Cloud Security: A Comprehensive Guide to Secure Cloud Computing

Cloud Security: A Comprehensive Guide to Secure Cloud Computing

by Ronald L. Krutz, Russell Dean Vines
Released August 2010
Publisher(s): Wiley
ISBN: 9780470589878

Read it now on the O’Reilly learning platform with a 10-day free trial.

O’Reilly members get unlimited access to books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Book description

Product Description

Well-known security experts decipher the most challenging aspect of cloud computing-security

Cloud computing allows for both large and small organizations to have the opportunity to use Internet-based services so that they can reduce start-up costs, lower capital expenditures, use services on a pay-as-you-use basis, access applications only as needed, and quickly reduce or increase capacities. However, these benefits are accompanied by a myriad of security issues, and this valuable book tackles the most common security challenges that cloud computing faces.

The authors offer you years of unparalleled expertise and knowledge as they discuss the extremely challenging topics of data ownership, privacy protections, data mobility, quality of service and service levels, bandwidth costs, data protection, and support.

  • Begins with an overview of the fundamentals of Cloud computing, and progresses to coverage of service delivery approaches, deployment models, software as a service, platform as a service, and security governance

  • Tackles the difficult areas of data ownership, privacy protections, bandwidth costs, data protection, and more

  • Examines Cloud computing risk management, compliance and legal responsibilities of remotely stored and maintained data, life cycle management, and disaster recovery planning from the perspective of the user and the Cloud provider

  • Addresses handling of incidents and remediation, application security, encryption issues, storage, virtualization mechanisms and vulnerabilities, and access control

    • As the most current and complete guide to helping you find your way through a maze of security minefields, this book is mandatory reading if you are involved in any aspect of cloud computing.

