jon Rhoton ; with contributions from: Jan De Clercq, David Graves |
| 250 | |a 2013 edition | ||
| 264 | 1 | |a [s.l.] |b Recursive Press |c 2013 | |
| 300 | |a xix, 391 pages |b illustrations |c 25 cm | ||
| 336 | |b txt |2 rdacontent | ||
| 337 | |b n |2 rdamedia | ||
| 338 | |b nc |2 rdacarrier | ||
| 490 | 0 | |a Security assessment handbook | |
| 500 | |a Includes bibliographical references (pages 379-384) and index | ||
| 650 | 4 | |a Cloud computing / Security measures | |
| 650 | 4 | |a Computer networks / Security measures | |
| 650 | 4 | |a Computer security | |
| 650 | 0 | 7 | |a Cloud Computing |0 (DE-588)7623494-0 |2 gnd |9 rswk-swf |
| 650 | 0 | 7 | |a Computersicherheit |0 (DE-588)4274324-2 |2 gnd |9 rswk-swf |
| 689 | 0 | 0 | |a Cloud Computing |0 (DE-588)7623494-0 |D s |
| 689 | 0 | 1 | |a Computersicherheit |0 (DE-588)4274324-2 |D s |
| 689 | 0 | |5 DE-604 | |
| 856 | 4 | 2 | |m HBZ Datenaustausch |q application/pdf |u http://bvbr.bib-bvb.de:8991/F?func=service&doc_library=BVB01&local_base=BVB01&doc_number=026225491&sequence=000002&line_number=0001&func_code=DB_RECORDS&service_type=MEDIA |3 Inhaltsverzeichnis |
| 999 | |a oai:aleph.bib-bvb.de:BVB01-026225491 | ||
Datensatz im Suchindex
| _version_ | 1804150706433687552 |
|---|---|
| adam_text | Titel: Cloud computing protected
Autor: Rhoton, John
Jahr: 2013
Contents
Preface xv
Analysis 1
Chapter 1 Cloud Trends 3
Core Attributes 4
Service Layers 6
Deployment Models 9
Private Cloud 9
Community Cloud 12
Hybrid Cloud 13
Value Proposition 14
Practical Recommendations 19
Chapter 2 Risk Model 21
Risk Management 21
Cloud Impact 27
Enterprise Wide Risk Management 31
Practical Recommendations 34
Chapter 3 Risk Treatment 35
Risk Strategy 35
Threats 37
Recourse Options 39
Monitoring and Control 41
Practical Recommendations 42
Chapter 4 Security Assessment 43
Trust Shift 43
Security Taxonomy 46
Stakeholder Perspectives 49
Cloud Service Layers 50
Top Threats 52
Cloud security model _53
Practical Recommendations 55
Environment 57
Chapter 5 Physical Infrastructure 59
Location 61
Perimeter 63
Internal Barriers 65
Surveillance 66
Environment 67
Staffi ng 67
Practical Recommendations __68
Chapter 6 Virtual Overlays 69
Virtual Server Infrastructure 71
Virtual Server Lifecycle _73
Virtual Server Control 77
Virtual Storage 78
Virtual Networks 79
Practical Recommendations 84
Chapter 7 Consumer Behavior 85
Mobility 86
Social Networking _92
Content Sharing 94
Unified Communications 94
Gaming 95
Practical Recommendations 96
Chapter 8 Commercial Ecosystem 97
T opology 98
Ecosystem 101
Cloud Maturity _101
Extended Cloud Stack 104
Vendor T ypes 106
Practical Recommendations _108
Chapter 9 Operational Processes 109
System Complexity 110
Unclear Boundaries 111
Increased Exposure 112
Defined Interfaces 113
Automation 113
Verification 114
Practical Recommendations 114
Threats 115
Chapter 10 Malware 117
Cloud Considerations 117
Malware types 118
Delivery Vectors 120
Impact 120
Safeguards 121
Practical Recommendations 125
Chapter 11 Attacks 127
Attack business case 128
Advanced targeted attacks 129
Certificate attacks 130
Hardening 130
Application Security 132
Monitoring 134
Practical Recommendations 135
Regulation 137
Chapter 12 Compliance 139
Data Privacy 143
Electronic Discovery 145
Incident Response 148
Taxes 149
Tools 150
Practical Recommendations 150
Chapter 13 Contracts 151
Contract Negotiation 151
Critical Areas 153
Contract Definition 156
Contract Enforcement 159
Hybrid Cloud 160
Practical Recommendations 162
