Cloud computing is an emerging yet revolutionary technology that has been changing the way people live and work. However, with the continuous growth of cloud computing and related services, security and privacy has become a critical issue. Written by some of the top experts in the field, this book specifically discusses security and privacy of the cloud, as well as the digital forensics of cloud data, applications, and services. The first half of the book enables readers to have a comprehensive understanding and background of cloud security, which will help them through the digital investigation guidance and recommendations found in the second half of the book.

Part One of Security, Privacy and Digital Forensics in the Cloud covers cloud infrastructure security; confidentiality of data; access control in cloud IaaS; cloud security and privacy management; hacking and countermeasures; risk management and disaster recovery; auditing and compliance; and security as a service (SaaS). Part Two addresses cloud forensics – model, challenges, and approaches; cyberterrorism in the cloud; digital forensic process and model in the cloud; data acquisition; digital evidence management, presentation, and court preparation; analysis of digital evidence; and forensics as a service (FaaS).

Thoroughly covers both security and privacy of cloud and digital forensics
Contributions by top researchers from the U.S., the European and other countries, and professionals active in the field of information and network security, digital and computer forensics, and cloud and big data
Of interest to those focused upon security and implementation, and incident management
Logical, well-structured, and organized to facilitate comprehension

Security, Privacy and Digital Forensics in the Cloud is an ideal book for advanced undergraduate and master's-level students in information systems, information technology, computer and network forensics, as well as computer science. It can also serve as a good reference book for security professionals, digital forensics practitioners and cloud service providers.

Frequently asked questions

Simply head over to the account section in settings and click on “Cancel Subscription” - it’s as simple as that. After you cancel, your membership will stay active for the remainder of the time you’ve paid for. Learn more here.

At the moment all of our mobile-responsive ePub books are available to download via the app. Most of our PDFs are also available to download and we're working on making the final remaining ones downloadable now. Learn more here.

Both plans give you full access to the library and all of Perlego’s features. The only differences are the price and subscription period: With the annual plan you’ll save around 30% compared to 12 months on the monthly plan.

We are an online textbook subscription service, where you can get access to an entire online library for less than the price of a single book per month. With over 1 million books across 1000+ topics, we’ve got you covered! Learn more here.

Look out for the read-aloud symbol on your next book to see if you can listen to it. The read-aloud tool reads text aloud for you, highlighting the text as it is being read. You can pause it, speed it up and slow it down. Learn more here.

Yes, you can access Security, Privacy, and Digital Forensics in the Cloud by Lei Chen, Hassan Takabi, Nhien-An Le-Khac in PDF and/or ePUB format, as well as other popular books in Computer Science & Computer Networking. We have over one million books available in our catalogue for you to explore.

Information

Publisher

Wiley

Year

2019

ISBN

9781119053378

Edition

Topic

Computer Science

Subtopic

Computer Networking

Index

Computer Science

Part I
Cloud Security and Privacy

1
Introduction to the Cloud and Fundamental Security and Privacy Issues of the Cloud

Hassan Takabi¹ and Mohammad GhasemiGol²

¹Department of Computer Science and Engineering, University of North Texas, Denton, TX, USA

²Department of Computer Engineering, University of Birjand, Birjand, Iran

1.1 Introduction

Cloud computing is the most popular paradigm in the computer world that provides on‐demand computing and storage capabilities to consumers over the Internet. However, these benefits may result in serious security issues such as data breaches, computation breaches, flooding attacks, etc. On the other hand, the whole IT infrastructure is under the control of the cloud provider, and cloud consumers have to trust the security‐protection mechanisms that are offered by service providers. Therefore, security concerns should be considered to improve the assurance of required security for cloud customers.

The key security constructs in the cloud environment are information, identity, and infrastructure. Cloud information flows into the physical infrastructure from many users across different devices and geographies. The objective of information security is to protect information as well as information systems from unauthorized access, use, disclosure, disruption, modification, or destruction (Winkler 2011). In other words, at the heart of any information security system is the requirement to protect the confidentiality, integrity, and availability of data. It is important to thoroughly understand your organization's security policies in order to implement standards in a cloud environment that will form your security framework (Steiner and Khiabani 2012). Data governance concerns commonly arise in the areas of IP protection, regulatory governance, industry compliance requirements, and data mobility. A consistent set of policies is needed for compliance and governance across cloud platforms that IT may not always control. These policies are required for identifying sensitive information; controlling its transmission, storage, and use in the Cloud; and sharing it among users and devices. These policies must be consistently enforced across private and public clouds, and physical infrastructure. Traditionally, IT has used enterprise identity to control user access and entitlement to a variety of on‐premises information and application assets. This principle must be extended to identities at cloud service providers, controlling what information employees can access in which clouds, from which devices, and in which locations.