    Table of contents

    1. Copyright
    2. About the Authors
    3. Credits
    4. Acknowledgments
    5. Foreword
    6. Introduction
      1. Overview of the Book and Technology
      2. How This Book Is Organized
      3. Who Should Read This Book
      4. Summary
    7. 1. Cloud Computing Fundamentals
      1. 1.1. What Is Cloud Computing?
        1. 1.1.1. What Cloud Computing Isn't
        2. 1.1.2. Alternative Views
      2. 1.2. Essential Characteristics
        1. 1.2.1. On-Demand Self-Service
        2. 1.2.2. BroadNetwork Access
        3. 1.2.3. Location-Independent Resource Pooling
        4. 1.2.4. Rapid Elasticity
        5. 1.2.5. Measured Service
      3. 1.3. Architectural Influences
        1. 1.3.1. High-Performance Computing
        2. 1.3.2. Utility and Enterprise Grid Computing
        3. 1.3.3. Autonomic Computing
        4. 1.3.4. Service Consolidation
        5. 1.3.5. Horizontal Scaling
        6. 1.3.6. Web Services
        7. 1.3.7. High-Scalability Architecture
      4. 1.4. Technological Influences
        1. 1.4.1. Universal Connectivity
        2. 1.4.2. Commoditization
        3. 1.4.3. Excess Capacity
        4. 1.4.4. Open-Source Software
        5. 1.4.5. Virtualization
      5. 1.5. Operational Influences
        1. 1.5.1. Consolidation
        2. 1.5.2. Outsourcing
          1. 1.5.2.1. Outsourcing Legal Issues
          2. 1.5.2.2. Business Process Outsourcing (BPO) Issues
        3. 1.5.3. IT Service Management
        4. 1.5.4. Automation
      6. 1.6. Summary
      7. 1.7. Notes
    8. 2. Cloud Computing Architecture
      1. 2.1. Cloud Delivery Models
        1. 2.1.1. The SPI Framework
          1. 2.1.1.1. SPI Evolution
          2. 2.1.1.2. The SPI Framework vs. the Traditional IT Model
        2. 2.1.2. Cloud Software as a Service (SaaS)
          1. 2.1.2.1. Benefits of the SaaS Model
        3. 2.1.3. Cloud Platform as a Service (PaaS)
        4. 2.1.4. Cloud Infrastructure as a Service (IaaS)
      2. 2.2. Cloud Deployment Models
        1. 2.2.1. Public Clouds
        2. 2.2.2. Community Clouds
        3. 2.2.3. Private Clouds
        4. 2.2.4. Hybrid Clouds
        5. 2.2.5. Alternative Deployment Models
          1. 2.2.5.1. The Linthicum Model
          2. 2.2.5.2. The Jericho Cloud Cube Model
            1. 2.2.5.2.1. Internal (I)/External (E)
            2. 2.2.5.2.2. Proprietary (P)/Open (O)
            3. 2.2.5.2.3. Perimeterized (Per)/De-perimeterized (D-p) Architectures
            4. 2.2.5.2.4. Insourced / Outsource
      3. 2.3. Expected Benefits
        1. 2.3.1. Flexibility and Resiliency
        2. 2.3.2. Reduced Costs
        3. 2.3.3. Centralization of Data Storage
        4. 2.3.4. Reduced Time to Deployment
        5. 2.3.5. Scalability
      4. 2.4. Summary
      5. 2.5. Notes
    9. 3. Cloud Computing Software Security Fundamentals
      1. 3.1. Cloud Information Security Objectives
        1. 3.1.1. Confidentiality, Integrity, and Availability
        2. 3.1.2. Confidentiality
        3. 3.1.3. Integrity
        4. 3.1.4. Availability
      2. 3.2. Cloud Security Services
        1. 3.2.1. Authentication
        2. 3.2.2. Authorization
        3. 3.2.3. Auditing
        4. 3.2.4. Accountability
      3. 3.3. Relevant Cloud Security Design Principles
        1. 3.3.1. Least Privilege
        2. 3.3.2. Separation of Duties
        3. 3.3.3. Defense in Depth
        4. 3.3.4. Fail Safe
        5. 3.3.5. Economy of Mechanism
        6. 3.3.6. Complete Mediation
        7. 3.3.7. Open Design
        8. 3.3.8. Least Common Mechanism
        9. 3.3.9. Psychological Acceptability
        10. 3.3.10. Weakest Link