Chapter 14 Licensing 163
Software licensing__ 164
Content Licensing -——167
Intellectual Property _167
Open Source__ — 168
Practical Recommendations . 171
Access 173
Chapter 15 User Authentication 175
Cloud Access Controls 176
Strong Authentication 177
Identity Service Providers 180
Practical Recommendations 183
Chapter 16 Identity Federation 185
Federated Web Identity Solutions 186
Identity Architecture 188
OpenID 191
OAuth 193
S AML 195
Microsoft 197
Force.com 198
Application Exposure_ 199
Practical Recommendations 199
Chapter 17 Administrative Controls 201
Staffing 201
Automation 203
Staging 206
Compartmentalization 207
Logging 208
Decentralization 210
Practical Recommendations 210
Confidentiality 211
Chapter 18 Data Governance 213
Data Risks 213
Data Lifecycle 214
Classification 216
Roles and Responsibilities __ 217
Data Loss Prevention 219
Practical Recommendations _224
Chapter 19 Compartmentalization 225
Physical Isolation 225
Network Separation 226
System Partitioning 227
Device Segmentation 232
Content Encapsulation 232
Practical Recommendations 235
Chapter 20 Encryption 237
Cryptographic Challenges 238
Data at Rest 239
Data in Motion 242
Key Management 243
Cloud-based Encryption 245
Practical Recommendations 245
Availability 247
Chapter 21 Short-term Resilience 249
Uptime 249
Redundancy 251
High Availability Technologies 251
Reliability 253
Capacity Planning 257
Practical Recommendations 258
Chapter 22 Business Continuity 261
Business Impact Analysis 261
Redundancy 264
Backup 267
Disaster Recovery 269
Validation 271
Practical Recommendations 273
Chapter 23 Vendor Independence 275
Danger of Lock-in 275
Interoperability and Portability 275
Standards and Interoperability 279
Transition Planning 287
Practical Recommendations 288
Policies 289
Chapter 24 User Education 291
Policy Definition 291
Training and communications 292
Risks 292
Technologies 295
Efficient Resource Usage 297
Practical Recommendations 298
Chapter 25 Enforcement 299
Endpoint Management 300
Network Access Control _305
Rogue Cloud Use 307
Practical Recommendations 308
Processes 311
Chapter 26 Management 313
Service Management _313
Risk Management 317
Practical Recommendations 326
Chapter 27 Certification 327
Industry Standards _327
Audits 333
Certification .334
Verification .339
Practical Recommendations _339
Services 341
Chapter 28 Security as a Service 343
Email Security _344
Web Security 346
Archivi ng 348
Business Continuity 349
Endpoint Management 351
Data Loss Prevention 354
Encryption 354
Identity and Access Management 356
Practical Recommendations 357
Chapter 29 Global Threat Analysis 359
Threat reports 359
Automated Scanning 362
Ad hoc Analysis 363
Practical Recommendations 365
Appendix A: Cryptography Basics 367
Ciphers and Keys 369
Mechanisms 370
Key Management 372
Certificates 373
Data at Rest 375
Data in Motion 376
Other Uses 377
References
379
|
| any_adam_object | 1 |
| author | Rhoton, John |
| author_facet | Rhoton, John |
| author_role | aut |
| author_sort | Rhoton, John |
| author_variant | j r jr |
| building | Verbundindex |
| bvnumber | BV041251459 |
| classification_rvk | ST 276 |
| ctrlnum | (OCoLC)859389714 (DE-599)BVBBV041251459 |
| discipline | Informatik |
| edition | 2013 edition |
| format | Book |
