Skip to main content

Über dieses Buch

This book analyzes the latest advances in privacy, security and risk technologies within cloud environments. With contributions from leading experts, the text presents both a solid overview of the field and novel, cutting-edge research. A Glossary is also included at the end of the book. Topics and features: considers the various forensic challenges for legal access to data in a cloud computing environment; discusses privacy impact assessments for the cloud, and examines the use of cloud audits to attenuate cloud security problems; reviews conceptual issues, basic requirements and practical suggestions for provisioning dynamically configured access control services in the cloud; proposes scoped invariants as a primitive for analyzing a cloud server for its integrity properties; investigates the applicability of existing controls for mitigating information security risks to cloud computing environments; describes risk management for cloud computing from an enterprise perspective.



Introduction to the Issues


Chapter 1. Privacy, Security and Trust in Cloud Computing

Cloud computing refers to the underlying infrastructure for an emerging model of service provision that has the advantage of reducing cost by sharing computing and storage resources, combined with an on-demand provisioning mechanism relying on a pay-per-use business model. These new features have a direct impact on information technology (IT) budgeting but also affect traditional security, trust and privacy mechanisms. The advantages of cloud computing—its ability to scale rapidly, store data remotely and share services in a dynamic environment—can become disadvantages in maintaining a level of assurance sufficient to sustain confidence in potential customers. Some core traditional mechanisms for addressing privacy (such as model contracts) are no longer flexible or dynamic enough, so new approaches need to be developed to fit this new paradigm. In this chapter, we assess how security, trust and privacy issues occur in the context of cloud computing and discuss ways in which they may be addressed.
Siani Pearson

Law Enforcement and Audits


Chapter 2. Accessing Data in the Cloud: The Long Arm of the Law Enforcement Agent

When placing data in the cloud, users inevitably have concerns about unauthorised access to such data, exposing commercial secrets and breaching individual privacy. While such threats are primarily directed towards organised crime, access by law enforcement agencies in the course of an investigation has itself become a heightened privacy and security concern, particularly in relation to US authorities in a market where US-based cloud providers dominate. From a law enforcement perspective, the cloud represents the latest manifestation of a transnational environment within which they have to operate, presenting a multitude of conflicting laws. This chapter examines how rules, at a European and international level, attempt to balance the needs of law enforcement with the needs of users and providers of cloud services.
Ian Walden

Chapter 3. A Privacy Impact Assessment Tool for Cloud Computing

In this chapter, we consider requirements for Privacy Impact Assessments (PIAs) carried out within a cloud computing environment and explain how a PIA support tool may be constructed. Privacy is an important consideration in cloud computing, as actual or perceived privacy weaknesses will impact legal compliance, data security, and user trust. A PIA is a systematic process for evaluating the possible future effects that a particular activity or proposal may have on an individual’s privacy. It focuses on understanding the system, initiative, or scheme; identifying and mitigating adverse privacy impacts; and informing decision-makers who must decide whether the project should proceed and in what form (Stewart B, Privacy impact assessments. PLPR 3(7):61–64, 1996. Accessed 30 October 2011).
David Tancock, Siani Pearson, Andrew Charlesworth

Chapter 4. Understanding Cloud Audits

Audits of IT infrastructures can mitigate security problems and establish trust in a provider’s infrastructure and processes. Cloud environments especially lack trust due to non-transparent architectures and missing security and privacy measures taken by a provider. But traditional audits do not cover cloud computing-specific security. To provide a secure and trustable cloud environment, audit tasks need to have knowledge about their environment and cloud-specific characteristics. Furthermore, they need to be automated whenever possible to be able to run on a regular basis and immediately if a certain infrastructure event takes place, like deployment of a new cloud instance. In this chapter, research about cloud-specific security problems and cloud audits gets presented. An analysis about how traditional audits need to change to address cloud-specific attributes is given. Additionally, the agent-based “Security Audit as a Service” architecture gets presented as a solution to the identified problems.
Frank Doelitzscher, Christoph Reich, Martin Knahl, Nathan Clarke

Security and Integrity


Chapter 5. Security Infrastructure for Dynamically Provisioned Cloud Infrastructure Services

This chapter discusses conceptual issues, basic requirements and practical suggestions for designing dynamically configured security infrastructure provisioned on demand as part of the cloud-based infrastructure. This chapter describes general use cases for provisioning cloud infrastructure services and the proposed architectural framework that provides a basis for defining the security infrastructure requirements. The proposed security services lifecycle management (SSLM) model addresses specific on-demand infrastructure service provisioning security problems that can be solved by introducing special security mechanisms to allow security services synchronisation and their binding to the virtualisation platforms’ run-time environment. This chapter describes the proposed dynamically provisioned access control infrastructure (DACI) architecture and defines the necessary security mechanisms to ensure consistent security services operation in the provisioned virtual infrastructure. In particular, this chapter discusses the design and use of a security token service for federated access control and security context management in the generically multi-domain and multi-provider cloud environment.
Yuri Demchenko, Canh Ngo, Cees de Laat, Diego R. Lopez, Antonio Morales, Joan A. García-Espín

Chapter 6. Modeling the Runtime Integrity of Cloud Servers: A Scoped Invariant Perspective

One of the underpinnings of cloud computing security is the trustworthiness of individual cloud servers. Due to the ongoing discovery of runtime software vulnerabilities like buffer overflows, it is critical to be able to guage the trustworthiness of a cloud server as it operates. The purpose of this chapter is to discuss trust-enhancing technologies in cloud computing, specifically remote attestation of cloud servers. We will discuss how remote attestation can provide higher assurance that cloud providers can be trusted to properly handle a customer’s computation and/or data. Then we will focus on the modeling of the runtime integrity of a cloud server, which determines the level of assurance that remote attestation can offer. Specifically, we propose scoped invariants as a primitive for analyzing the software system for its integrity properties. We report our experience with the modeling and detection of scoped invariants for the Xen virtual machine manager.
Jinpeng Wei, Calton Pu, Carlos V. Rozas, Anand Rajan, Feng Zhu

Risk Considerations


Chapter 7. Inadequacies of Current Risk Controls for the Cloud

In this chapter, we describe where current best practice in information security risk controls is likely to be inadequate for use in the cloud. In particular, we focus on public cloud ecosystems where cloud users will need to be mobile within the marketplace in order to achieve maximum benefits, as we believe these environments to be particularly challenging to the security control model. Our analysis is with reference to those risk controls defined by the ISO27001/27002 standards and the NIST Recommended Security Controls for Federal Information Systems and Organizations Special Publication 800–53 Revision 3. We highlight here only those we consider not to easily scale into such cloud environments, and by implication those not referred to, we believe, will transfer with relative ease.
Sadie Creese, Michael Goldsmith, Paul Hopkins

Chapter 8. Enterprise Information Risk Management: Dealing with Cloud Computing

Managing information risk is a complex task that must continually adapt to business and technology changes. We argue that cloud computing presents a more significant step change and so implies a bigger change for the enterprise risk and security management lifecycle. Specifically, the economies of scale that large providers can achieve are creating an ecosystem of service providers in which the marketplace (rather than consuming enterprises) determines security standards and properties. Moreover, the ability to consume high-level services from different environments is changing the nature of one-size-fits-all security policies. At HP Labs, we are doing research on developing trusted infrastructure that will exploit and improve security management in the emerging cloud architectures. We are developing and using economic and mathematical modelling techniques to help cloud stakeholders make better risk decisions, and we are pulling these strands together to establish principles and mechanisms that will improve and enable federated assurance for the cloud.
Adrian Baldwin, David Pym, Simon Shiu


Weitere Informationen

Premium Partner