Table of Contents
Chapter 1: Cloud security ecosystem
1 How it all started—the story of an online bookstore
2 Consolidation of terminologies and perspectives
3 The achilles’ heel—depending on a trust relationship
4 Top threats and vulnerabilities of cloud security
5 Managing cloud security risks with the deming cycle
6 Plan—threats, risk, and requirements landscape
7 Do—cloud security approaches and challenges
8 Check—forensics and incident response
Part 1: Plan: Threats, Risk, and Requirements Landscape
Chapter 2: Cybercrime in cloud: Risks and responses in Hong Kong, Singapore
2 Key factors shaping “response”: hong kong, singapore
Chapter 3: CATRA: Conceptual cloud attack taxonomy and risk assessment framework
2 Taxonomies: a literature survey
3 Cloud attacks literature review
4 Conceptual cloud attack taxonomy and risk assessment framework
5 Example scenario: extortion by DDoS and account hijacking
Chapter 4: Multitiered cloud security model
4 Why develop cloud security standards and guidelines
6 Design considerations of multitiered cloud security
Part 2: Do: Cloud Security Approaches and Challenges
Chapter 5: A guide to homomorphic encryption
2 Current industry work-arounds and their gaps
4 Overview of partial homomorphic encryption schemes
5 Fully homomorphic encryption
6 Homomorphic encryption in the cloud
7 Future of homomorphic encryption and open issues
8 Alternatives to homomorphic encryption
Chapter 6: Protection through isolation: Virtues and pitfalls
3 Shared networking architecture
4 Isolation-based attack surface
Chapter 7: Protecting digital identity in the cloud
2 The rise of digital identity
4 Protecting digital identity in the era of cloud computing
Chapter 8: Provenance for cloud data accountability
3 Data provenance model for data accountability
4 Reconstructing the data provenance
6 Future work and concluding remarks
Chapter 9: Security as a service (SecaaS)—An overview
4 Secaas categories of service
5 Gaps identified after secaas classification
Chapter 10: Secure migration to the cloud—In and out
2 Who are cloud consumer and CSP?
3 IT-Service of a small lawyer office migrates into the cloud
4 Requirements for cloud migration
7 Challenges in cloud migration
Chapter 11: Keeping users empowered in a cloudy Internet of Things
3 Delegated authenticated authorization
4 Strategies toward successful KM system
5 Modeling scalability and privacy
5 Overcoming inhibitions to safer security behaviors
Part 3: Check: Forensics and Incident Response
Chapter 14: Conceptual evidence collection and analysis methodology for Android devices
3 An evidence collection and analysis methodology for android devices
Chapter 15: Mobile cloud forensics: An analysis of seven popular Android apps
Appendix A Metadata artifacts recovered dropbox service
Appendix B Metadata artifacts recovered box service
Appendix C Metadata artifacts recovered syncplicity service
3 Cloud incident handling model: a snapshot
4 Case study simulation: ownCloud
Chapter 18: Cloud security and forensic readiness: The current state of an IaaS provider
2 Review of the private IaaS provider
Chapter 19: Ubuntu One investigation: Detecting evidences on client machines
Part 4: Act: Governance and Auditing
Chapter 20: Governance in the Cloud
1 Why is governance important?
2 What are the questions that boards should be asking?
Chapter 21: Computational trust methods for security quantification in the cloud ecosystem
2 Computational trust: preliminaries
3 State-of-the-art approaches tackling cloud security
4 Computational trust methods for quantifying security capabilities
Chapter 22: Tool-based risk assessment of cloud infrastructures as socio-technical systems
2 Structure of a typical cloud infrastructure scenario