You are previewing The Cloud Security Ecosystem.
O'Reilly logo
The Cloud Security Ecosystem

Book Description

Drawing upon the expertise of world-renowned researchers and experts, The Cloud Security Ecosystem comprehensively discusses a range of cloud security topics from multi-disciplinary and international perspectives, aligning technical security implementations with the most recent developments in business, legal, and international environments. The book holistically discusses key research and policy advances in cloud security – putting technical and management issues together with an in-depth treaties on a multi-disciplinary and international subject. The book features contributions from key thought leaders and top researchers in the technical, legal, and business and management aspects of cloud security. The authors present the leading edge of cloud security research, covering the relationships between differing disciplines and discussing implementation and legal challenges in planning, executing, and using cloud security.



  • Presents the most current and leading-edge research on cloud security from a multi-disciplinary standpoint, featuring a panel of top experts in the field
  • Focuses on the technical, legal, and business management issues involved in implementing effective cloud security, including case examples
  • Covers key technical topics, including cloud trust protocols, cryptographic deployment and key management, mobile devices and BYOD security management, auditability and accountability, emergency and incident response, as well as cloud forensics
  • Includes coverage of management and legal issues such as cloud data governance, mitigation and liability of international cloud deployment, legal boundaries, risk management, cloud information security management plans, economics of cloud security, and standardization efforts

