• Home

  • Documents

  • Securing the Cloud-cloud Computer Security Techniques and Tactics
1
BOOK REVIEWS EDITED BY PIOTR CHOLDA 20 IEEE Communications Magazine • September 2011 SECURING THE CLOUD: CLOUD COMPUTER SECURITY TECHNIQUES AND TACTICS VIC (J.R.) WINKLER, SYNGRESS-ELSEVIER INC., 2011, ISBN 978-1-59749-592-9, SOFTCOVER, 290 PAGES REVIEWER: JERZY DOMZAL Researchers and engineers working on security issues, especially related to cloud environment, will find Winkler’s book important. The author, a Senior Associate at Booz Allen Hamilton, is an expert with a broad range of exper- tise on security. He has worked for over 30 years in InfoSec/cyber security, sys- tems and applications engineering, as well as IT operations and management. This experience allowed him to present a successful position on many different aspects of security in clouds. A wide spectrum of cloud computing is dealt with: the author describes how cloud computing may be used and also elaborates on its potential weaknesses. He shows the ways in which data may be lost or stolen and gives guidelines on security in different deployments or ser- vice models. The work is organized in ten chap- ters. It leads a reader from an introduc- tion to basic ideas of cloud computing, through the description of the main security strategies and practices, to the conclusions with an examination of understanding of the provided security operations and solutions. Chapters 1 and 2 present advantages of cloud computing as well as some security limitations. The author proves that this new computing paradigm is both cost-effective and easy in use. He describes not only the security basics, but also covers the ideas of cloud com- puting which are essential for under- standing the remaining chapters. The service models of cloud computing (SaaS, PaaS, and IaaS) and the cloud delivery models (public, private, hybrid, and community) are given in detail. In Chapter 3, the security concerns are deeply analyzed. The author focuses on risk issues and presents a brief analysis of legal and regulatory aspects for dif- ferent types of clouds. This chapter is less technical, yet very important for the rest of the book. Chapter 4 analyzes possible architectures for cloud com- puting and considers security require- ments. The author discusses a few rep- resentative cloud security architectures and draws conclusions about how to identify security problems. Moreover, he identifies some security patterns and solutions for ensuring better security, and he proposes some cost-effective design strategies for cloud computing. Chapter 5 is devoted to data security issues. The author shows the weakness- es in data security and presents meth- ods to improve security. He analyzes what happens when data is stored in a cloud and there is a need to change the storage space. He indicates that data may be at risk when it is transferred as well as if it is improperly deleted by the previous cloud administrator. The next chapter summarizes best practices for cloud computing. The goal of these practices is to minimize the risk and to manage security in a cloud in an effec- tive way. The author deals with the issues related to security controls and monitoring of cloud computing. In Chapters 7 and 8, the author analyzes how to build an internal cloud or how to select an external cloud provider in a most effective way. The advantages and disadvantages of both approaches are considered. The security aspects are analyzed in detail and the benefits/risks are presented. The conclusions on how to select the best cloud service provider is one of the most valuable parts of the book. Chapter 9 is devoted to the eval- uation of cloud computing security. The author takes into account the criteria presented in the previous chapters and extends the evaluation model with some new tools. Chapter 10 focuses on deci- sions taken during a network setup and operation which are related to security. Moreover, the security operations activ- ities are shown. The most important of them are the setups and updates of a cloud server, ensuring resilience, back- up possibilities and business continuity, management of data and changes in a network. Overall, Winkler’s book certainly achieves its goal, that is to ‘help one facilitate the design, deployment and secure using of a cloud.’ The work con- firms that even advanced issues may be presented and explained in a transpar- ent and comprehensible way. The author manages to guide a reader through all steps in cloud computing, from implementation or choice of a ser- vice provider to efficient protection of a user’s data. This book is highly recom- mended to network engineers but may also be worth reading for anyone inter- ested in cloud computing.