        11. 3.3.11. Leveraging Existing Components
      4. 3.4. Secure Cloud Software Requirements
        1. 3.4.1. Secure Development Practices
          1. 3.4.1.1. Handling Data
          2. 3.4.1.2. Code Practices
          3. 3.4.1.3. Language Options
          4. 3.4.1.4. Input Validation and Content Injection
          5. 3.4.1.5. Physical Security of the System
        2. 3.4.2. Approaches to Cloud Software Requirements Engineering
          1. 3.4.2.1. A Resource Perspective on Cloud Software Security Requirements
          2. 3.4.2.2. Goal-Oriented Software Security Requirements
          3. 3.4.2.3. Monitoring Internal and External Requirements
        3. 3.4.3. Cloud Security Policy Implementation and Decomposition
          1. 3.4.3.1. Implementation Issues
          2. 3.4.3.2. Decomposing Critical Security Issues into Secure Cloud Software Requirements
            1. 3.4.3.2.1. Confidentiality
            2. 3.4.3.2.2. Integrity
            3. 3.4.3.2.3. Availability
            4. 3.4.3.2.4. Authentication and Identification
            5. 3.4.3.2.5. Authorization
            6. 3.4.3.2.6. Auditing
        4. 3.4.4. NIST 33 Security Principles
      5. 3.5. Secure Cloud Software Testing
        1. 3.5.1. Testing for Security Quality Assurance
          1. 3.5.1.1. Conformance Testing
          2. 3.5.1.2. Functional Testing
          3. 3.5.1.3. Performance Testing
          4. 3.5.1.4. Security Testing
            1. 3.5.1.4.1. Fault Injection
            2. 3.5.1.4.2. Source Code Fault Injection
            3. 3.5.1.4.3. Binary Fault Injection
            4. 3.5.1.4.4. Dynamic Code Analysis
            5. 3.5.1.4.5. Property-Based Testing
            6. 3.5.1.4.6. Black Box Debugging
            7. 3.5.1.4.7. Interoperability Testing
        2. 3.5.2. Cloud Penetration Testing
        3. 3.5.3. Legal and Ethical Implications
          1. 3.5.3.1. The Three Pre-Test Phases
            1. 3.5.3.1.1. Footprinting
            2. 3.5.3.1.2. Scanning
            3. 3.5.3.1.3. Enumerating
          2. 3.5.3.2. Penetration Testing Tools and Techniques
            1. 3.5.3.2.1. Port Scanners
            2. 3.5.3.2.2. Vulnerability Scanners
            3. 3.5.3.2.3. Password Crackers
            4. 3.5.3.2.4. Trojan Horses
            5. 3.5.3.2.5. Buffer Overflows
            6. 3.5.3.2.6. SQL Injection Attack
            7. 3.5.3.2.7. Cross-Site Scripting (XSS)
            8. 3.5.3.2.8. Social Engineering
        4. 3.5.4. Regression Testing
      6. 3.6. Cloud Computing and Business Continuity Planning/Disaster Recovery
        1. 3.6.1. Definitions
          1. 3.6.1.1. General Principles and Practices
          2. 3.6.1.2. Disaster Recovery Planning
            1. 3.6.1.2.1. Disaster Recovery Plan Testing
            2. 3.6.1.2.2. Management Roles
          3. 3.6.1.3. Business Continuity Planning
            1. 3.6.1.3.1. The BIA
            2. 3.6.1.3.2. The Vulnerability Assessment
        2. 3.6.2. Using the Cloud for BCP/DRP
          1. 3.6.2.1. Redundancy Provided by the Cloud
          2. 3.6.2.2. Secure Remote Access
          3. 3.6.2.3. Integration into Normal Business Processes
      7. 3.7. Summary
      8. 3.8. Notes
    10. 4. Cloud Computing Risk Issues
      1. 4.1. The CIA Triad
        1. 4.1.1. Confidentiality
        2. 4.1.2. Integrity
        3. 4.1.3. Availability
        4. 4.1.4. Other Important Concepts
      2. 4.2. Privacy and Compliance Risks
        1. 4.2.1. The Payment Card Industry Data Security Standard (PCI DSS)
        2. 4.2.2. Information Privacy and Privacy Laws
          1. 4.2.2.1. Privacy Legislation
