You are previewing Securing Cloud Services: A pragmatic approach to security architecture in the Cloud.
O'Reilly logo
Securing Cloud Services: A pragmatic approach to security architecture in the Cloud

Book Description

Securing Cloud Services: A pragmatic approach to security architecture in the Cloud

Every Cloud should have a secure lining

Cloud Computing represents a major change to the IT services landscape. Cloud services, such as SalesForce, Amazon Web Services® and Microsoft® Azure®, offer enterprise grade computing power to businesses of all sizes, without the need to invest in the hardware, software and staff usually required to support equivalent on-premise services.

Unfortunately, this flexibility in IT service deployment introduces a different set of potential security risks, which need to be understood and addressed.

An architectural approach to securing Cloud services

This book provides an overview of security architecture processes and explains how they may be used to derive an appropriate set of security controls to manage the risks associated with working in the Cloud.

Part 1 introduces Cloud Computing and describes the main service models (IaaS, PaaS and SaaS) and deployment models (public, private, community and hybrid) as defined by NIST. It outlines the common benefits, and describes some of the potential pitfalls of, and threats associated with, Cloud Computing.

Part 2 outlines security architecture concepts and describes how they relate to Cloud Computing. It uses a conceptual security reference model (SRM) to define a set of common security services and explains how they can be delivered across the various service models in order to secure a Cloud service.

Part 3 -provides summary conclusions, and speculates on the future of Cloud Computing and its associated market.

Beyond the generic

This book goes beyond the subject of generic Cloud security and, instead, offers a more detailed and architectural approach to securing Cloud services.

It is aimed at business decision makers, senior IT stakeholders, enterprise architects, information security professionals and anyone else who is interested in working with cloud services, but might be concerned about the potential security implications.

"

Table of Contents

  1. Cover
  2. Title
  3. Copyright
  4. Preface
  5. About the Author
  6. Acknowledgements
  7. Contents
  8. Part One: Introduction
    1. Chapter 1: Introduction to Cloud Computing
    2. Chapter 2: Overview of existing Cloud Taxonomies and Models
      1. Service models
      2. Deployment models
      3. Jericho Forum® Cloud Cube model
    3. Chapter 3: The Security Balance
      1. Security benefits
      2. Potential pitfalls
    4. Chapter 4: Security Threats associated with Cloud Computing
      1. Cloud provider staff
      2. Image/application providers
      3. Competitors
      4. Crackers/hackers
      5. Insiders
      6. Governments
      7. Transport agents
      8. Identity providers
      9. Attribute providers
      10. Cloud management brokers
    5. Chapter 5: Privacy and Data Security Concerns
      1. Data protection issues
      2. Payment card industry issues
      3. Others
  9. Part Two: Pragmatic Cloud Security
    1. Chapter 6: Introduction to Security Architecture
      1. What is security architecture?
      2. What is a service?
      3. Architectural layers
      4. Advantages of security architecture
    2. Chapter 7: Application of Security Architecture to Cloud Computing
      1. Security reference model
      2. Security service descriptions
      3. Service levels and contracts
      4. Service models and the security reference model
      5. Conclusions
    3. Chapter 8: Security and the Cloud
      1. Existing guidance
      2. Common security services
      3. Cloud deployment models
    4. Chapter 9: Security and Infrastructure as a Service
      1. IaaS and the SRM
      2. Conclusion
    5. Chapter 10: Security and Platform as a Service
      1. PaaS and the SRM
      2. Conclusion
    6. Chapter 11: Security and Software as a Service
      1. Conclusion
  10. Part Three: Conclusion
    1. Chapter 12: Looking Ahead
      1. Overview
    2. Chapter 13: Conclusion and Summary
  11. Appendix A: SRM Security Service Assignments
  12. ITG Resources