Available:*
Library | Item Barcode | Call Number | Material Type | Item Category 1 | Status |
---|---|---|---|---|---|
Searching... | 30000010335127 | QA76.585 A235 2014 | Open Access Book | Book | Searching... |
On Order
Summary
Summary
Written by an expert with over 15 years' experience in the field, this book establishes the foundations of Cloud computing, building an in-depth and diverse understanding of the technologies behind Cloud computing.
In this book, the author begins with an introduction to Cloud computing, presenting fundamental concepts such as analyzing Cloud definitions, Cloud evolution, Cloud services, Cloud deployment types and highlighting the main challenges. Following on from the introduction, the book is divided into three parts: Cloud management, Cloud security, and practical examples.
Part one presents the main components constituting the Cloud and federated Cloud infrastructure
(e.g., interactions and deployment), discusses management platforms (resources and services), identifies and analyzes the main properties of the Cloud infrastructure, and presents Cloud automated management services: virtual and application resource management services. Part two analyzes the problem of establishing trustworthy Cloud, discusses foundation frameworks for addressing this problem
- focusing on mechanisms for treating the security challenges, discusses foundation frameworks and mechanisms for remote attestation in Cloud and establishing Cloud trust anchors, and lastly provides a framework for establishing a trustworthy provenance system and describes its importance in addressing major security challenges such as forensic investigation, mitigating insider threats and operation management assurance. Finally, part three, based on practical examples, presents real-life commercial and open source examples of some of the concepts discussed, and includes a real-life case study to reinforce learning - especially focusing on Cloud security.
Key Features
* Covers in detail two main aspects of Cloud computing: Cloud management and Cloud security
* Presents a high-level view (i.e., architecture framework) for Clouds and federated Clouds which is useful for professionals, decision makers, and students
* Includes illustrations and real-life deployment scenarios to bridge the gap between theory and practice
* Extracts, defines, and analyzes the desired properties and management services of Cloud computing and its associated challenges and disadvantages
* Analyzes the risks associated with Cloud services and deployment types and what could be done to address the risk for establishing trustworthy Cloud computing
* Provides a research roadmap to establish next-generation trustworthy Cloud computing
* Includes exercises and solutions to problems as well as PowerPoint slides for instructors
Author Notes
Dr. Imad M. Abbadi
University of Oxford, UK
Table of Contents
About the Author | p. xi |
Preface | p. xiii |
Acknowledgments | p. xix |
Acronyms | p. xxi |
1 Introduction | p. 1 |
1.1 Overview | p. 1 |
1.2 Cloud Definition | p. 2 |
1.3 Cloud Evolution | p. 3 |
1.4 Cloud Services | p. 4 |
1.5 Cloud Deployment Types | p. 6 |
1.6 Main Challenges of Clouds | p. 7 |
1.7 Summary | p. 9 |
1.8 Exercises | p. 10 |
References | p. 10 |
Part 1 Cloud Management | |
2 Cloud Structure | p. 13 |
2.1 Introduction | p. 13 |
2.2 Infrastructure Components | p. 14 |
2.2.1 Storage Components | p. 14 |
2.2.2 Physical Servers | p. 14 |
2.2.3 Network Components | p. 15 |