          2. 4.2.2.2. Health Insurance Portability and Accountability Act (HIPAA)
          3. 4.2.2.3. HITECH Act
          4. 4.2.2.4. Platform for Privacy Preferences (P3P)
          5. 4.2.2.5. PATRIOT Act
          6. 4.2.2.6. Federal Information Security Management Act (FISMA)
          7. 4.2.2.7. Other Privacy-Related Acts
          8. 4.2.2.8. European Union (EU) Principles
      3. 4.3. Threats to Infrastructure, Data, and Access Control
        1. 4.3.1. Common Threats and Vulnerabilities
          1. 4.3.1.1. Logon Abuse
          2. 4.3.1.2. Inappropriate System Use
          3. 4.3.1.3. Eavesdropping
          4. 4.3.1.4. Network Intrusion
          5. 4.3.1.5. Denial-of-Service (DoS) Attacks
          6. 4.3.1.6. Session Hijacking Attacks
          7. 4.3.1.7. Fragmentation Attacks
        2. 4.3.2. Cloud Access Control Issues
          1. 4.3.2.1. Database Integrity Issues
      4. 4.4. Cloud Service Provider Risks
        1. 4.4.1. Back-Door
        2. 4.4.2. Spoofing
        3. 4.4.3. Man-in-the-Middle
        4. 4.4.4. Replay
        5. 4.4.5. TCP Hijacking
        6. 4.4.6. Social Engineering
        7. 4.4.7. Dumpster Diving
        8. 4.4.8. Password Guessing
        9. 4.4.9. Trojan Horses and Malware
      5. 4.5. Summary
      6. 4.6. Notes
    11. 5. Cloud Computing Security Challenges
      1. 5.1. Security Policy Implementation
        1. 5.1.1. Policy Types
          1. 5.1.1.1. Senior Management Statement of Policy
          2. 5.1.1.2. Regulatory Policies
          3. 5.1.1.3. Advisory Policies
          4. 5.1.1.4. Informative Policies
        2. 5.1.2. Computer Security Incident Response Team (CSIRT)
      2. 5.2. Virtualization Security Management
        1. 5.2.1. Virtual Threats
          1. 5.2.1.1. Hypervisor Risks
            1. 5.2.1.1.1. Rogue Hypervisors
            2. 5.2.1.1.2. External Modification of the Hypervisor
            3. 5.2.1.1.3. VM Escape
          2. 5.2.1.2. Increased Denial of Service Risk
        2. 5.2.2. VM Security Recommendations
          1. 5.2.2.1. Best Practice Security Techniques
            1. 5.2.2.1.1. Hardening the Host Operating System
            2. 5.2.2.1.2. Limiting Physical Access to the Host
            3. 5.2.2.1.3. Using Encrypted Communications
            4. 5.2.2.1.4. Disabling Background Tasks
            5. 5.2.2.1.5. Updating and Patching
            6. 5.2.2.1.6. Enabling Perimeter Defense on the VM
            7. 5.2.2.1.7. Implementing File Integrity Checks
            8. 5.2.2.1.8. Maintaining Backups
        3. 5.2.3. VM-Specific Security Techniques
          1. 5.2.3.1. Hardening the Virtual Machine
            1. 5.2.3.1.1. Harden the Hypervisor
            2. 5.2.3.1.2. Root Secure the Monitor
            3. 5.2.3.1.3. Implement Only One Primary Function per VM
            4. 5.2.3.1.4. Firewall Any Additional VM Ports
            5. 5.2.3.1.5. Harden the Host Domain
            6. 5.2.3.1.6. Use Unique NICs for Sensitive VMs
            7. 5.2.3.1.7. Disconnect Unused Devices
            8. 5.2.3.1.8. Additional VM Recommendations
          2. 5.2.3.2. Securing VM Remote Access
      3. 5.3. Summary
      4. 5.4. Notes
    12. 6. Cloud Computing Security Architecture
      1. 6.1. Architectural Considerations
        1. 6.1.1. General Issues
          1. 6.1.1.1. Compliance
          2. 6.1.1.2. Security Management
            1. 6.1.1.2.1. Controls
            2. 6.1.1.2.2. Complementary Actions
          3. 6.1.1.3. Information Classification
            1. 6.1.1.3.1. Information Classification Objectives
            2. 6.1.1.3.2. Information Classification Benefits
