Choose an application

• Reference Manager
• EndNote
• RefWorks (Direct export to RefWorks)

Cloud Storage Security: A Practical Guide introduces and discusses the risks associated with cloud-based data storage from a security and privacy perspective. Gain an in-depth understanding of the risks and benefits of cloud storage illustrated using a Use-Case methodology. The authors also provide a checklist that enables the user, as well as the enterprise practitioner to evaluate what security and privacy issues need to be considered when using the cloud to store personal and sensitive information.Describes the history and the evolving nature of cloud storage and securityExplores the threat

Cloud computing -- Security measures. --- Computer security. --- Data protection. --- Computer Science --- Engineering & Applied Sciences --- Cloud computing --- Security measures. --- Data governance --- Data regulation --- Personal data protection --- Protection, Data --- Electronic data processing --- Web services --- Distributed processing

Choose an application

• Reference Manager
• EndNote
• RefWorks (Direct export to RefWorks)

Cloud storage is an important service of cloud computing, which offers service for data owners to host their data in the cloud. This new paradigm of data hosting and data access services introduces two major security concerns. The first is the protection of data integrity. Data owners may not fully trust the cloud server and worry that data stored in the cloud could be corrupted or even removed. The second is data access control. Data owners may worry that some dishonest servers provide data access to users that are not permitted for profit gain and thus they can no longer rely on the servers for access control. To protect the data integrity in the cloud, an efficient and secure dynamic auditing protocol is introduced, which can support dynamic auditing and batch auditing. To ensure the data security in the cloud, two efficient and secure data access control schemes are introduced in this brief: ABAC for Single-authority Systems and DAC-MACS for Multi-authority Systems. While Ciphertext-Policy Attribute-based Encryption (CP-ABE) is a promising technique for access control of encrypted data, the existing schemes cannot be directly applied to data access control for cloud storage systems because of the attribute revocation problem. To solve the attribute revocation problem, new Revocable CP-ABE methods are proposed in both ABAC and DAC-MACS.

Cloud computing -- Security measures. --- Cloud computing. --- Computer networks -- Security measures. --- Computer networks. --- Computer networks --- Cloud computing --- Storage area networks (Computer networks) --- Engineering & Applied Sciences --- Computer Science --- Security measures --- Computer security. --- Security measures. --- Computer privacy --- Computer system security --- Computer systems --- Computers --- Cyber security --- Cybersecurity --- Electronic digital computers --- Security of computer systems --- Protection of computer systems --- Protection --- Computer science. --- Data encryption (Computer science). --- Computer Science. --- Systems and Data Security. --- Data Encryption. --- Data protection --- Security systems --- Hacking --- Data encoding (Computer science) --- Encryption of data (Computer science) --- Computer security --- Cryptography --- Informatics --- Science --- Electronic data processing --- Web services --- Distributed processing --- Cryptology.

Choose an application

• Reference Manager
• EndNote
• RefWorks (Direct export to RefWorks)

This book presents a range of cloud computing security challenges and promising solution paths. The first two chapters focus on practical considerations of cloud computing. In Chapter 1, Chandramouli, Iorga, and Chokani describe the evolution of cloud computing and the current state of practice, followed by the challenges of cryptographic key management in the cloud. In Chapter 2, Chen and Sion present a dollar cost model of cloud computing and explore the economic viability of cloud computing with and without security mechanisms involving cryptographic mechanisms. The next two chapters address security issues of the cloud infrastructure. In Chapter 3, Szefer and Lee describe a hardware-enhanced security architecture that protects the confidentiality and integrity of a virtual machine’s memory from an untrusted or malicious hypervisor. In Chapter 4, Tsugawa et al. discuss the security issues introduced when Software-Defined Networking (SDN) is deployed within and across clouds. Chapters 5-9 focus on the protection of data stored in the cloud. In Chapter 5, Wang et al. present two storage isolation schemes that enable cloud users with high security requirements to verify that their disk storage is isolated from some or all other users, without any cooperation from cloud service providers. In Chapter 6, De Capitani di Vimercati, Foresti, and Samarati describe emerging approaches for protecting data stored externally and for enforcing fine-grained and selective accesses on them, and illustrate how the combination of these approaches can introduce new privacy risks. In Chapter 7, Le, Kant, and Jajodia explore data access challenges in collaborative enterprise computing environments where multiple parties formulate their own authorization rules, and discuss the problems of rule consistency, enforcement, and dynamic updates. In Chapter 8, Smith et al. address key challenges to the practical realization of a system that supports query execution over remote encrypted data without exposing decryption keys or plaintext at the server. In Chapter 9, Sun et al. provide an overview of secure search techniques over encrypted data, and then elaborate on a scheme that can achieve privacy-preserving multi-keyword text search. The next three chapters focus on the secure deployment of computations to the cloud. In Chapter 10, Oktay el al. present a risk-based approach for workload partitioning in hybrid clouds that selectively outsources data and computation based on their level of sensitivity. The chapter also describes a vulnerability assessment framework for cloud computing environments. In Chapter 11, Albanese et al. present a solution for deploying a mission in the cloud while minimizing the mission’s exposure to known vulnerabilities, and a cost-effective approach to harden the computational resources selected to support the mission. In Chapter 12, Kontaxis et al. describe a system that generates computational decoys to introduce uncertainty and deceive adversaries as to which data and computation is legitimate. The last section of the book addresses issues related to security monitoring and system resilience. In Chapter 13, Zhou presents a secure, provenance-based capability that captures dependencies between system states, tracks state changes over time, and that answers attribution questions about the existence, or change, of a system’s state at a given time. In Chapter 14, Wu et al. present a monitoring capability for multicore architectures that runs monitoring threads concurrently with user or kernel code to constantly check for security violations. Finally, in Chapter 15, Hasan Cam describes how to manage the risk and resilience of cyber-physical systems by employing controllability and observability techniques for linear and non-linear systems.

Cloud computing -- Security measures. --- Cloud computing. --- Computer Communication Networks. --- Computer science. --- Computer security. --- Data processing. --- Data protection. --- Information systems. --- Cloud computing --- Engineering & Applied Sciences --- Computer Science --- Security measures --- Information technology --- Data protection --- Security measures. --- Management. --- Data governance --- Data regulation --- Personal data protection --- Protection, Data --- Computer communication systems. --- Computers. --- Computer Science. --- Systems and Data Security. --- Information Systems Applications (incl. Internet). --- Information Systems and Communication Service. --- Electronic data processing --- Web services --- Distributed processing --- Computer privacy --- Computer system security --- Computer systems --- Computers --- Cyber security --- Cybersecurity --- Electronic digital computers --- Protection of computer systems --- Security of computer systems --- Security systems --- Hacking --- Protection --- Application software. --- Automatic computers --- Automatic data processors --- Computer hardware --- Computing machines (Computers) --- Electronic brains --- Electronic calculating-machines --- Electronic computers --- Hardware, Computer --- Cybernetics --- Machine theory --- Calculators --- Cyberspace --- Communication systems, Computer --- Computer communication systems --- Data networks, Computer --- ECNs (Electronic communication networks) --- Electronic communication networks --- Networks, Computer --- Teleprocessing networks --- Data transmission systems --- Digital communications --- Electronic systems --- Information networks --- Telecommunication --- Cyberinfrastructure --- Network computers --- Application computer programs --- Application computer software --- Applications software --- Apps (Computer software) --- Computer software