2nd Edition
Cloud Computing Security Foundations and Challenges
This handbook offers a comprehensive overview of cloud computing security technology and implementation while exploring practical solutions to a wide range of cloud computing security issues. As more organizations use cloud computing and cloud providers for data operations, the need for proper security in these and other potentially vulnerable areas has become a global priority for organizations of all sizes. Research efforts from academia and industry, as conducted and reported by experts in all aspects of security related to cloud computing, are gathered within one reference guide.
Features
• Covers patching and configuration vulnerabilities of a cloud server
• Evaluates methods for data encryption and long-term storage in a cloud server
• Demonstrates how to verify identity using a certificate chain and how to detect inappropriate changes to data or system configurations
John R. Vacca is an information technology consultant and internationally known author of more than 600 articles in the areas of advanced storage, computer security, and aerospace technology. John was also a configuration management specialist, computer specialist, and the computer security official (CSO) for NASA’s space station program (Freedom) and the International Space Station Program from 1988 until his retirement from NASA in 1995.
Section I Introduction
Chapter 1 ▪ Cloud Computing Essentials 3
Anna Squicciarini, Daniela Oliveira, and Dan Lin
Chapter 2 ▪ An Overview of Cloud Computing 13
William Stallings
Chapter 3 ▪ Cloud Security Baselines 31
Daniela Oliveira, Anna Squicciarini, and Dan Lin
Chapter 4 ▪ Cloud Security, Privacy and Trust Baselines 45
Nikolaos Pitropakis, Sokratis Katsikas, and Costas Lambrinoudakis
Chapter 5 ▪ Infrastructure as a Service (IaaS) 65
Mario Santana
Section II Risk Analysis and Division of Responsibility
Chapter 6 ▪ Risk and Trust As ess ment: Schemes for Cloud Services 73
Erdal Cayirci
Chapter 7 ▪ Managing Risk in the Cloud 85
Michaela Iorga and Anil Karmel
Chapter 8 ▪ Cloud Security Risk Management 95
Marco Cremonini
Chapter 9 ▪ Secure Cloud Risk Management: Risk Mitigation Methods 115
Jim Harmening and Randall DeVitto
Section III Securing the Cloud Infrastructure
Chapter 10 ▪ Specification and Enforcement of Access Policies in Emerging Scenarios 129
Sabrina De Capitani di Vimercati, Sara Foresti, and Pierangela Samarati
Chapter 11 ▪ Cryptographic Key Management for Data Protection 151
Sarbari Gupta
Chapter 12 ▪ Cloud Security Access Control: Distributed Access Control 157
Jim Harmening and Randall DeVitto
Chapter 13 ▪ Cloud Security Key Management: Cloud User Controls 167
Weiyu Jiang, Jingqiang Lin, Zhan Wang, Bo Chen, and Kun Sun
Chapter 14 ▪ Cloud Computing Security Ess entials and Architecture 195
Michaela Iorga and Anil Karmel
Chapter 15 ▪ Cloud Computing Architecture and Security Concepts 213
Pramod Pandya and Riad Rahmo
Chapter 16 ▪ Secure Cloud Architecture 225
Pramod Pandya
Section IV Operating System and Network Security
Chapter 17 ▪ Locking Down Cloud Servers 237
Thorsten Herre
Chapter 18 ▪ Third-Party Providers Integrity Assurance for Data Outsourcing 255
Jiawei Yuan and Shucheng Yu
Section V Meeting Compliance Requirements
Chapter 19 ▪ Negotiating Cloud Security Requirements with Vendors 271
Daniel S. Soper
Chapter 20 ▪ Managing Legal Compliance in the Cloud: Understanding Contractual and
Personal Data Protection Requirements 283
Paolo Balboni
Chapter 21 ▪ Integrity Assurance for Data Outsourcing 299
Reza Curtmola and Bo Chen
Chapter 22 ▪ Secure Computation Outsourcing 311
Shams Zawoad and Ragib Hasan
Chapter 23 ▪ Computation Over Encrypted Data 329
Feng-Hao Liu
Chapter 24 ▪ Trusted Computing Technology 347
Felipe E. Medina
Chapter 25 ▪ Technology for Trusted Cloud Security: Survey and Open Issues 357
Roberto Di Pietro, Flavio Lombardi, and Matteo Signorini
Chapter 26 ▪ Trusted Computing Technology and Proposals for Resolving Cloud Computing
Security Problems 373
Ignazio Pedone, Daniele Canavese, and Antonio Lioy
Chapter 27 ▪ Assuring Compliance with Government Certification and Accreditation Regulations 387
Sarbari Gupta
Chapter 28 ▪ Government Certification, Accreditation, Regulations, and Compliance Risks 395
Thorsten Herre
Section VI Preparing for Disaster Recovery
Chapter 29 ▪ Simplifying Secure Cloud Computing Environments with Cloud Data Centers 411
Thorsten Herre
Chapter 30 ▪ Availability, Recovery, and Auditing across Data Centers 425
Reza Curtmola and Bo Chen
Section VII Advanced Cloud Computing Security
Chapter 31 ▪ Advanced Security Architecture for Cloud Computing 443
Albert Caballero
Chapter 32 ▪ Side-Channel Attacks and Defenses on Cloud Traffic 463
Wen Ming Liu and Lingyu Wang
Chapter 33 ▪ Clouds Are Evil 477
John Strand
Chapter 34 ▪ Future Directions in Cloud Computing Security: Risks and Challenges 489
Mohammad Kamrul Islam and Rasib Khan
Biography
John Vacca is an information technology consultant and internationally-
known author of more than 600 articles in the areas of advanced
storage, computer security and aerospace technology. John was also
a conguration management specialist, computer specialist, and the
computer security ofcial (CSO) for NASA's space station program
(Freedom) and the International Space Station Program, from 1988
until his retirement from NASA in 1995.
