With Cloud Security and Privacy, you'll learn what's at stake when you trust your data to the cloud, and what you can do to keep your virtual infrastructure and web applications secure. Ideal for IT staffers, information security and privacy practitioners, business managers, service providers, and investors alike, this book offers you sound advice from three well-known authorities in the tech security world. You'll learn detailed information on cloud computing security that-until now-has been sorely lacking. Review the current state of data security and storage in the cloud, including confidentiality, integrity, and availability Learn about the identity and access management IAM practice for authentication, authorization, and auditing of the users accessing cloud services Discover which security management frameworks and standards are relevant for the cloud Understand the privacy aspects you need to consider in the cloud, including how they compare with traditional computing models Learn the importance of audit and compliance functions within the cloud, and the various standards and frameworks to consider Examine security delivered as a service-a different facet of cloud security.
Additional Product Features Dewey Edition. Show More Show Less. Any Condition Any Condition. See all 9.
- Join Kobo & start eReading today?
- Opportunities and Challenges of Cloud Computing to Improve Health Care Services.
- Effects of War on the Environment: Croatia.
Compare similar products. You Are Viewing. No ratings or reviews yet. Be the first to write a review. Best Selling in Nonfiction See all. Permanent Record by Edward Snowden , Hardcover 1. Since the cloud is a shared environment with other tenants following penetration testing rules of engagement step-by-step is a mandatory requirement.
Violation of acceptable use policy which can lead to termination of the service. A number of security threats are associated with cloud data services: not only traditional security threats, such as network eavesdropping, illegal invasion, and denial of service attacks, but also specific cloud computing threats, such as side channel attacks, virtualization vulnerabilities, and abuse of cloud services. The following security requirements limit the threats. Data confidentiality is the property that data contents are not made available or disclosed to illegal users. Outsourced data is stored in a cloud and out of the owners' direct control.
Only authorized users can access the sensitive data while others, including CSPs, should not gain any information of the data. Meanwhile, data owners expect to fully utilize cloud data services, e. Access controllability means that a data owner can perform the selective restriction of access to their data outsourced to the cloud.
Legal users can be authorized by the owner to access the data, while others can not access it without permissions. Further, it is desirable to enforce fine-grained access control to the outsourced data, i. The access authorization must be controlled only by the owner in untrusted cloud environments. Data integrity demands maintaining and assuring the accuracy and completeness of data.
A data owner always expects that her or his data in a cloud can be stored correctly and trustworthily. It means that the data should not be illegally tampered, improperly modified, deliberately deleted, or maliciously fabricated. If any undesirable operations corrupt or delete the data, the owner should be able to detect the corruption or loss. Further, when a portion of the outsourced data is corrupted or lost, it can still be retrieved by the data users.
Some advanced encryption algorithms which have been applied into cloud computing increase the protection of privacy. In a practice called crypto-shredding , the keys can simply be deleted when there is no more use of the data. Attribute-based encryption is a type of public-key encryption in which the secret key of a user and the ciphertext are dependent upon attributes e. In such a system, the decryption of a ciphertext is possible only if the set of attributes of the user key matches the attributes of the ciphertext. In the KP-ABE, attribute sets are used to describe the encrypted texts and the private keys are associated to specified policy that users will have.
Fully homomorphic encryption allows computations on encrypted data, and also allows computing sum and product for the encrypted data without decryption. Searchable encryption is a cryptographic system which offer secure search functions over encrypted data. In order to improve search efficiency, symmetric-key SE generally builds keyword indexes to answer user queries. Numerous laws and regulations pertain to the storage and use of data. Similar laws may apply in different legal jurisdictions and may differ quite markedly from those enforced in the US.
Cloud service users may often need to be aware of the legal and regulatory differences between the jurisdictions. Software-as-a-Service SaaS is the delivery of applications-as-a-service, probably the version of cloud computing that most people are used to on a day-to-day basis. The underlying hardware and operating system is irrelevant to the end user, who will access the service via a web browser or app; it is often bought on a per-seat or per-user basis. SaaS spending is made up of applications and system infrastructure software, and IDC said that spending will be dominated by applications purchases, which will make up more than half of all public cloud spending through The exact benefits will vary according to the type of cloud service being used but, fundamentally, using cloud services means companies not having to buy or maintain their own computing infrastructure.