Securing the Cloud-cloud Computer Security Techniques and Tactics

Tags:

Embed Size (px)

DESCRIPTION

ieee papers for students

Citation preview

  • BOOK REVIEWSEDITED BY PIOTR CHOLDA

    20 IEEE Communications Magazine September 2011

    SECURING THE CLOUD: CLOUDCOMPUTER SECURITY TECHNIQUESAND TACTICSVIC (J.R.) WINKLER, SYNGRESS-ELSEVIERINC., 2011, ISBN 978-1-59749-592-9,SOFTCOVER, 290 PAGESREVIEWER: JERZY DOMZAL

    Researchers and engineers workingon security issues, especially related tocloud environment, will find Winklersbook important. The author, a SeniorAssociate at Booz Allen Hamilton, isan expert with a broad range of exper-tise on security. He has worked for over30 years in InfoSec/cyber security, sys-tems and applications engineering, aswell as IT operations and management.This experience allowed him to presenta successful position on many differentaspects of security in clouds.

    A wide spectrum of cloud computingis dealt with: the author describes howcloud computing may be used and alsoelaborates on its potential weaknesses.He shows the ways in which data maybe lost or stolen and gives guidelines onsecurity in different deployments or ser-vice models.

    The work is organized in ten chap-ters. It leads a reader from an introduc-tion to basic ideas of cloud computing,through the description of the mainsecurity strategies and practices, to theconclusions with an examination ofunderstanding of the provided securityoperations and solutions.

    Chapters 1 and 2 present advantagesof cloud computing as well as somesecurity limitations. The author provesthat this new computing paradigm isboth cost-effective and easy in use. Hedescribes not only the security basics,but also covers the ideas of cloud com-puting which are essential for under-standing the remaining chapters. Theservice models of cloud computing(SaaS, PaaS, and IaaS) and the clouddelivery models (public, private, hybrid,and community) are given in detail. InChapter 3, the security concerns aredeeply analyzed. The author focuses onrisk issues and presents a brief analysisof legal and regulatory aspects for dif-ferent types of clouds. This chapter isless technical, yet very important forthe rest of the book. Chapter 4 analyzespossible architectures for cloud com-

    puting and considers security require-ments. The author discusses a few rep-resentative cloud security architecturesand draws conclusions about how toidentify security problems. Moreover,he identifies some security patterns andsolutions for ensuring better security,and he proposes some cost-effectivedesign strategies for cloud computing.Chapter 5 is devoted to data securityissues. The author shows the weakness-es in data security and presents meth-ods to improve security. He analyzeswhat happens when data is stored in acloud and there is a need to change thestorage space. He indicates that datamay be at risk when it is transferred aswell as if it is improperly deleted by theprevious cloud administrator. The nextchapter summarizes best practices forcloud computing. The goal of thesepractices is to minimize the risk and tomanage security in a cloud in an effec-tive way. The author deals with theissues related to security controls andmonitoring of cloud computing. InChapters 7 and 8, the author analyzeshow to build an internal cloud or howto select an external cloud provider in amost effective way. The advantages anddisadvantages of both approaches areconsidered. The security aspects areanalyzed in detail and the benefits/risksare presented. The conclusions on howto select the best cloud service provideris one of the most valuable parts of thebook. Chapter 9 is devoted to the eval-uation of cloud computing security. Theauthor takes into account the criteriapresented in the previous chapters andextends the evaluation model with somenew tools. Chapter 10 focuses on deci-sions taken during a network setup andoperation which are related to security.Moreover, the security operations activ-ities are shown. The most important ofthem are the setups and updates of acloud server, ensuring resilience, back-up possibilities and business continuity,management of data and changes in anetwork.

    Overall, Winklers book certainlyachieves its goal, that is to help onefacilitate the design, deployment andsecure using of a cloud. The work con-firms that even advanced issues may bepresented and explained in a transpar-ent and comprehensible way. Theauthor manages to guide a readerthrough all steps in cloud computing,from implementation or choice of a ser-vice provider to efficient protection of ausers data. This book is highly recom-mended to network engineers but mayalso be worth reading for anyone inter-ested in cloud computing.

