book

The Cloud Security Ecosystem

by Raymond Choo, Ryan Ko

June 2015

Intermediate to advanced

570 pages

18h 37m

English

Syngress

Read now

Unlock full access

How to Read This Book

Abstract1 How it all started—the story of an online bookstore2 Consolidation of terminologies and perspectives3 The achilles’ heel—depending on a trust relationship4 Top threats and vulnerabilities of cloud security5 Managing cloud security risks with the deming cycle6 Plan—threats, risk, and requirements landscape7 Do—cloud security approaches and challenges8 Check—forensics and incident response9 Act—governance and auditing10 Summary
Abstract1 Introduction2 Key factors shaping “response”: hong kong, singapore3 Discussion
Abstract1 Introduction2 Taxonomies: a literature survey3 Cloud attacks literature review4 Conceptual cloud attack taxonomy and risk assessment framework5 Example scenario: extortion by DDoS and account hijacking6 Conclusion and future work
AbstractAcknowledgments1 Introduction2 The problem3 Holistic approach4 Why develop cloud security standards and guidelines5 Related work6 Design considerations of multitiered cloud security7 Benefits to stakeholders8 MTCS standards9 Self-disclosure10 Certification scheme11 Status12 Deployment13 Harmonization14 Future work15 Conclusion
Abstract1 Introduction2 Current industry work-arounds and their gaps3 History and related work4 Overview of partial homomorphic encryption schemes5 Fully homomorphic encryption6 Homomorphic encryption in the cloud7 Future of homomorphic encryption and open issues8 Alternatives to homomorphic encryption9 Summary
Abstract1 Introduction2 Hypervisors3 Shared networking architecture4 Isolation-based attack surface5 Inventory of known attacks6 Protection strategies7 Conclusion
Abstract1 Introduction2 The rise of digital identity3 The rise of cloud computing4 Protecting digital identity in the era of cloud computing5 Conclusion
Abstract1 Introduction2 Related work3 Data provenance model for data accountability4 Reconstructing the data provenance5 Challenges6 Future work and concluding remarks
Abstract1 Introduction2 Background3 Traditional security4 Secaas categories of service5 Gaps identified after secaas classification6 Future work7 Concluding remarks
Abstract1 Introduction2 Who are cloud consumer and CSP?3 IT-Service of a small lawyer office migrates into the cloud4 Requirements for cloud migration5 Rollback scenarios6 Legal aspects7 Challenges in cloud migration8 Migration phases9 Auditing10 Summary
Abstract1 Introduction2 Problem space assumptions3 Delegated authenticated authorization4 Usage example5 Conclusion
Abstract1 Introduction2 Knowledge management3 Cloud computing overview4 Strategies toward successful KM system5 Modeling scalability and privacy6 Concluding summary
Abstract1 Introduction2 Communication theories3 Cognitive psychology4 Other relevant theories5 Overcoming inhibitions to safer security behaviors6 ConclusionSuggested further readings
Abstract1 Introduction2 Related work3 An evidence collection and analysis methodology for android devices4 Conclusion
Abstract1 Introduction2 Android cloud apps3 Conclusion
Abstract1 Introduction2 Related work3 Experiment design4 Findings5 Discussion6 Conclusions and future workAppendix A Metadata artifacts recovered dropbox serviceAppendix B Metadata artifacts recovered box serviceAppendix C Metadata artifacts recovered syncplicity service
Abstract1 Introduction2 Background3 Cloud incident handling model: a snapshot4 Case study simulation: ownCloud5 Concluding remarks
Abstract1 Introduction2 Review of the private IaaS provider3 Conclusions
Abstract1 Introduction2 Related work3 Methodology4 Experiment setup5 Discussion and analysis6 Conclusion
Abstract1 Why is governance important?2 What are the questions that boards should be asking?3 Calculating ROI4 Auditing the cloud5 Conclusion
Abstract1 Introduction2 Computational trust: preliminaries3 State-of-the-art approaches tackling cloud security4 Computational trust methods for quantifying security capabilities5 Case studies6 ConclusionAcknowledgmentAppendix. proof for theorem 1
AbstractAcknowledgments1 Introduction2 Structure of a typical cloud infrastructure scenario3 The TRESPASS project4 Modeling the scenario for analysis5 Identifying attacks6 Risk assessment7 Conclusion

Content preview from The Cloud Security Ecosystem

Part 3

Check: Forensics and Incident Response

Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.

Start your free trial

Cloud security

James Bond

Cloud Computing Security

John R. Vacca

Cloud Native Security

Chris Binnie, Rory McCune

Securing the Cloud

Vic (J.R.) Winkler

Publisher Resources

ISBN: 9780128017807