            3. 6.1.1.3.3. Information Classification Concepts
            4. 6.1.1.3.4. Classification Criteria
            5. 6.1.1.3.5. Information Classification Procedures
            6. 6.1.1.3.6. Distribution of Classified Information
          4. 6.1.1.4. Employee Termination
          5. 6.1.1.5. Security Awareness, Training, and Education
            1. 6.1.1.5.1. Security Awareness
            2. 6.1.1.5.2. Training and Education
        2. 6.1.2. Trusted Cloud Computing
          1. 6.1.2.1. Trusted Computing Characteristics
        3. 6.1.3. Secure Execution Environments and Communications
          1. 6.1.3.1. Secure Execution Environment
          2. 6.1.3.2. Secure Communications
            1. 6.1.3.2.1. APIs
            2. 6.1.3.2.2. Virtual Private Networks
            3. 6.1.3.2.3. Remote Access VPNs
            4. 6.1.3.2.4. Network-to-Network VPNs
            5. 6.1.3.2.5. VPN Tunneling
            6. 6.1.3.2.6. Public Key Infrastructure and Encryption Key Management
            7. 6.1.3.2.7. Digital Certificates
            8. 6.1.3.2.8. Directories and X.500
            9. 6.1.3.2.9. The Lightweight Directory Access Protocol
            10. 6.1.3.2.10. X.509 Certificates
            11. 6.1.3.2.11. Certificate Revocation Lists
            12. 6.1.3.2.12. Key Management
            13. 6.1.3.2.13. Key Distribution
            14. 6.1.3.2.14. Key Revocation
            15. 6.1.3.2.15. Key Recovery
            16. 6.1.3.2.16. Key Renewal
            17. 6.1.3.2.17. Key Destruction
            18. 6.1.3.2.18. Multiple Keys
            19. 6.1.3.2.19. Distributed versus Centralized Key Management
            20. 6.1.3.2.20. Further Considerations
        4. 6.1.4. Microarchitectures
      2. 6.2. Identity Management and Access Control
        1. 6.2.1. Identity Management
          1. 6.2.1.1. Passwords
          2. 6.2.1.2. Tokens
          3. 6.2.1.3. Memory Cards
          4. 6.2.1.4. Smart Cards
          5. 6.2.1.5. Biometrics
          6. 6.2.1.6. Implementing Identity Management
        2. 6.2.2. Access Control
          1. 6.2.2.1. Controls
          2. 6.2.2.2. Models for Controlling Access
            1. 6.2.2.2.1. Mandatory Access Control
            2. 6.2.2.2.2. Discretionary Access Control
            3. 6.2.2.2.3. Nondiscretionary Access Control
          3. 6.2.2.3. Single Sign-On (SSO)
      3. 6.3. Autonomic Security
        1. 6.3.1. Autonomic Systems
        2. 6.3.2. Autonomic Protection
        3. 6.3.3. Autonomic Self-Healing
      4. 6.4. Summary
      5. 6.5. Notes
    13. 7. Cloud Computing Life Cycle Issues
      1. 7.1. Standards
        1. 7.1.1. Jericho Forum
        2. 7.1.2. The Distributed Management Task Force (DMTF)
          1. 7.1.2.1. The DMTF Open Virtualization Format (OVF)
          2. 7.1.2.2. The DMTF Open Cloud Standards Incubator
        3. 7.1.3. The International Organization for Standardization (ISO)
          1. 7.1.3.1. ISO 27001
          2. 7.1.3.2. ISO 27002
          3. 7.1.3.3. ISO 27003
          4. 7.1.3.4. ISO 27004
          5. 7.1.3.5. ISO 27005
          6. 7.1.3.6. ISO 27006
          7. 7.1.3.7. International Organization for Standardization/International Electrotechnical Commission ISO/IEC 29361, ISO/IEC 29362, and ISO/IEC 29363 Standards
          8. 7.1.3.8. Distributed Application Platforms and Services
        4. 7.1.4. The European Telecommunications Standards Institute (ETSI)
        5. 7.1.5. The Organization for the Advancement of Structured Information Standards (OASIS)
        6. 7.1.6. Storage Networking Industry Association (SNIA)
        7. 7.1.7. Open Grid Forum (OGF)