No more buying servers, updating applications or operating systems, or decommissioning and disposing of hardware or software when it is out of date, as it is all taken care of by the supplier. For commodity applications, such as email, it can make sense to switch to a cloud provider, rather than rely on in-house skills. A company that specializes in running and securing these services is likely to have better skills and more experienced staff than a small business could afford to hire, so cloud services may be able to deliver a more secure and efficient service to end users.
Using cloud services means companies can move faster on projects and test out concepts without lengthy procurement and big upfront costs, because firms only pay for the resources they consume. This concept of business agility is often mentioned by cloud advocates as a key benefit. The ability to spin up new services without the time and effort associated with traditional IT procurement should mean that is easier to get going with new applications faster.
And if a new application turns out to be a wildly popular the elastic nature of the cloud means it is easier to scale it up fast. For a company with an application that has big peaks in usage, for example that is only used at a particular time of the week or year, it may make financial sense to have it hosted in the cloud, rather than have dedicated hardware and software laying idle for much of the time. Moving to a cloud hosted application for services like email or CRM could remove a burden on internal IT staff, and if such applications don't generate much competitive advantage, there will be little other impact.
Moving to a services model also moves spending from capex to opex, which may be useful for some companies. Cloud computing is not necessarily cheaper than other forms of computing, just as renting is not always cheaper than buying in the long term.
Please review our terms of service to complete your newsletter subscription.
If an application has a regular and predictable requirement for computing services it may be more economical to provide that service in-house. Some companies may be reluctant to host sensitive data in a service that is also used by rivals. Moving to a SaaS application may also mean you are using the same applications as a rival, which may make it hard to create any competitive advantage if that application is core to your business. While it may be easy to start using a new cloud application, migrating existing data or apps to the cloud may be much more complicated and expensive.
And it seems there is now something of a shortage in cloud skills with staff with DevOps and multi-cloud monitoring and management knowledge in particularly short supply. In one recent report a significant proportion of experienced cloud users said that they thought upfront migration costs ultimately outweigh the long-term savings created by IaaS.
Cloud computing tends to shift spending from capital expenditure CapEx to operating expenditure OpEx as companies buy computing as a service rather than in the form of physical servers. This may allow companies to avoid large increases in IT spending which would traditionally be seen with new projects; using the cloud to make room in the budget may be easier than going to the CFO and looking for more money. Of course, this doesn't mean that cloud computing is always or necessarily cheaper that keeping applications in house; for applications with a predictable and stable demand for computing power may be cheaper from a processing power point of view at least to keep in-house.
To build a business case for moving systems to the cloud you first need to understand what your existing infrastructure actually costs.
IJCA - Cloud Security: Theory and Practice
There's a lot to factor in: obvious things like the cost of running a data centers, and extras such as leased lines. The cost of physical hardware -- servers and details of specifications like CPUs, cores and RAM, plus the cost of storage. You'll also need to calculate the cost of applications -- whether you plan to dump them, re-hosting them in the cloud unchanged, completely rebuilding them for the cloud or buying an entirely new SaaS package each option will have different cost implications. The cloud business case also needs to include people costs often second only to the infrastructure costs and more nebulous concepts like the benefit of being able to provide new services faster.
Any cloud business case should also factor in the potential downsides, including the risk of being locked into one vendor for your tech infrastructure.
Cloud computing security
It's hard to get figures on how companies are adopting cloud services although the market is clearly growing rapidly. However, it may be that figures on adoption of cloud depend on who you talk to inside an organisation. Not all cloud spending will be driven centrally by the CIO: cloud services are relatively easy to sign up for, so business managers can start using them, and pay out of their own budget, without needing to inform the IT department.