2.3 Cloud Layers | p. 15 |
2.3.1 Vertical Slices | p. 15 |
2.3.2 Horizontal Slices | p. 17 |
2.3.3 Horizontal vs. Vertical Slices | p. 18 |
2.3.4 Illustrative Example | p. 20 |
2.4 Cloud Relations | p. 21 |
2.4.1 Intra-layer Relations | p. 21 |
2.4.2 Across-layer Relations | p. 23 |
2.5 Cloud Dynamics | p. 24 |
2.6 Data Types | p. 25 |
2.7 Summary | p. 26 |
2.8 Exercises | p. 27 |
References | p. 27 |
3 Fundamentals of Cloud Management | p. 29 |
3.1 Introduction | p. 29 |
3.2 Clouds Management Services | p. 30 |
3.2.1 Application Deployment Scenario | p. 30 |
3.2.2 Identifying Cloud Management Services | p. 33 |
3.3 Virtual Control Center | p. 35 |
3.4 Prerequisite Input Data for Management Services | p. 37 |
3.5 Management of User Requirements | p. 38 |
3.5.1 Requirement Management Workflow | p. 38 |
3.5.2 Challenges and Requirements | p. 40 |
3.5.3 Categories and Delegation of User Requirements | p. 42 |
3.5.4 Illustrative Example | p. 43 |
3.6 Summary | p. 44 |
3.7 Exercises | p. 45 |
References | p. 45 |
4 Cloud Properties | p. 47 |
4.1 Introduction | p. 47 |
4.2 Adaptability Property | p. 48 |
4.3 Resilience Property | p. 49 |
4.4 Scalability Property | p. 50 |
4.5 Availability Property | p. 51 |
4.6 Reliability Property | p. 51 |
4.7 Security and Privacy Property | p. 52 |
4.8 Business Model | p. 53 |
4.9 Summary | p. 54 |
4.10 Exercises | p. 54 |
References | p. 55 |
5 Automated Management Services | p. 57 |
5.1 Introduction | p. 57 |
5.2 Virtual Layer Self-managed Services | p. 58 |
5.2.1 Adaptability as a Virtual Service | p. 58 |
5.2.2 System Architect as a Virtual Service | p. 59 |
5.2.3 Resilience as a Virtual Service | p. 59 |
5.2.4 Scalability as a Virtual Service | p. 59 |
5.2.5 Availability as a Virtual Service | p. 61 |
5.2.6 Reliability as a Virtual Service | p. 62 |
5.3 Virtual Services Interdependency | p. 63 |
5.4 Application Layer Self-managed Services | p. 63 |
5.4.1 Adaptability as an Application Service | p. 63 |
5.4.2 Resilience as an Application Service | p. 63 |
5.4.3 Scalability as an Application Service | p. 66 |
5.4.4 Availability as an Application Service | p. 66 |
5.4.5 Reliability as an Application Service | p. 67 |
5.5 Application Services Interdependency | p. 67 |
5.6 Security and Privacy by Design | p. 68 |
5.7 Multi-tier Application Deployment in the Cloud | p. 70 |
5.7.1 Application Architecture | p. 71 |
5.7.2 Managed Services Interaction | p. 73 |
5.8 Main Challenges and Requirements | p. 75 |
5.8.1 Challenges | p. 75 |
5.8.2 Requirements | p. 77 |
5.9 Summary | p. 77 |
5.10 Exercises | p. 78 |
References | p. 78 |
Part 2 Cloud Security Fundamentals | |
6 Background | p. 81 |
6.1 Topics Flow | p. 81 |
6.2 Trusted Computing | p. 83 |
6.2.1 Introduction | p. 83 |
6.2.2 Trusted Platform Module | p. 83 |
6.2.3 TCG Main Components | p. 84 |
6.2.4 The TP Main Functions | p. 86 |
6.2.5 Challenges in TCG Specifications | p. 90 |
6.3 Summary | p. 91 |
References | p. 91 |
7 Challenges for Establishing Trust in Clouds | p. 93 |
7.1 Introduction | p. 93 |
7.2 Effects of Cloud Dynamism on Trust Relationships | p. 94 |
7.2.1 Load Balancing | p. 94 |
7.2.2 Horizontal Scaling | p. 95 |
7.2.3 Vertical Scaling | p. 96 |
7.2.4 Redundancy | p. 96 |
7.2.5 Clustering | p. 97 |
7.3 Challenges | p. 97 |
7.4 Summary | p. 98 |
7.5 Exercises | p. 99 |
References | p. 99 |
8 Establishing Trust in Clouds | p. 101 |
8.1 Introduction | p. 101 |
8.2 Organization Requirements | p. 102 |
