Cargando…

Building the infrastructure for cloud security : a solutions view /

The goal of the book is to gather together all the relevant security technologies for servers and clients and show through case studies (from the Intel Cloud Builder efforts) how the technologies can work together to provide a strong end-to-end Cloud Security Infrastructure. This book provides a com...

Descripción completa

Detalles Bibliográficos
Clasificación:Libro Electrónico
Autores principales: Yeluri, Raghu (Autor), Castro-Leon, Enrique (Autor)
Formato: Electrónico eBook
Idioma:Inglés
Publicado: Berkeley, CA : Apress, 2014.
Colección:The expert's voice in Internet security
Temas:
Acceso en línea:Texto completo (Requiere registro previo con correo institucional)

MARC

LEADER 00000cam a2200000 i 4500
001 OR_ocn876598475
003 OCoLC
005 20231017213018.0
006 m o d
007 cr cnu|||unuuu
008 140414s2014 caua ob 001 0 eng d
040 |a GW5XE  |b eng  |e rda  |e pn  |c GW5XE  |d UMI  |d COO  |d YDXCP  |d B24X7  |d DEBBG  |d DEBSZ  |d A7U  |d OCLCF  |d E7B  |d EBLCP  |d OCLCQ  |d Z5A  |d LIV  |d ESU  |d OCLCQ  |d VT2  |d IOG  |d OCL  |d CEF  |d REB  |d U3W  |d WYU  |d YOU  |d OAPEN  |d UAB  |d OCLCQ  |d AU@  |d OCLCQ  |d UWK  |d DCT  |d ERF  |d OCLCQ  |d SFB  |d WURST  |d LQU  |d DIPCC  |d BRF  |d OCLCQ  |d UKAHL  |d OCLCQ  |d DKU  |d OCLCQ  |d OCLCO  |d CZL  |d OCLCO  |d AAA  |d LUU  |d OCLCQ  |d INARC  |d OCLCO 
019 |a 878059713  |a 881305348  |a 889305162  |a 892193035  |a 1005753245  |a 1026440787  |a 1048136731  |a 1055334398  |a 1058422008  |a 1066636073  |a 1067162369  |a 1086550920  |a 1110410162  |a 1110977742  |a 1112528257  |a 1125485892  |a 1135454804  |a 1136197241  |a 1144308844  |a 1166171786  |a 1182529983  |a 1183402608  |a 1184030895  |a 1204037361  |a 1295608399 
020 |a 9781430261469  |q (electronic bk.) 
020 |a 1430261463  |q (electronic bk.) 
020 |a 1430261455 
020 |a 9781430261452 
020 |z 9781430261452 
024 7 |a 10.1007/978-1-4302-6146-9  |2 doi 
024 8 |a 10.1007/978-1-4302-6 
029 1 |a AU@  |b 000053310500 
029 1 |a AU@  |b 000058380600 
029 1 |a AU@  |b 000060583820 
029 1 |a AU@  |b 000067104662 
029 1 |a DEBBG  |b BV041816886 
029 1 |a DEBBG  |b BV042032313 
029 1 |a DEBSZ  |b 414177800 
029 1 |a GBVCP  |b 882729284 
029 1 |a NZ1  |b 15579298 
035 |a (OCoLC)876598475  |z (OCoLC)878059713  |z (OCoLC)881305348  |z (OCoLC)889305162  |z (OCoLC)892193035  |z (OCoLC)1005753245  |z (OCoLC)1026440787  |z (OCoLC)1048136731  |z (OCoLC)1055334398  |z (OCoLC)1058422008  |z (OCoLC)1066636073  |z (OCoLC)1067162369  |z (OCoLC)1086550920  |z (OCoLC)1110410162  |z (OCoLC)1110977742  |z (OCoLC)1112528257  |z (OCoLC)1125485892  |z (OCoLC)1135454804  |z (OCoLC)1136197241  |z (OCoLC)1144308844  |z (OCoLC)1166171786  |z (OCoLC)1182529983  |z (OCoLC)1183402608  |z (OCoLC)1184030895  |z (OCoLC)1204037361  |z (OCoLC)1295608399 
037 |a CL0500000419  |b Safari Books Online 
050 4 |a QA76.585 
072 7 |a UR  |2 bicssc 
072 7 |a UTN  |2 bicssc 
072 7 |a COM053000  |2 bisacsh 
082 0 4 |a 004.67/82  |2 23 
049 |a UAMI 
100 1 |a Yeluri, Raghu,  |e author. 
245 1 0 |a Building the infrastructure for cloud security :  |b a solutions view /  |c Raghu Yeluri, Enrique Castro-Leon. 
264 1 |a Berkeley, CA :  |b Apress,  |c 2014. 
264 2 |a New York, NY :  |b Distributed to the Book trade worldwide by Springer 
264 4 |c ©2014 
300 |a 1 online resource (xxvi, 212 pages) :  |b illustrations 
336 |a text  |b txt  |2 rdacontent 
337 |a computer  |b c  |2 rdamedia 
338 |a online resource  |b cr  |2 rdacarrier 
347 |a text file 
347 |b PDF 
490 0 |a The expert's voice in Internet security 
520 |a The goal of the book is to gather together all the relevant security technologies for servers and clients and show through case studies (from the Intel Cloud Builder efforts) how the technologies can work together to provide a strong end-to-end Cloud Security Infrastructure. This book provides a comprehensive look at the various facets of Cloud Security; infrastructure, network, services, Compliance and users. It will provide real world case studies to articulate the real and perceived risks and challenges in deploying and managing services in a cloud infrastructure from a Security perspective. 