Table of Contents

  1. Cover image
  2. Title page
  3. Table of Contents
  4. Copyright
  5. Dedication
  6. Contributors
  7. Foreword
  8. Preface
    1. How to Read This Book
  9. About the Authors
  10. List of Reviewers
  11. Acknowledgments
  12. Chapter 1: Cloud security ecosystem
    1. Abstract
    2. 1 How it all started—the story of an online bookstore
    3. 2 Consolidation of terminologies and perspectives
    4. 3 The achilles’ heel—depending on a trust relationship
    5. 4 Top threats and vulnerabilities of cloud security
    6. 5 Managing cloud security risks with the deming cycle
    7. 6 Plan—threats, risk, and requirements landscape
    8. 7 Do—cloud security approaches and challenges
    9. 8 Check—forensics and incident response
    10. 9 Act—governance and auditing
    11. 10 Summary
  13. Part 1: Plan: Threats, Risk, and Requirements Landscape
    1. Chapter 2: Cybercrime in cloud: Risks and responses in Hong Kong, Singapore
      1. Abstract
      2. 1 Introduction
      3. 2 Key factors shaping “response”: hong kong, singapore
      4. 3 Discussion
    2. Chapter 3: CATRA: Conceptual cloud attack taxonomy and risk assessment framework
      1. Abstract
      2. 1 Introduction
      3. 2 Taxonomies: a literature survey
      4. 3 Cloud attacks literature review
      5. 4 Conceptual cloud attack taxonomy and risk assessment framework
      6. 5 Example scenario: extortion by DDoS and account hijacking
      7. 6 Conclusion and future work
    3. Chapter 4: Multitiered cloud security model
      1. Abstract
      2. Acknowledgments
      3. 1 Introduction
      4. 2 The problem
      5. 3 Holistic approach
      6. 4 Why develop cloud security standards and guidelines
      7. 5 Related work
      8. 6 Design considerations of multitiered cloud security
      9. 7 Benefits to stakeholders
      10. 8 MTCS standards
      11. 9 Self-disclosure
      12. 10 Certification scheme
      13. 11 Status
      14. 12 Deployment
      15. 13 Harmonization
      16. 14 Future work
      17. 15 Conclusion
  14. Part 2: Do: Cloud Security Approaches and Challenges
    1. Chapter 5: A guide to homomorphic encryption
      1. Abstract
      2. 1 Introduction
      3. 2 Current industry work-arounds and their gaps
      4. 3 History and related work
      5. 4 Overview of partial homomorphic encryption schemes
      6. 5 Fully homomorphic encryption
      7. 6 Homomorphic encryption in the cloud
      8. 7 Future of homomorphic encryption and open issues
      9. 8 Alternatives to homomorphic encryption
      10. 9 Summary
    2. Chapter 6: Protection through isolation: Virtues and pitfalls
      1. Abstract
      2. 1 Introduction
      3. 2 Hypervisors
      4. 3 Shared networking architecture
      5. 4 Isolation-based attack surface
      6. 5 Inventory of known attacks
      7. 6 Protection strategies
      8. 7 Conclusion
    3. Chapter 7: Protecting digital identity in the cloud
      1. Abstract
      2. 1 Introduction
      3. 2 The rise of digital identity
      4. 3 The rise of cloud computing
      5. 4 Protecting digital identity in the era of cloud computing
      6. 5 Conclusion
    4. Chapter 8: Provenance for cloud data accountability
      1. Abstract
      2. 1 Introduction
      3. 2 Related work
      4. 3 Data provenance model for data accountability
      5. 4 Reconstructing the data provenance
      6. 5 Challenges
      7. 6 Future work and concluding remarks
    5. Chapter 9: Security as a service (SecaaS)—An overview
      1. Abstract
      2. 1 Introduction
      3. 2 Background
      4. 3 Traditional security
      5. 4 Secaas categories of service
      6. 5 Gaps identified after secaas classification
      7. 6 Future work
      8. 7 Concluding remarks
    6. Chapter 10: Secure migration to the cloud—In and out
      1. Abstract
      2. 1 Introduction
      3. 2 Who are cloud consumer and CSP?
      4. 3 IT-Service of a small lawyer office migrates into the cloud
      5. 4 Requirements for cloud migration
      6. 5 Rollback scenarios
      7. 6 Legal aspects
      8. 7 Challenges in cloud migration
      9. 8 Migration phases
      10. 9 Auditing
      11. 10 Summary
    7. Chapter 11: Keeping users empowered in a cloudy Internet of Things
      1. Abstract
      2. 1 Introduction
      3. 2 Problem space assumptions
      4. 3 Delegated authenticated authorization
      5. 4 Usage example
      6. 5 Conclusion
    8. Chapter 12: Cloud as infrastructure for managing complex scalable business networks, privacy perspective
      1. Abstract
      2. 1 Introduction
      3. 2 Knowledge management
      4. 3 Cloud computing overview
      5. 4 Strategies toward successful KM system
      6. 5 Modeling scalability and privacy
      7. 6 Concluding summary
    9. Chapter 13: Psychology and security: Utilizing psychological and communication theories to promote safer cloud security behaviors
      1. Abstract
      2. 1 Introduction
      3. 2 Communication theories
      4. 3 Cognitive psychology
      5. 4 Other relevant theories
      6. 5 Overcoming inhibitions to safer security behaviors
      7. 6 Conclusion
      8. Suggested further readings
  15. Part 3: Check: Forensics and Incident Response
    1. Chapter 14: Conceptual evidence collection and analysis methodology for Android devices
      1. Abstract
      2. 1 Introduction
      3. 2 Related work
      4. 3 An evidence collection and analysis methodology for android devices
      5. 4 Conclusion
    2. Chapter 15: Mobile cloud forensics: An analysis of seven popular Android apps
      1. Abstract
      2. 1 Introduction
      3. 2 Android cloud apps
      4. 3 Conclusion
    3. Chapter 16: Recovering residual forensic data from smartphone interactions with cloud storage providers
      1. Abstract
      2. 1 Introduction
      3. 2 Related work
      4. 3 Experiment design
      5. 4 Findings
      6. 5 Discussion
      7. 6 Conclusions and future work
      8. Appendix A Metadata artifacts recovered dropbox service
      9. Appendix B Metadata artifacts recovered box service
      10. Appendix C Metadata artifacts recovered syncplicity service
    4. Chapter 17: Integrating digital forensic practices in cloud incident handling: A conceptual Cloud Incident Handling Model
      1. Abstract
      2. 1 Introduction
      3. 2 Background
      4. 3 Cloud incident handling model: a snapshot
      5. 4 Case study simulation: ownCloud
      6. 5 Concluding remarks
    5. Chapter 18: Cloud security and forensic readiness: The current state of an IaaS provider
      1. Abstract
      2. 1 Introduction
      3. 2 Review of the private IaaS provider
      4. 3 Conclusions
    6. Chapter 19: Ubuntu One investigation: Detecting evidences on client machines
      1. Abstract
      2. 1 Introduction
      3. 2 Related work
      4. 3 Methodology
      5. 4 Experiment setup
      6. 5 Discussion and analysis
      7. 6 Conclusion
  16. Part 4: Act: Governance and Auditing
    1. Chapter 20: Governance in the Cloud
      1. Abstract
      2. 1 Why is governance important?
      3. 2 What are the questions that boards should be asking?
      4. 3 Calculating ROI
      5. 4 Auditing the cloud
      6. 5 Conclusion
    2. Chapter 21: Computational trust methods for security quantification in the cloud ecosystem
      1. Abstract
      2. 1 Introduction
      3. 2 Computational trust: preliminaries
      4. 3 State-of-the-art approaches tackling cloud security
      5. 4 Computational trust methods for quantifying security capabilities
      6. 5 Case studies
      7. 6 Conclusion
      8. Acknowledgment
      9. Appendix. proof for theorem 1
    3. Chapter 22: Tool-based risk assessment of cloud infrastructures as socio-technical systems
      1. Abstract
      2. Acknowledgments
      3. 1 Introduction
      4. 2 Structure of a typical cloud infrastructure scenario
      5. 3 The TRE<sub xmlns="http://www.w3.org/1999/xhtml" xmlns:epub="http://www.idpf.org/2007/ops">S</sub>PASS projectPASS project
      6. 4 Modeling the scenario for analysis
      7. 5 Identifying attacks
      8. 6 Risk assessment
      9. 7 Conclusion
  17. Index