Securing the Cloud
Security Strategies for the Ubiquitous Data Center

This book provides solutions for securing important data stored in something as nebulous sounding as a cloud. A primer on the concepts behind security and the cloud, it explains where and how to store data and what should be avoided at all costs. It presents the views and insight of the leading experts on the state of cloud computing security and its future. It also provides no-nonsense info on cloud security technologies and models.

Securing the Cloud: Security Strategies for the Ubiquitous Data Center takes the position that cloud security is an extension of recognized, established security principles into cloud-based deployments. It explores how those principles can be put into practice to protect cloud-based infrastructure and data, traditional infrastructure, and hybrid architectures combining cloud and on-premises infrastructure.

Cloud computing is evolving so rapidly that regulations and technology have not necessarily been able to keep pace. IT professionals are frequently left to force fit pre-existing solutions onto new infrastructure and architectures for which they may be very poor fits. This book looks at how those "square peg/round hole" solutions are implemented and explains ways in which the pegs, the holes, or both may be adjusted for a more perfect fit.

Dedication

Contents

Preface

Acknowledgments

About the Authors

Chapter 1 Introduction

Chapter 2 We Need a New Model for Security

Chapter 3 The Basics of IT Security: From Mainframe to Cloud

Chapter 4 The Basics of Security Failure

Chapter 5 The Basics of Fitting Security to Situation

Chapter 6 Defining the Cloud to Protect

Chapter 7 Infrastructure as a Service

Chapter 8 Platform as a Service (PaaS)

Chapter 9 Software as a Service

Chapter 10 Virtual Desktop Infrastructure

Chapter 11 Understand Your Cloud Type

Chapter 12 Public Cloud

Chapter 13 Private Cloud

Chapter 14 Hybrid Cloud

Chapter 15 Working with Your Cloud Provider

Chapter 16 Protecting the Perimeter

Chapter 17 Protecting the Contents

Chapter 18 Protecting the Infrastructure

Chapter 19 Tie the Cloud Using an Internal Management Framework

Chapter 20 Closing Comments

Index

Curtis Franklin, Jr., is Senior Editor at Dark Reading. In addition, he works on audio and video programming for Dark Reading and contributes to activities at Interop™ ITX, Black Hat®, and other conferences. Curtis is also a co-host for the popular This Week in Enterprise Tech podcast. Curtis has been writing about technologies and products in computing and networking since the early 1980s. He has contributed to or been on staff at a number of technology-industry publications, including Information Week, Light Reading, Enterprise Efficiency, ChannelWeb, Network Computing, InfoWorld, PCWorld, Dark Reading, Circuit Cellar INK, BYTE, and ITWorld.com, on subjects ranging from mobile enterprise computing to enterprise security and wireless networking.

Curtis is the author of thousands of articles, the co-author of five books, and has been a frequent speaker at computer and networking industry conferences across North America and Europe. His most popular previous book, The Absolute Beginner’s Guide to Podcasting, with coauthor George Colombo, was published by Que Books (October 2005). His most recent book, Cloud Computing: Technologies and Strategies of the Ubiquitous Data Center, with co-author Brian Chee.

Brian J. S. Chee lives in Kaneohe, Hawaii, with his family tracing back four generations in Hawaii. An admitted generalist, starting with building IMSAI 8080s, writing assembler on punch cards for IBM 360s, and jumping into becoming one of the first 10 Novell Instructors outside of Novell, Inc. It was with the GSA Office of Information Security that he traveled the world working on secure data/video/voice communications systems for just about every three-letter agency in the book. Now, working as a researcher at the University of Hawaii School of Ocean and Earth Science and Technology (www.soest.hawaii.edu), he has gotten to work on underwater cabled observatories, autonomous underwater