Home Page Icon
Home Page
Table of Contents for
Cover image
Close
Cover image
by Raymond Choo, Ryan Ko
The Cloud Security Ecosystem
Cover image
Title page
Table of Contents
Copyright
Dedication
Contributors
Foreword
Preface
How to Read This Book
About the Authors
List of Reviewers
Acknowledgments
Chapter 1: Cloud security ecosystem
Abstract
1 How it all started—the story of an online bookstore
2 Consolidation of terminologies and perspectives
3 The achilles’ heel—depending on a trust relationship
4 Top threats and vulnerabilities of cloud security
5 Managing cloud security risks with the deming cycle
6 Plan—threats, risk, and requirements landscape
7 Do—cloud security approaches and challenges
8 Check—forensics and incident response
9 Act—governance and auditing
10 Summary
Part 1: Plan: Threats, Risk, and Requirements Landscape
Chapter 2: Cybercrime in cloud: Risks and responses in Hong Kong, Singapore
Abstract
1 Introduction
2 Key factors shaping “response”: hong kong, singapore
3 Discussion
Chapter 3: CATRA: Conceptual cloud attack taxonomy and risk assessment framework
Abstract
1 Introduction
2 Taxonomies: a literature survey
3 Cloud attacks literature review
4 Conceptual cloud attack taxonomy and risk assessment framework
5 Example scenario: extortion by DDoS and account hijacking
6 Conclusion and future work
Chapter 4: Multitiered cloud security model
Abstract
Acknowledgments
1 Introduction
2 The problem
3 Holistic approach
4 Why develop cloud security standards and guidelines
5 Related work
6 Design considerations of multitiered cloud security
7 Benefits to stakeholders
8 MTCS standards
9 Self-disclosure
10 Certification scheme
11 Status
12 Deployment
13 Harmonization
14 Future work
15 Conclusion
Part 2: Do: Cloud Security Approaches and Challenges
Chapter 5: A guide to homomorphic encryption
Abstract
1 Introduction
2 Current industry work-arounds and their gaps
3 History and related work
4 Overview of partial homomorphic encryption schemes
5 Fully homomorphic encryption
6 Homomorphic encryption in the cloud
7 Future of homomorphic encryption and open issues
8 Alternatives to homomorphic encryption
9 Summary
Chapter 6: Protection through isolation: Virtues and pitfalls
Abstract
1 Introduction
2 Hypervisors
3 Shared networking architecture
4 Isolation-based attack surface
5 Inventory of known attacks
6 Protection strategies
7 Conclusion
Chapter 7: Protecting digital identity in the cloud
Abstract
1 Introduction
2 The rise of digital identity
3 The rise of cloud computing
4 Protecting digital identity in the era of cloud computing
5 Conclusion
Chapter 8: Provenance for cloud data accountability
Abstract
1 Introduction
2 Related work
3 Data provenance model for data accountability
4 Reconstructing the data provenance
5 Challenges
6 Future work and concluding remarks
Chapter 9: Security as a service (SecaaS)—An overview
Abstract
1 Introduction
2 Background
3 Traditional security
4 Secaas categories of service
5 Gaps identified after secaas classification
6 Future work
7 Concluding remarks
Chapter 10: Secure migration to the cloud—In and out
Abstract
1 Introduction
2 Who are cloud consumer and CSP?
3 IT-Service of a small lawyer office migrates into the cloud
4 Requirements for cloud migration
5 Rollback scenarios
6 Legal aspects
7 Challenges in cloud migration
8 Migration phases
9 Auditing
10 Summary
Chapter 11: Keeping users empowered in a cloudy Internet of Things
Abstract
1 Introduction
2 Problem space assumptions
3 Delegated authenticated authorization
4 Usage example
5 Conclusion
Chapter 12: Cloud as infrastructure for managing complex scalable business networks, privacy perspective
Abstract
1 Introduction
2 Knowledge management
3 Cloud computing overview
4 Strategies toward successful KM system
5 Modeling scalability and privacy
6 Concluding summary
Chapter 13: Psychology and security: Utilizing psychological and communication theories to promote safer cloud security behaviors
Abstract
1 Introduction
2 Communication theories
3 Cognitive psychology
4 Other relevant theories
5 Overcoming inhibitions to safer security behaviors
6 Conclusion
Suggested further readings
Part 3: Check: Forensics and Incident Response
Chapter 14: Conceptual evidence collection and analysis methodology for Android devices
Abstract
1 Introduction
2 Related work
3 An evidence collection and analysis methodology for android devices
4 Conclusion
Chapter 15: Mobile cloud forensics: An analysis of seven popular Android apps
Abstract
1 Introduction
2 Android cloud apps
3 Conclusion
Chapter 16: Recovering residual forensic data from smartphone interactions with cloud storage providers
Abstract
1 Introduction
2 Related work
3 Experiment design
4 Findings
5 Discussion
6 Conclusions and future work
Appendix A Metadata artifacts recovered dropbox service
Appendix B Metadata artifacts recovered box service
Appendix C Metadata artifacts recovered syncplicity service
Chapter 17: Integrating digital forensic practices in cloud incident handling: A conceptual Cloud Incident Handling Model
Abstract
1 Introduction
2 Background
3 Cloud incident handling model: a snapshot
4 Case study simulation: ownCloud
5 Concluding remarks
Chapter 18: Cloud security and forensic readiness: The current state of an IaaS provider
Abstract
1 Introduction
2 Review of the private IaaS provider
3 Conclusions
Chapter 19: Ubuntu One investigation: Detecting evidences on client machines
Abstract
1 Introduction
2 Related work
3 Methodology
4 Experiment setup
5 Discussion and analysis
6 Conclusion
Part 4: Act: Governance and Auditing
Chapter 20: Governance in the Cloud
Abstract
1 Why is governance important?
2 What are the questions that boards should be asking?
3 Calculating ROI
4 Auditing the cloud
5 Conclusion
Chapter 21: Computational trust methods for security quantification in the cloud ecosystem
Abstract
1 Introduction
2 Computational trust: preliminaries
3 State-of-the-art approaches tackling cloud security
4 Computational trust methods for quantifying security capabilities
5 Case studies
6 Conclusion
Acknowledgment
Appendix. proof for theorem 1
Chapter 22: Tool-based risk assessment of cloud infrastructures as socio-technical systems
Abstract
Acknowledgments
1 Introduction
2 Structure of a typical cloud infrastructure scenario
3 The TRESPASS project
4 Modeling the scenario for analysis
5 Identifying attacks
6 Risk assessment
7 Conclusion
Search in book...
Toggle Font Controls
Playlists
Add To
Create new playlist
Name your new playlist
Playlist description (optional)
Cancel
Create playlist
Sign In
Email address
Password
Forgot Password?
Create account
Login
or
Continue with Facebook
Continue with Google
Sign Up
Full Name
Email address
Confirm Email Address
Password
Login
Create account
or
Continue with Facebook
Continue with Google
Next
Next Chapter
Title page
Add Highlight
No Comment
..................Content has been hidden....................
You can't read the all page of ebook, please click
here
login for view all page.
Day Mode
Cloud Mode
Night Mode
Reset