    LYT-BOOK REVIEWS-SEPTEMBER 8/22/11 12:31 PM Page 20

    /ColorImageDict > /JPEG2000ColorACSImageDict > /JPEG2000ColorImageDict > /AntiAliasGrayImages false /CropGrayImages true /GrayImageMinResolution 300 /GrayImageMinResolutionPolicy /OK /DownsampleGrayImages false /GrayImageDownsampleType /Average /GrayImageResolution 300 /GrayImageDepth -1 /GrayImageMinDownsampleDepth 2 /GrayImageDownsampleThreshold 1.50000 /EncodeGrayImages true /GrayImageFilter /DCTEncode /AutoFilterGrayImages true /GrayImageAutoFilterStrategy /JPEG /GrayACSImageDict > /GrayImageDict > /JPEG2000GrayACSImageDict > /JPEG2000GrayImageDict > /AntiAliasMonoImages false /CropMonoImages true /MonoImageMinResolution 1200 /MonoImageMinResolutionPolicy /OK /DownsampleMonoImages false /MonoImageDownsampleType /Average /MonoImageResolution 1200 /MonoImageDepth -1 /MonoImageDownsampleThreshold 1.50000 /EncodeMonoImages true /MonoImageFilter /CCITTFaxEncode /MonoImageDict > /AllowPSXObjects false /CheckCompliance [ /None ] /PDFX1aCheck false /PDFX3Check false /PDFXCompliantPDFOnly false /PDFXNoTrimBoxError true /PDFXTrimBoxToMediaBoxOffset [ 0.00000 0.00000 0.00000 0.00000 ] /PDFXSetBleedBoxToMediaBox true /PDFXBleedBoxToTrimBoxOffset [ 0.00000 0.00000 0.00000 0.00000 ] /PDFXOutputIntentProfile (None) /PDFXOutputConditionIdentifier () /PDFXOutputCondition () /PDFXRegistryName () /PDFXTrapped /False

    /CreateJDFFile false /Description > /Namespace [ (Adobe) (Common) (1.0) ] /OtherNamespaces [ > /FormElements false /GenerateStructure false /IncludeBookmarks false /IncludeHyperlinks false /IncludeInteractive false /IncludeLayers false /IncludeProfiles false /MultimediaHandling /UseObjectSettings /Namespace [ (Adobe) (CreativeSuite) (2.0) ] /PDFXOutputIntentProfileSelector /DocumentCMYK /PreserveEditing true /UntaggedCMYKHandling /LeaveUntagged /UntaggedRGBHandling /UseDocumentProfile /UseDocumentBleed false >> ]>> setdistillerparams> setpagedevice


Securing the Cloud by FierceCIO_EnterpriseFL

Securing the Cloud by FierceCIO_EnterpriseFL

Documents
Cloud Customer Architecture for Securing Workloads on Cloud Services

Cloud Customer Architecture for Securing Workloads on Cloud Services

Software
Securing the Cloud

Securing the Cloud

Technology
Securing the Cloud: Masterclass 2

Securing the Cloud: Masterclass 2

Documents
Securing Content in the Cloud

Securing Content in the Cloud

Technology
Securing ERP ERP Cloud - docs.oracle.com · Oracle ERP Cloud Securing ERP Chapter 1 Introduction 1 1 Introduction Securing Oracle ERP Cloud: Overview Oracle ERP Cloud is secure as

Securing ERP ERP Cloud - docs.oracle.com · Oracle ERP Cloud Securing ERP Chapter 1 Introduction 1 1 Introduction Securing Oracle ERP Cloud: Overview Oracle ERP Cloud is secure as

Documents
Securing Cloud Services

Securing Cloud Services

Technology
Securing Your Enterprise in the Cloud - Insight · Securing Your Enterprise in the Cloud. Securing Your Enterprise ... especially one that has adopted a hybrid cloud model, will also

Securing Your Enterprise in the Cloud - Insight · Securing Your Enterprise in the Cloud. Securing Your Enterprise ... especially one that has adopted a hybrid cloud model, will also

Documents
Securing Oracle HCM Cloud Human Capital Management Cloud...Oracle Human Capital Management Cloud Securing Oracle HCM Cloud Release 13 (update 17D)

Securing Oracle HCM Cloud Human Capital Management Cloud...Oracle Human Capital Management Cloud Securing Oracle HCM Cloud Release 13 (update 17D)

Documents
Cloud Customer Architecture for Securing Workloads on ... · Cloud Customer Architecture for Securing Workloads on Cloud Services at the Cloud Standards Customer Council Web site

Cloud Customer Architecture for Securing Workloads on ... · Cloud Customer Architecture for Securing Workloads on Cloud Services at the Cloud Standards Customer Council Web site

