Securing the Cloud

Curtis Franklin, Jr., is Senior Editor at Dark Reading. In addition, he works on audio and video programming for Dark Reading and contributes to activities at Interop™ ITX, Black Hat®, and other conferences. Curtis is also a co-host for the popular This Week in Enterprise Tech podcast. Curtis has been writing about technologies and products in computing and networking since the early 1980s. He has contributed to or been on staff at a number of technology-industry publications, including Information Week, Light Reading, Enterprise Efficiency, ChannelWeb, Network Computing, InfoWorld, PCWorld, Dark Reading, Circuit Cellar INK, BYTE, and ITWorld.com, on subjects ranging from mobile enterprise computing to enterprise security and wireless networking. Curtis is the author of thousands of articles, the co-author of five books, and has been a frequent speaker at computer and networking industry conferences across North America and Europe. His most popular previous book, The Absolute Beginner’s Guide to Podcasting, with coauthor George Colombo, was published by Que Books (October 2005). His most recent book, Cloud Computing: Technologies and Strategies of the Ubiquitous Data Center, with co-author Brian Chee. Brian J. S. Chee lives in Kaneohe, Hawaii, with his family tracing back four generations in Hawaii. An admitted generalist, starting with building IMSAI 8080s, writing assembler on punch cards for IBM 360s, and jumping into becoming one of the first 10 Novell Instructors outside of Novell, Inc. It was with the GSA Office of Information Security that he traveled the world working on secure data/video/voice communications systems for just about every three-letter agency in the book. Now, working as a researcher at the University of Hawaii School of Ocean and Earth Science and Technology (www.soest.hawaii.edu), he has gotten to work on underwater cabled observatories, autonomous underwater vehicles, SWATH ships, deep dive submarines and ROVs, volcanic sensors, and emerging energy systems. His greatest job was working with InteropNET NOC, where he became part of a team that has affected the majority of the standards of the Internet while creating methodologies for the interoperability of Internet communications systems. Look for his publications at InfoWorld and podcasts for This Week in Enterprise Technology on the TWiT.tv network, as well as the aforementioned first book in this series, Cloud Computing: Technologies and Strategies of the Ubiquitous Data Center.

Dedication



Contents



Preface



Acknowledgments



About the Authors



Chapter 1 Introduction



Chapter 2 We Need a New Model for Security



Chapter 3 The Basics of IT Security: From Mainframe to Cloud



Chapter 4 The Basics of Security Failure



Chapter 5 The Basics of Fitting Security to Situation



Chapter 6 Defining the Cloud to Protect



Chapter 7 Infrastructure as a Service



Chapter 8 Platform as a Service (PaaS)



Chapter 9 Software as a Service



Chapter 10 Virtual Desktop Infrastructure



Chapter 11 Understand Your Cloud Type



Chapter 12 Public Cloud



Chapter 13 Private Cloud



Chapter 14 Hybrid Cloud



Chapter 15 Working with Your Cloud Provider



Chapter 16 Protecting the Perimeter



Chapter 17 Protecting the Contents



Chapter 18 Protecting the Infrastructure



Chapter 19 Tie the Cloud Using an Internal Management Framework



Chapter 20 Closing Comments



Index