This can enable businesses to move faster but also can create security risks if the use of apps is not managed. Adoption will also vary by application: cloud-based email -- is much easier to adopt than a new finance system for example. Research by Spiceworks suggests that companies are planning to invest in cloud-based communications and collaboration tools and back-up and disaster recovery, but are less likely to be investing in supply chain management.
Certainly many companies remain concerned about the security of cloud services, although breaches of security are rare. How secure you consider cloud computing to be will largely depend on how secure your existing systems are.
Join Kobo & start eReading today
In-house systems managed by a team with many other things to worry about are likely to be more leaky than systems monitored by a cloud provider's engineers dedicated to protecting that infrastructure. However, concerns do remain about security, especially for companies moving their data between many cloud services, which has leading to growth in cloud security tools , which monitor data moving to and from the cloud and between cloud platforms. These tools can identify fraudulent use of data in the cloud, unauthorised downloads, and malware.
The country of origin of cloud services is also worrying some organisations see Is geography irrelevant when it comes to cloud computing? Public cloud is the classic cloud computing model, where users can access a large pool of computing power over the internet whether that is IaaS, PaaS, or SaaS. One of the significant benefits here is the ability to rapidly scale a service. The cloud computing suppliers have vast amounts of computing power, which they share out between a large number of customers -- the 'multi-tenant' architecture.
Their huge scale means they have enough spare capacity that they can easily cope if any particular customer needs more resources, which is why it is often used for less-sensitive applications that demand a varying amount of resources. Private cloud allows organizations to benefit from the some of the advantages of public cloud -- but without the concerns about relinquishing control over data and services, because it is tucked away behind the corporate firewall.
Companies can control exactly where their data is being held and can build the infrastructure in a way they want -- largely for IaaS or PaaS projects -- to give developers access to a pool of computing power that scales on-demand without putting security at risk. However, that additional security comes at a cost, as few companies will have the scale of AWS, Microsoft or Google, which means they will not be able to create the same economies of scale.
Still, for companies that require additional security, private cloud may be a useful stepping stone, helping them to understand cloud services or rebuild internal applications for the cloud, before shifting them into the public cloud. Cloud computing is insatiably gobbling up more of the backend services that power businesses. But, some companies have apps with privacy, security, and regulatory demands that preclude the cloud.
Here's how to find the right mix of public cloud and private cloud. Hybrid cloud is perhaps where everyone is in reality: a bit of this, a bit of that. Some data in the public cloud, some projects in private cloud, multiple vendors and different levels of cloud usage. According to research by TechRepublic, the main reasons for choosing hybrid cloud include disaster recovery planning and the desire to avoid hardware costs when expanding their existing data center.
For start-ups who plan to run all their systems in the cloud getting started is pretty simple. But the majority of companies it is not so simple: with existing applications and data they need to work out which systems are best left running as they, and which to start moving them to cloud infrastructure. This is a potentially risky and expensive move, and migrating to the cloud could cost companies more if they underestimate the scale of such projects.
A survey of businesses that were early cloud adopters found that the need to rewrite applications to optimise them for the cloud was one of the biggest costs, especially if the apps were complex or customised. A third of those surveyed said cited high fees for passing data between systems as a challenge in moving their mission-critical applications. The report by Forrester also found that the skills required for migration are both difficult and expensive to find -- and that even when organisations could find the right people they risked them being stolen away by cloud computing vendors with deep pockets.
- Cloud computing security - LIMSWiki?
- Shop by category.
- Ghastly Glass.
- Singapore and the Silk Road of the Sea, 1300–1800.
- Workhorse: Panzer III in North Africa.
One third of those surveyed said their software database license costs drastically increased if they moved applications. Beyond this the majority also remained worried about the performance of critical apps and one in three cited this as a reason for not moving some critical applications. Actually it turns out that is where the cloud really does matter; indeed geopolitics is forcing significant changes on cloud computing user and vendors.
Firstly, there is the issue of latency: if the application is coming from a data center on the other side of the planet, or on the other side of a congested network, then you may find it sluggish compared to a local connection.