588 0 |a Online resource; title from PDF title page (SpringerLink, viewed March 31, 2014). 
504 |a Includes bibliographical references and index. 
546 |a English. 
506 0 |a Open Access. 
505 0 |a Ch. 1 Cloud Computing Basics -- Defining the Cloud -- The Cloud's Essential Characteristics -- The Cloud Service Models -- The Cloud Deployment Models -- The Cloud Value Proposition -- Historical Context -- Traditional Three-Tier Architecture -- Software Evolution: From Stovepipes to Service Networks -- The Cloud as the New Way of Doing IT -- Security as a Service -- New Enterprise Security Boundaries -- A Roadmap for Security in the Cloud -- Summary -- ch. 2 The Trusted Cloud: Addressing Security and Compliance -- Security Considerations for the Cloud -- Cloud Security, Trust, and Assurance -- Trends Affecting Data Center Security -- Security and Compliance Challenges -- Trusted Clouds -- Trusted Computing Infrastructure -- Trusted Cloud Usage Models -- The Boot Integrity Usage Model -- The Trusted Virtual Machine Launch Usage Model -- The Data Protection Usage Model -- The Run-time Integrity and Attestation Usage Model -- Trusted Cloud Value Proposition for Cloud Tenants -- The Advantages of Cloud Services on a Trusted Computing Chain -- Summary -- ch. 3 Platform Boot Integrity: Foundation for Trusted Compute Pools -- The Building blocks for Trusted Clouds -- Platform Boot Integrity -- Roots of Trust -- RTM, RTR, and RTS in the Intel TXT Platform -- Measured Boot Process -- Attestation -- Trusted Compute Pools -- TCP Principles of Operation -- Pool Creation -- Workload Placement -- Workload Migration -- Compliance Reporting for a Workload/Cloud Service -- Solution Reference Architecture for the TCP -- Hardware Layer -- Operating System / Hypervisor Layer -- Virtualization/Cloud Management and Verification/Attestation Layer -- Security Management Layer -- Reference Implementation: The Taiwan Stock Exchange Case Study -- Solution Architecture for TWSE -- Trusted Compute Pool Use Case Instantiation -- Remote Attestation with HyTrust -- Use Case Example: Creating Trusted Compute Pools and Workload Migration -- Integrated and Extended Security and Platform Trust with McAfee ePO -- Summary -- ch. 4 Attestation: Proving Trustability -- Attestation -- Integrity Measurement Architecture -- Policy Reduced Integrity Measurement Architecture -- Semantic Remote Attestation -- The Attestation Process -- Remote Attestation Protocol -- Flow for Integrity Measurement -- A First Commercial Attestation Implementation: The Intel Trust Attestation Platform -- Mt. Wilson Platform -- Mt. Wilson Architecture -- The Mt. Wilson Attestation Process -- Security of Mt. Wilson -- Mt. Wilson Trust, Whitelisting, and Management APIs -- Mt. Wilson APIs -- The API Request Specification -- API Response -- Mt. Wilson API Usage -- Deploying Mt. Wilson -- Mt. Wilson Programming Examples -- Summary -- ch. 5 Boundary Control in the Cloud: Geo-Tagging and Asset Tagging -- Geolocation -- Geo-fencing -- Asset Tagging -- Trusted Compute Pools Usage with Geo-Tagging -- Stage 1 Platform Attestation and Safe Hypervisor Launch -- Stage 2 Trust-Based Secure Migration -- Stage 3 Trust- and Geolocation-Based Secure Migration -- Adding Geo-Tagging to the Trusted Compute Pools Solution -- Hardware Layer (Servers) -- Hypervisor and Operating System Layer -- Virtualization, Cloud Management, and the Verification and Attestation Layer -- Security Management Layer -- Provisioning and Lifecycle Management for Geo-Tags -- Geo-Tag Workflow and Lifecycle -- Tag Creation -- Tag Whitelisting -- Tag Provisioning -- Validation and Invalidation of Asset Tags and Geo-Tags -- Attestation of Geo-Tags -- Architecture for Geo-Tag Provisioning -- Tag Provisioning Service -- Tag Provisioning Agent -- Tag Management Service and Management Tool -- Attestation Service -- Geo-Tag Provisioning Process -- Push Model -- Pull Model -- Reference Implementation -- Step 1 -- Step 2 -- Step 3 -- Step 4 -- Summary -- ch. 6 Network Security in the Cloud -- The Cloud Network -- Network Security Components -- Load Balancers -- Intrusion Detection Devices -- Application Delivery Controllers -- End-to-End Security in a Cloud -- Network security: End-to-End security: Firewalls -- Network security: End-to-End security: VLANs -- End-to-End Security for Site-to-Site VPNs -- Network security:End-to-End security: Hypervisors and Virtual Machines -- Software-Defined Security in the Cloud -- OpenStack -- OpenStack Network Security -- Network Security Capabilities and Examples -- Summary -- ch. 7 Identity Management and Control for Clouds -- Identity Challenges -- Identity Usages -- Identity Modification -- Identity Revocation -- Identity Management System Requirements -- Basic User Control Properties -- Key Requirements for an Identity Management Solution -- Accountability -- Notification -- Anonymity -- Data Minimization -- Attribute Security -- Attribute Privacy -- Identity Representations and Case Studies -- PKI Certificates -- Security and Privacy Discussion -- Identity Federation -- Single Sign-On -- Intel Identity Technologies -- Hardware Support -- Summary -- ch. 8 Trusted Virtual Machines: Ensuring the Integrity of Virtual Machines in the Cloud -- Requirements for Trusted Virtual Machines -- Virtual Machine Images -- The Open Virtualization Format (OVF) -- A Conceptual Architecture for Trusted Virtual Machines -- Mystery Hill (MH) Client -- Mystery Hill Key Management and Policy Server (KMS) -- Mystery Hill Plug-in -- Trust Attestation Server -- Workflows for Trusted Virtual Machines -- Deploying Trusted Virtual Machines with OpenStack -- Summary -- ch. 9 A Reference Design for Secure Cloud Bursting -- Cloud Bursting Usage Models -- An Explanation of Cloud Bursting -- Data Center Deployment Models -- Trusted Hybrid Clouds -- Cloud Bursting Reference Architecture -- Secure Environment Built Around Best Practices -- Cloud Management -- Cloud Identity and Access Management -- Separation of Cloud Resources, Traffic, and Data -- Vulnerability and Patch Management -- Compliance -- Network Topology and Considerations -- Security Design Considerations -- Hypervisor Hardening -- Firewalls and Network separation -- Management Network Firewalling -- Virtual Networking -- Anti-Virus Software -- Cloud Management Security -- Practical Considerations for Virtual Machine Migration -- Summary. 
590 |a O'Reilly  |b O'Reilly Online Learning: Academic/Public Library Edition 
650 0 |a Cloud computing  |x Security measures. 
650 0 |a Data encryption (Computer science) 
650 6 |a Infonuagique  |x Sécurité  |x Mesures. 
650 6 |a Chiffrement (Informatique) 
650 7 |a Computer science.  |2 bicssc 
650 7 |a Data encryption (Computer science)  |2 fast 
653 0 0 |a computerwetenschappen 
653 0 0 |a computer sciences 
653 0 0 |a gegevensbeheer 
653 0 0 |a data management 
653 1 0 |a Information and Communication Technology (General) 
653 1 0 |a Informatie- en communicatietechnologie (algemeen) 
700 1 |a Castro-Leon, Enrique,  |e author. 
773 0 |t Springer eBooks 
776 0 8 |i Print version:  |a Yeluri, Raghu.  |t Building the infrastructure for cloud security.  |d Berkeley, CA : Apress, 2014  |z 9781430261469  |w (OCoLC)876598475 
856 4 0 |u https://learning.oreilly.com/library/view/~/9781430261452/?ar  |z Texto completo (Requiere registro previo con correo institucional) 
938 |a Internet Archive  |b INAR  |n buildinginfrastr0000yelu 
938 |a Askews and Holts Library Services  |b ASKH  |n AH35261709 
938 |a Books 24x7  |b B247  |n bks00064341 
938 |a ProQuest Ebook Central  |b EBLB  |n EBL3071473 
938 |a ProQuest Ebook Central  |b EBLB  |n EBL6422525 
938 |a ebrary  |b EBRY  |n ebr10856746 
938 |a Knowledge Unlatched  |b KNOW  |n f7afda79-2807-4e7e-99b3-7d421dd4653d 
938 |a OAPEN Foundation  |b OPEN  |n 1001820 
938 |a DCS UAT TEST 8  |b TEST  |n 1001820 
938 |a YBP Library Services  |b YANK  |n 11729236 
994 |a 92  |b IZTAP