| fullrecord | <?xml version="1.0" encoding="UTF-8"?><collection xmlns="http://www.loc.gov/MARC21/slim"><record><leader>01657nam a2200421 c 4500</leader><controlfield tag="001">BV041251459</controlfield><controlfield tag="003">DE-604</controlfield><controlfield tag="005">20130926 </controlfield><controlfield tag="007">t</controlfield><controlfield tag="008">130902s2013 a||| |||| 00||| eng d</controlfield><datafield tag="020" ind1=" " ind2=" "><subfield code="a">9780956355621</subfield><subfield code="9">978-0-9563556-2-1</subfield></datafield><datafield tag="020" ind1=" " ind2=" "><subfield code="z">0956355625</subfield><subfield code="9">0-9563556-2-5</subfield></datafield><datafield tag="035" ind1=" " ind2=" "><subfield code="a">(OCoLC)859389714</subfield></datafield><datafield tag="035" ind1=" " ind2=" "><subfield code="a">(DE-599)BVBBV041251459</subfield></datafield><datafield tag="040" ind1=" " ind2=" "><subfield code="a">DE-604</subfield><subfield code="b">ger</subfield><subfield code="e">rakwb</subfield></datafield><datafield tag="041" ind1="0" ind2=" "><subfield code="a">eng</subfield></datafield><datafield tag="049" ind1=" " ind2=" "><subfield code="a">DE-29T</subfield></datafield><datafield tag="084" ind1=" " ind2=" "><subfield code="a">ST 276</subfield><subfield code="0">(DE-625)143642:</subfield><subfield code="2">rvk</subfield></datafield><datafield tag="100" ind1="1" ind2=" "><subfield code="a">Rhoton, John</subfield><subfield code="e">Verfasser</subfield><subfield code="4">aut</subfield></datafield><datafield tag="245" ind1="1" ind2="0"><subfield code="a">Cloud computing protected</subfield><subfield code="c">by Jon Rhoton ; with contributions from: Jan De Clercq, David Graves</subfield></datafield><datafield tag="250" ind1=" " ind2=" "><subfield code="a">2013 edition</subfield></datafield><datafield tag="264" ind1=" " ind2="1"><subfield code="a">[s.l.]</subfield><subfield code="b">Recursive Press</subfield><subfield code="c">2013</subfield></datafield><datafield tag="300" ind1=" " ind2=" "><subfield code="a">xix, 391 pages</subfield><subfield code="b">illustrations</subfield><subfield code="c">25 cm</subfield></datafield><datafield tag="336" ind1=" " ind2=" "><subfield code="b">txt</subfield><subfield code="2">rdacontent</subfield></datafield><datafield tag="337" ind1=" " ind2=" "><subfield code="b">n</subfield><subfield code="2">rdamedia</subfield></datafield><datafield tag="338" ind1=" " ind2=" "><subfield code="b">nc</subfield><subfield code="2">rdacarrier</subfield></datafield><datafield tag="490" ind1="0" ind2=" "><subfield code="a">Security assessment handbook</subfield></datafield><datafield tag="500" ind1=" " ind2=" "><subfield code="a">Includes bibliographical references (pages 379-384) and index</subfield></datafield><datafield tag="650" ind1=" " ind2="4"><subfield code="a">Cloud computing / Security measures</subfield></datafield><datafield tag="650" ind1=" " ind2="4"><subfield code="a">Computer networks / Security measures</subfield></datafield><datafield tag="650" ind1=" " ind2="4"><subfield code="a">Computer security</subfield></datafield><datafield tag="650" ind1="0" ind2="7"><subfield code="a">Cloud Computing</subfield><subfield code="0">(DE-588)7623494-0</subfield><subfield code="2">gnd</subfield><subfield code="9">rswk-swf</subfield></datafield><datafield tag="650" ind1="0" ind2="7"><subfield code="a">Computersicherheit</subfield><subfield code="0">(DE-588)4274324-2</subfield><subfield code="2">gnd</subfield><subfield code="9">rswk-swf</subfield></datafield><datafield tag="689" ind1="0" ind2="0"><subfield code="a">Cloud Computing</subfield><subfield code="0">(DE-588)7623494-0</subfield><subfield code="D">s</subfield></datafield><datafield tag="689" ind1="0" ind2="1"><subfield code="a">Computersicherheit</subfield><subfield