Documents
STORMY WEATHER SECURING CLOUD COMPUTING

STORMY WEATHER SECURING CLOUD COMPUTING

Documents
Cloud Storage – Securing CDMI

Cloud Storage – Securing CDMI

Documents
Cloud Customer Architecture for Securing Workloads · PDF fileCloud Customer Architecture for Securing ... Cloud Customer Architecture for Securing Workloads on Cloud Services

Cloud Customer Architecture for Securing Workloads · PDF fileCloud Customer Architecture for Securing ... Cloud Customer Architecture for Securing Workloads on Cloud Services

Documents
Securing Virtual Machines in Cloud

Securing Virtual Machines in Cloud

Documents
Securing your Cloud Transformation - Zscaler

Securing your Cloud Transformation - Zscaler

Documents
Presentation fortinet securing the cloud

Presentation fortinet securing the cloud

Technology
Introduction Securing Cloud Environment 34052

Introduction Securing Cloud Environment 34052

Documents
Discover - Securing Your Hybrid Cloud

Discover - Securing Your Hybrid Cloud

Technology
Securing the E-Health Cloud

Securing the E-Health Cloud

Technology
Securing SCM Oracle SCM Cloud · Oracle SCM Cloud Securing SCM Chapter 1 Introduction 1 1 Introduction Securing Oracle SCM Cloud: Overview Oracle SCM Cloud is secure as delivered

Securing SCM Oracle SCM Cloud · Oracle SCM Cloud Securing SCM Chapter 1 Introduction 1 1 Introduction Securing Oracle SCM Cloud: Overview Oracle SCM Cloud is secure as delivered

Documents
Securing Your Cloud Applications with Novell Cloud Security Service

Securing Your Cloud Applications with Novell Cloud Security Service

Documents
Securing SCM - Oracle · Oracle SCM Cloud Securing SCM Chapter 1 Introduction 1 1 Introduction Overview of Securing Oracle SCM Cloud Oracle SCM Cloud is secure as delivered. This

Securing SCM - Oracle · Oracle SCM Cloud Securing SCM Chapter 1 Introduction 1 1 Introduction Overview of Securing Oracle SCM Cloud Oracle SCM Cloud is secure as delivered. This

Documents
Securing Traditional and Cloud-Based Datacenters … Traditional and Cloud...Securing Traditional and Cloud-Based Datacenters With Next-generation Firewalls February 2015

Securing Traditional and Cloud-Based Datacenters … Traditional and Cloud...Securing Traditional and Cloud-Based Datacenters With Next-generation Firewalls February 2015

Documents
Securing Your Cloud Applications

Securing Your Cloud Applications

Technology
Securing the Cloud Native Stack

Securing the Cloud Native Stack

Technology
Securing ERP - Oracle · Oracle ERP Cloud Securing ERP Chapter 1 Introduction 1 1 Introduction Securing Oracle ERP Cloud: Overview Oracle ERP Cloud is secure as delivered. This guide

Securing ERP - Oracle · Oracle ERP Cloud Securing ERP Chapter 1 Introduction 1 1 Introduction Securing Oracle ERP Cloud: Overview Oracle ERP Cloud is secure as delivered. This guide

Documents
Build-a-Cloud Day - Securing Your Cloud with Xen

Build-a-Cloud Day - Securing Your Cloud with Xen

Technology
Securing and Governing Cloud APIs

Securing and Governing Cloud APIs

Technology
Cloud Storage – Securing CDMI · Cloud Storage – Securing CDMI With SNIA’s publication of the Cloud Data Management Interface (CDMI) specification, cloud storage implementations

Cloud Storage – Securing CDMI · Cloud Storage – Securing CDMI With SNIA’s publication of the Cloud Data Management Interface (CDMI) specification, cloud storage implementations

Documents
Securing ERP Oracle ERP Cloud · Oracle ERP Cloud Securing ERP Chapter 1 Introduction 1 1 Introduction Securing Oracle ERP Cloud: Overview Oracle ERP Cloud is secure as delivered

Securing ERP Oracle ERP Cloud · Oracle ERP Cloud Securing ERP Chapter 1 Introduction 1 1 Introduction Securing Oracle ERP Cloud: Overview Oracle ERP Cloud is secure as delivered

Documents