        8. 7.1.8. The Open Web Application Security Project (OWASP)
          1. 7.1.8.1. OWASP Top Ten Project
          2. 7.1.8.2. OWASP Development Guide
          3. 7.1.8.3. OWASP Code Review Guide
          4. 7.1.8.4. OWASP Testing Guide
      2. 7.2. Incident Response
        1. 7.2.1. NIST Special Publication 800-61
          1. 7.2.1.1. Preparation
          2. 7.2.1.2. Detection and Analysis
          3. 7.2.1.3. Containment, Eradication, and Recovery
          4. 7.2.1.4. Post-Incident Activity
          5. 7.2.1.5. NIST Incident-Handling Summary
        2. 7.2.2. Internet Engineering Task Force Incident-Handling Guidelines
        3. 7.2.3. Layered Security and IDS
          1. 7.2.3.1. Intrusion Detection
            1. 7.2.3.1.1. Network-Based ID
            2. 7.2.3.1.2. Host-Based ID
            3. 7.2.3.1.3. Signature-Based ID
            4. 7.2.3.1.4. Statistical Anomaly-Based ID
          2. 7.2.3.2. IDS Issues
        4. 7.2.4. Computer Security and Incident Response Teams
          1. 7.2.4.1. CERT/CC
          2. 7.2.4.2. FedCIRC
          3. 7.2.4.3. Forum of Incident Response and Security Teams
        5. 7.2.5. Security Incident Notification Process
        6. 7.2.6. Automated Notice and Recovery Mechanisms
      3. 7.3. Encryption and Key Management
        1. 7.3.1. VM Architecture
        2. 7.3.2. Key Protection Countermeasures
        3. 7.3.3. Hardware Protection
        4. 7.3.4. Software-Based Protection
        5. 7.3.5. Data Deduplication
          1. 7.3.5.1. Hashing
      4. 7.4. Retirement
        1. 7.4.1. VM Life Cycle
          1. 7.4.1.1. Overwriting
          2. 7.4.1.2. Degaussing
          3. 7.4.1.3. Destruction
          4. 7.4.1.4. Record Retention
          5. 7.4.1.5. Data Remanence
          6. 7.4.1.6. Due Care and Due Diligence
          7. 7.4.1.7. Documentation Control
      5. 7.5. Summary
      6. 7.6. Notes
    14. 8. Useful Next Steps and Approaches
      1. 8.1. Getting Answers
        1. 8.1.1. What Services Should Be Moved to the Cloud?
        2. 8.1.2. What Questions Should You Ask Your Cloud Provider?
        3. 8.1.3. When Should You Use a Public, Private, or Hybrid Cloud?
      2. 8.2. Getting Help
        1. 8.2.1. Cloud Security Alliance
        2. 8.2.2. Cloud Computing Google Groups
        3. 8.2.3. Cloud Computing Interoperability Forum
        4. 8.2.4. Open Cloud Consortium
      3. 8.3. Getting Started
        1. 8.3.1. Top Ten List
          1. 8.3.1.1. Assess Your Data's Sensitivity
            1. 8.3.1.1.1. The Information Classification Process
            2. 8.3.1.1.2. Classification Criteria
            3. 8.3.1.1.3. Information Classification Procedures
          2. 8.3.1.2. Analyze the Risks vs. Benefits of Cloud Computing
            1. 8.3.1.2.1. Risk Management
            2. 8.3.1.2.2. Trade-off Analysis
            3. 8.3.1.2.3. Cloud Cube Model
          3. 8.3.1.3. Define Business Objectives
          4. 8.3.1.4. Understand the Underlying Structure of Your Network
          5. 8.3.1.5. Implement Traditional Best Practice Security Solutions
          6. 8.3.1.6. Employ Virtualization Best Practices
          7. 8.3.1.7. Prevent Data Loss with Backups
          8. 8.3.1.8. Monitor and Audit
          9. 8.3.1.9. Seek Out Advice
          10. 8.3.1.10. Employ Deception
      4. 8.4. Parting Words
      5. 8.5. Notes
    15. A. Glossary of Terms and Acronyms
    16. References

    Product information

    • Title: Cloud Security: A Comprehensive Guide to Secure Cloud Computing
    • Author(s): Ronald L. Krutz, Russell Dean Vines
    • Release date: August 2010
    • Publisher(s): Wiley
    • ISBN: 9780470589878