code="0">(DE-588)4274324-2</subfield><subfield code="D">s</subfield></datafield><datafield tag="689" ind1="0" ind2=" "><subfield code="5">DE-604</subfield></datafield><datafield tag="856" ind1="4" ind2="2"><subfield code="m">HBZ Datenaustausch</subfield><subfield code="q">application/pdf</subfield><subfield code="u">http://bvbr.bib-bvb.de:8991/F?func=service&doc_library=BVB01&local_base=BVB01&doc_number=026225491&sequence=000002&line_number=0001&func_code=DB_RECORDS&service_type=MEDIA</subfield><subfield code="3">Inhaltsverzeichnis</subfield></datafield><datafield tag="999" ind1=" " ind2=" "><subfield code="a">oai:aleph.bib-bvb.de:BVB01-026225491</subfield></datafield></record></collection> |
| id | DE-604.BV041251459 |
| illustrated | Illustrated |
| indexdate | 2024-07-10T00:43:11Z |
| institution | BVB |
| isbn | 9780956355621 |
| language | English |
| oai_aleph_id | oai:aleph.bib-bvb.de:BVB01-026225491 |
| oclc_num | 859389714 |
| open_access_boolean | |
| owner | DE-29T |
| owner_facet | DE-29T |
| physical | xix, 391 pages illustrations 25 cm |
| publishDate | 2013 |
| publishDateSearch | 2013 |
| publishDateSort | 2013 |
| publisher | Recursive Press |
| record_format | marc |
| series2 | Security assessment handbook |
| spelling | Rhoton, John Verfasser aut Cloud computing protected by Jon Rhoton ; with contributions from: Jan De Clercq, David Graves 2013 edition [s.l.] Recursive Press 2013 xix, 391 pages illustrations 25 cm txt rdacontent n rdamedia nc rdacarrier Security assessment handbook Includes bibliographical references (pages 379-384) and index Cloud computing / Security measures Computer networks / Security measures Computer security Cloud Computing (DE-588)7623494-0 gnd rswk-swf Computersicherheit (DE-588)4274324-2 gnd rswk-swf Cloud Computing (DE-588)7623494-0 s Computersicherheit (DE-588)4274324-2 s DE-604 HBZ Datenaustausch application/pdf http://bvbr.bib-bvb.de:8991/F?func=service&doc_library=BVB01&local_base=BVB01&doc_number=026225491&sequence=000002&line_number=0001&func_code=DB_RECORDS&service_type=MEDIA Inhaltsverzeichnis |
| spellingShingle | Rhoton, John Cloud computing protected Cloud computing / Security measures Computer networks / Security measures Computer security Cloud Computing (DE-588)7623494-0 gnd Computersicherheit (DE-588)4274324-2 gnd |
| subject_GND | (DE-588)7623494-0 (DE-588)4274324-2 |
| title | Cloud computing protected |
| title_auth | Cloud computing protected |
| title_exact_search | Cloud computing protected |
| title_full | Cloud computing protected by Jon Rhoton ; with contributions from: Jan De Clercq, David Graves |
| title_fullStr | Cloud computing protected by Jon Rhoton ; with contributions from: Jan De Clercq, David Graves |
| title_full_unstemmed | Cloud computing protected by Jon Rhoton ; with contributions from: Jan De Clercq, David Graves |
| title_short | Cloud computing protected |
| title_sort | cloud computing protected |
| topic | Cloud computing / Security measures Computer networks / Security measures Computer security Cloud Computing (DE-588)7623494-0 gnd Computersicherheit (DE-588)4274324-2 gnd |
| topic_facet | Cloud computing / Security measures Computer networks / Security measures Computer security Cloud Computing Computersicherheit |
| url | http://bvbr.bib-bvb.de:8991/F?func=service&doc_library=BVB01&local_base=BVB01&doc_number=026225491&sequence=000002&line_number=0001&func_code=DB_RECORDS&service_type=MEDIA |
| work_keys_str_mv | AT rhotonjohn cloudcomputingprotected |