本書以獨(dú)特而系統(tǒng)的方式討論了云的安全和隱私方面以及相關(guān)的云取證。云計(jì)算是一種新興的革命性技術(shù),它一直在改變?nèi)藗兊纳詈凸ぷ鞣绞。但是,隨著云計(jì)算和相關(guān)服務(wù)的不斷發(fā)展,安全和隱私已成為一個(gè)關(guān)鍵問題。本書由該領(lǐng)域頂級(jí)專家撰寫,集中討論了云的安全性和隱私性,以及云數(shù)據(jù)、應(yīng)用程序和服務(wù)的數(shù)字取證。本書前半部分可使讀者對(duì)云安全的背景有全面的了解,這將有助于他們進(jìn)入本書后半部分的數(shù)字調(diào)查、指導(dǎo)和建議。本書第一部分包括云基礎(chǔ)架構(gòu)的安全性,數(shù)據(jù)的機(jī)密性,云IaaS中的訪問控制,云安全和隱私管理,黑客攻擊和對(duì)策,風(fēng)險(xiǎn)管理和災(zāi)難恢復(fù),審計(jì)和合規(guī)和安全服務(wù)(SaaS);第二部分包括云取證的模型、挑戰(zhàn)和方法,云中的網(wǎng)絡(luò)恐怖主義,云中的數(shù)字取證過程和模型,數(shù)據(jù)采集,數(shù)字證據(jù)管理、演示和法庭準(zhǔn)備,數(shù)字證據(jù)分析和取證服務(wù)(FaaS)。本書可作為信息系統(tǒng)、信息技術(shù)、計(jì)算機(jī)和網(wǎng)絡(luò)取證以及計(jì)算機(jī)科學(xué)領(lǐng)域高級(jí)本科生和研究生的學(xué)習(xí)參考書,也可供安全專業(yè)人員、數(shù)字取證從業(yè)者和云服務(wù)提供商參考使用。
List of Contributorsxv
Part ⅠCloud Securityand Privacy
Introduction to the Cloud and Fundamental Security and Privacylssues of the Cloud
Hassan Takabi and Mohammod GhasemiGol
1.1 Introduction
1.2 Cloud Computing and Securitylssues
1.3 Identity Securityin the Cloud
1.4 Information Securityin the Cloud
1.4.1 Confidentiality
1.4.2 Integrity
1.4.3 Availability
1.4.4 Accountability
1.4.5 Nonrepudiation
1.4.6 Key Considerations in Information Security
1.4.7 Information Security Analysis in Some Clouds
1.5 Cloud Security Standards
1.6 Conclusion
References
2 Cloudlnfrastructure Security
Mohammad Ghasemi Go
2.1 Introduction
2.2 Infrastructure Securityin the Cloud
2.2.1 Infrastructure Security: The Network Level
2.2.1.1 Network-LeveI Mitigation
2.2.2 Infrastructure Security: The Host Level
2.2.2.1 SaaS and PaaS Host Security
2.2.2.2 IaaS Host Security
2.2.3 Infrastructure Security: The Application Level
2.2.4 Hypervisor Securityin the Cloud
2.3 Infrastructure Security Analysis in Some Clouds
2.3.1 Force URL
2.3.2 Amazon AWS
2.3.3 Google App Engine
2.3.4 Microsoft Azure
2.4 Protecting Cloud Infrastructure
2.4.1 Software Maintenance and Patching Vulnerabilities
2.4.2 The Technology Stack
2.4.3 Disaster Recovery
2.4.4 Monitoring and Defending Infrastructure
2.4.5 Incident Response Team
2.4.6 Malicious Insiders
2.5 Conclusion
References
3 Confidentiality of Data in the Cloud: Conflicts Between Security and Cost
Nathalie Boracaldo and Joseph Glider
3.1 Introduction.
3.2 Background
3.3 Confidentiality: Threats and Adversaries
3.4 Achieving Data Confidentiality in Cloud Storage Systems
3.4.1 Cryptographic Solutions
3.4.1.1 Stage Encryption
3.4.1.2 End-to-End Encryption
3.5 Reducing Cloud Storage System Costs through Data-Reduction
Techniques
3.6 Reconciling Data Reduction and Confidentiality
3.6.1 Existing Techniques
3.7 Trusted Decrypter
3.7.1 Overview
3.7.2 Secure Data-Reduction Operations
3.7.2.1 Preliminaries
3.7.2.2 Detailed Secure Data-Reduction Operations
3.7.2.3 Write Requests
3.7.2.4 Read Requests
3.7.2.5 Rekeying Requests
3.7.2.6 File Deletion
3.7.2.7 Offboarding Requests
3.7.2.8 Secure Data Deletion
3.7.3 Securing the CriticaI Module
3.7.4 Security Analysis
3.7.4.1 Data Confidentiality
3.7.4.2 Data Confidentiality in the Presence of Deduplication
3.7.4.3 Security Impact of Different Technologies
3.7.5 TD Overhead and Performance Implications
3.8 Future Directions for Cloud Storage Confidentiality with Low Cost
……
Part Ⅱ Cloud Forensics