This chapter provides an introduction to the Cloud and its fundamental security and privacy issues. We start with a background of cloud computing and security issues in Section 1.2. In Section 1.3, we briefly discuss identity security in cloud computing. Cloud information security issues are investigated in Section 1.4. In Section 1.5, we discuss some cloud security standards. Finally, conclusions are drawn in Section 1.6.

1.2 Cloud Computing and Security Issues

The US National Institute of Standards and Technology ( NIST ) defines cloud computing as follows: “Cloud computing is a model for enabling ubiquitous, convenient, on‐demand network access to a shared pool of configurable computing resources (e.g. networks, servers, storage, applications, and services) that can be rapidly provisioned and released with minimal management effort or service provider interaction. This cloud model is composed of five essential characteristics, three service models, and four deployment models (Mell and Grance 2011).”

NIST defines five major actors: cloud consumer, cloud provider, cloud auditor, cloud broker, and cloud carrier (Hogan et al. 2011):

Cloud consumer – A person or organization that maintains a business relationship with and uses services offered by cloud providers.
Cloud provider – A person, organization, or entity responsible for offering various services to cloud consumers.
Cloud auditor – A party that can conduct independent assessments of cloud services, information system operations, performance, and security of cloud implementations.
Cloud broker – An entity that manages the use, performance, and delivery of cloud services, and negotiates relationships between cloud providers and cloud consumers.
Cloud carrier – The intermediary that provides connectivity and transport of cloud services from cloud providers to cloud consumers.

There are three service‐delivery models and four deployment models in the cloud environment. As shown in Figure 1.1, cloud providers offer Infrastructure‐as‐a‐Service ( IaaS ), Platform‐as‐a‐Service ( PaaS ), and Software‐as‐a‐Service (SaaS) as three fundamental services (Hashizume 2013; Mell and Grance 2011):

Infrastructure‐as‐a‐Service – IaaS is the most basic cloud service model, where cloud providers offer servers, storage, and network, typically in the form of virtual appliances. Consumers can deploy and run any software such as operating systems and applications. IaaS providers are responsible for the underlying infrastructure including housing, running, and maintaining these resources, while consumers are responsible for maintaining the operating system and their applications. Amazon Elastic Compute Cloud (EC2, http://aws.amazon.com/ec2)), Eucalyptus (http://www8.hp.com/us/en/cloud/helion‐eucalyptus.html), and OpenNebula (http://opennebula.org) are some examples of IaaS providers.
Platform‐as‐a‐Service – In PaaS, providers offer environments for developing, deploying, hosting, and testing software applications. Typically, it includes programming languages, databases, libraries, and other development tools. Consumers are not responsible for the underlying infrastructure, operating systems, or storage, but they are responsible for their deployed applications. Examples of PaaS providers include Microsoft Azure (https://azure.microsoft.com/en‐us), Force.com (http://www.force.com), and Google App Engine (https://cloud.google.com/appengine).
Software‐as‐a‐Service – In SaaS, cloud providers offer applications on demand that are hosted on the Cloud and can be accessed through thin clients. Consumers do not manage or control the underlying infrastructure. Some SaaS applications allow limited user‐specific customization. Examples of SaaS providers include Salesforce.com's Customer Relationship Management (CRM, www.salesforce.com) and FreshBooks (www.freshbooks.com).

Image described by caption and surrounding text. — **Figure 1.1** Cloud components in the different types of cloud services.

The four cloud deployment models are briefly described as follows (Mell and Grance 2011):

Public cloud – A public cloud is deployed by an organization that offers various services to the general public over the Internet. The infrastructure is owned and managed by the service provider, and it is located in the provider's facilities. Cloud providers are responsible for the installation, management, provisioning, and maintenance of the cloud services. Users' data is stored and processed in the Cloud, which may raise security and privacy issues. It exists on the premises of the cloud provider.
Private cloud – A private cloud is deployed for a single organization and is dedicated entirely to that organization's internal users. The private cloud resides in the organization's facilities; however, it can be hosted and managed by a third‐party provider. The private cloud can be owned, managed, and operated by the organization, a third party, or some combination of them, and it may exist on or off premises, so that data security and availability can be controlled by each of them.
Community cloud – A community cloud is deployed for a specific community of consumers from organizations that share common computing concerns. It may be owned, managed, and operated by one or more of the organization's members, a third party, or so...

Cover
Table of Contents
List of Contributors
Part I: Cloud Security and Privacy
Part II: Cloud Forensics
Index
End User License Agreement