Cloud Computing Security
Cloud Computing Security
Foundations and Challenges
Second Edition
Edited by
John R. Vacca
Second edition published 2021
by CRC Press
6000 Broken Sound Parkway NW, Suite 300, Boca Raton, FL 33487-2742
and by CRC Press
2 Park Square, Milton Park, Abingdon, Oxon, OX14 4RN
2021 Taylor & Francis Group, LLC
CRC Press is an imprint of Taylor & Francis Group, LLC
Reasonable efforts have been made to publish reliable data and information, but the author and publisher cannot assume responsibility for the validity of all materials or the consequences of their use. The authors and publishers have attempted to trace the copyright holders of all material reproduced in this publication and apologize to copyright holders if permission to publish in this form has not been obtained. If any copyright material has not been acknowledged please write and let us know so we may rectify in any future reprint.
Except as permitted under U.S. Copyright Law, no part of this book may be reprinted, reproduced, transmitted, or utilized in any form by any electronic, mechanical, or other means, now known or hereafter invented, including photocopying, microfilming, and recording, or in any information storage or retrieval system, without written permission from the publishers.
For permission to photocopy or use material electronically from this work, access www.copyright.com or contact the Copyright Clearance Center, Inc. (CCC), 222 Rosewood Drive, Danvers, MA 01923, 978-750-8400. For works that are not available on CCC please contact mpkbookspermissions@tandf.co.uk
Trademark notice : Product or corporate names may be trademarks or registered trademarks, and are used only for identification and explanation without intent to infringe.
ISBN: 978-0-367-15116-4 (hbk)
ISBN: 978-0-367-56033-1 (pbk)
ISBN: 978-0-429-05512-6 (ebk)
Typeset in Minion
by Deanta Global Publishing Services, Chennai, India
In memory of Michael Erbschloe (19512019)
Contents
Anna Squicciarini, Daniela Oliveira, and Dan Lin
William Stallings
Daniela Oliveira, Anna Squicciarini, and Dan Lin
Nikolaos Pitropakis, Sokratis Katsikas, and Costas Lambrinoudakis
Mario Santana
Erdal Cayirci
Michaela Iorga and Anil Karmel
Marco Cremonini
Jim Harmening and Randall DeVitto
Sabrina De Capitani Di Vimercati, Sara Foresti, and Pierangela Samarati
Sarbari Gupta
Jim Harmening and Randall Devitto
Weiyu Jiang, Jingqiang Lin, Zhan Wang, Bo Chen, and Kun Sun
Michaela Iorga and Anil Karmel
Pramod Pandya and Riad Rahmo
Pramod Pandya
Thorsten Herre
Jiawei Yuan and Shucheng Yu
Daniel S. Soper
Paolo Balboni
Reza Curtmola and Bo Chen
Shams Zawoad and Ragib Hasan
Feng-Hao Liu
Felipe E. Medina
Roberto Di Pietro, Flavio Lombardi, and Matteo Signorini
Ignazio Pedone, Daniele Canavese, and Antonio Lioy
Sarbari Gupta
Thorsten Herre
Thorsten Herre
Reza Curtmola and Bo Chen
Albert Caballero
Wen Ming Liu and Lingyu Wang
John Strand
Mohammad Kamrul Islam and Rasib Khan
I once asked an IT executive of a large telecommunications company if he had secured all of the thousands of computers that the company had. He replied: I will when I find them. That was over 25 years ago. But, it may now equally depict efforts to secure computing assets in the cloud, just as it did back then when computers were in dozens of buildings spread across the Midwest states.
Cloud computing provides a new level of convenience and ease of use. In many cases, favorable cost structures can also be realized. However, many cloud users have lost sight of the fundamentals of managing information technology assets. Thus, the out-of-sight, out-of-mind mentality that an organization can easily fall into when managing cloud assets, can increase vulnerabilities as asset control becomes more lax.
In this book, John R. Vacca addresses the fundamental issues and challenges of securing IT assets that are living in the Cloud. He provides applicable knowledge and actionable recommendations. He also provides some very sound axioms about IT asset management. For example, you need to know what you have, what it does, where it is, how it works, what needs to be done to secure it and make sure it is available when needed.
The Cloud is not a magic place where all is well. It is just like any other place where there are IT assets. I strongly recommend you read this book.
Michael Erbschloe (19512019)
Information Security Consultant
(Michael Erbschloe taught information security courses at Webster University in St. Louis, Missouri.)
Scope of Coverage
This comprehensive handbook serves as a professional reference, as well as a practitioners guide to todays most complete and concise view of cloud computing security. It offers in-depth coverage of cloud computing security theory, technology, and practice as they relate to established technologies, as well as recent advancements. It explores practical solutions to a wide range of cloud computing security issues. Individual chapters are authored by leading experts in the field and address the immediate and long-term challenges in the authors respective areas of expertise.
The primary audience for this handbook consists of engineers/scientists interested in monitoring and analyzing specific measurable cloud computing security environments, which may include: transportation and/or infrastructure systems, mechanical systems, seismic events, and underwater environments. This book will also be useful for security and related professionals interested in tactical surveillance and mobile cloud computing security target classification and tracking; other individuals with an interest in using cloud computing security to understand specific environments; those in academia, government, and industry; anyone seeking to exploit the benefits of cloud computing security technologies, including assessing the architectures, components, operation, and tools of cloud computing; and anyone involved in the security aspects of cloud computing who has introductory-level knowledge of cloud computing or equivalent experience. This comprehensive reference and practitioners guide will also be of value to students in upper-division undergraduate and graduate-level courses in cloud computing security.
Organization of This Book
This book is organized into eight sections, composed of 34 contributed chapters by leading experts in their fields, as well as five appendices, including an extensive glossary of cloud security terms and acronyms.
Section I: Introduction
Section I discusses cloud computing essentials, such as cloud computing service modelslike Software as a Service (SaaS), Platform as a Service (PaaS), Infrastructure as a Service (IaaS), and Desktop as a Service (DaaS), including public, private, virtual private, and hybrid clouds. Cyber security fundamentals and software and data segregation security are also discussed.
, Cloud Computing Essentials, sets the stage for the rest of this book by presenting insight into the main idea of cloud computing, which is to outsource the management and delivery of software and hardware resources to third-party companies (cloud providers), which specialize in that particular service and can provide much better quality of service at lower costs in a convenient fashion. In addition, the authors also present an overview of key concepts and enabling technologies of cloud computing, including virtualization, load balancing, monitoring, scalability, and elasticity.