Cloud computing : assessing the risks / Jared Carstensen, Bernard Golden, JP Morgenthal.

Format:

Book

Author/Creator:

Carstensen, Jared.

Contributor:

Golden, Bernard.

Morgenthal, JP.

Language:

English

Subjects (All):

Cloud computing.

Web services.

Physical Description:

1 online resource (297 p.)

Edition:

1st edition

Place of Publication:

Ely, Cambridgeshire : IT Governance Publishing, 2012.

Language Note:

English

System Details:

text file

Summary:

Cloud Computing: Assessing the risks answers these questions and many more. Using jargon-free language and relevant examples, analogies and diagrams, it is an up-to-date, clear and comprehensive guide the security, governance, risk, and compliance elements of Cloud Computing.

Contents:

What others are saying about this book; Foreword; About the Authors; Acknowledgements; Contents; Chapter 1: Cloud Computing Explained; The potential of Cloud Computing; Cloud Computing defined; Cloud Computing deployment models; Cloud Computing service models; Discussion of each service model; Key characteristics of Cloud Computing; Characteristic One: On-demand self-service; Implications of Characteristic One; Characteristic Two: Broad network access; Implications of Characteristic Two; Characteristic Three: Resource pooling; Implications of Characteristic Three

Characteristic Four: Rapid elasticityImplications of Characteristic Four; Characteristic Five: Measured service; Implications of Characteristic Five; Summary of Cloud Computing characteristics; Cloud Computing definition summary; What The New York Times tells us about Cloud Computing; Chapter 2: How Cloud Computing Changes Security, Governance, Risk and Compliance; Relationship between security, compliance and risk; Understanding the trust boundary; Governance, compliance and risk in a Cloud environment; Security in a Cloud Computing environment; The challenge of dynamism

The challenge of a shared environmentThe challenge of security deperimeterisation; Cloud security challenges summary; Conclusion; Chapter 3: Governance of Cloud Computing; Which governance framework is right for Cloud?; Role of the service catalogue; Dude, where's my server? (The need for policy management); Conclusion; Additional resources; Chapter 4: Cloud Computing Top Security Risks; Security - the shift from static to dynamic; Breakdown of security assumptions; Facility: Cloud provider responsibility; Facility physical infrastructure: Cloud provider responsibility

Facility computing infrastructure: Cloud provider responsibilityComputing hardware infrastructure: Cloud provider responsibility; Computing software infrastructure: Cloud provider responsibility; Computing software infrastructure: Cloud user responsibility; Operating system; Middleware; Application code; Other application components; Templates; Licensing; Conclusion; Chapter 5: Assessing Security in the Cloud; Assessing Cloud security; Peeking below the trust boundary; The challenge of evaluation; Role of certification; Certifications and audits; How certifications work

Dealing with multiple compliance standardsCloud Security Alliance; Leveraging the CSA; Overview of the CAI and CCM; Mapping the CAI and CCM to the security stack; Conclusion; Chapter 6: Cloud Computing Application Security; Identity management and role-based access controls; User identity management; Administrator identity management; Identity management conclusion; Network security; Network security conclusion; Data security; Data security conclusion; Instance security; Firewall; System services; Vulnerability assessment/penetration testing

Intrusion detection system/intrusion prevention system

Notes:

Description based upon print version of record.

Description based on online resource; title from PDF title page (ebrary, viewed October 19, 2013).

ISBN:

9781628700114

1628700114

9781849283618

1849283613

9781299468498

1299468497

9781849283601

1849283605

OCLC:

799769042