8.3 Framework Requirements | p. 102 |
8.4 Device Properties | p. 105 |
8.5 Framework Architecture | p. 105 |
8.5.1 Dynamic Domain Concept | p. 105 |
8.5.2 Proposed Architecture | p. 106 |
8.6 Required Software Agents | p. 109 |
8.6.1 Server Agent Functions | p. 109 |
8.6.2 Client Agent Functions | p. 110 |
8.6.1 Server Agent Initialization | p. 110 |
8.6.4 Client Agent Initialization | p. 112 |
8.7 Framework Workflow | p. 112 |
8.7.1 Management Domain and Collaborating Management Domain Establishment | p. 112 |
8.7.2 Organization Home Domain Establishment | p. 113 |
8.7.3 Adding Devices to a Domain | p. 113 |
8.7.4 Outsourced Domain and Collaborating Outsourced Domain Establishment | p. 116 |
8.8 Discussion and Analysis | p. 117 |
8.8.1 Benefits of Using Trusted Computing | p. 117 |
8.8.2 Benefits of the Framework Architecture | p. 117 |
8.8.3 Content Protection | p. 117 |
8.9 Summary | p. 118 |
8.10 Exercises | p. 118 |
References | p. 119 |
9 Clouds Chains of Trust | p. 121 |
9.1 Introduction | p. 121 |
9.2 Software Agents Revision | p. 122 |
9.3 Roots of and Chains of Trust Definition | p. 122 |
9.3.1 Roots of Trust | p. 123 |
9.3.2 Chains of Trust | p. 124 |
9.4 Intra-layer Chains of Trust | p. 124 |
9.4.1 A Resource Chain of Trust | p. 125 |
9.4.2 Compositional Chains of Trust | p. 127 |
9.4.3 Physical Layer DCoT and CDCoT | p. 128 |
9.4.4 Virtual Layer DCoT and CDCoT | p. 129 |
9.4.5 Application Layer DCoT and CDCoT | p. 130 |
9.5 Trust Across Layers | p. 132 |
9.6 Summary | p. 134 |
9.7 Exercises | p. 135 |
References | p. 135 |
10 Provenance in Clouds | p. 137 |
10.1 Introduction | p. 137 |
10.1.1 Log and Provenance | p. 138 |
10.1.2 Problem Description and Objectives | p. 139 |
10.1.3 Organization of the Chapter | p. 140 |
10.2 Motivating Scenarios | p. 140 |
10.3 Log Records Management and Requirements | p. 142 |
10.3.1 Database Design | p. 142 |
10.3.2 Security Requirements | p. 145 |
10.3.3 Other Requirements and Device Properties | p. 145 |
10.4 Framework Domain Architecture | p. 147 |
10.5 Framework Software Agents | p. 149 |
10.5.1 Cloud Server Agent | p. 150 |
10.5.2 LaaS Server Agent | p. 150 |
10.5.3 LaaS Client Agent | p. 151 |
10.5.4 VM Agent | p. 151 |
10.5.5 Cloud Client Agent | p. 151 |
10.6 Framework Workflow | p. 152 |
10.6.1 Cloud Server Agent Initialization | p. 152 |
10.6.2 LaaS Server Agent Initialization | p. 153 |
10.6.3 LCA and CCA Initialization | p. 154 |
10.6.4 LaaS Domain Establishment | p. 154 |
10.6.5 Adding Devices to an LaaSD | p. 155 |
10.6.6 Establishing Trust between Server Agents | p. 157 |
10.6.7 MD Establishment and Management | p. 159 |
10.6.8 Secure Log Storage | p. 159 |
10.7 Threat Analysis | p. 160 |
10.8 Discussion and Future Directions | p. 162 |
10.8.1 Establishing Trust | p. 162 |
10.8.2 Log Retention | p. 163 |
10.8.3 Achievement of Objectives | p. 163 |
10.9 Summary | p. 164 |
10.10 Exercises | p. 164 |
References | p. 165 |
11 Insiders | p. 167 |
11.1 Introduction | p. 167 |
11.2 Insiders Definition | p. 168 |
11.2.1 Background | p. 168 |
11.2.2 Definition | p. 169 |
11.2.3 Rules of Identifying Insiders | p. 171 |
11.3 Conceptual Models | p. 172 |
11.3.1 Organizational View | p. 172 |
11.3.2 Assets and Clients | p. 173 |
11.3.3 Infrastructure Model | p. 173 |
11.3.4 Procedure for Identifying Potential and Malicious Insiders | p. 174 |
11.4 Summary | p. 175 |
11.5 Exercises | p. 175 |
References | p. 175 |
Part 3 practical Examples | |
12 Real-Life Examples | p. 179 |
12.1 OpenStack | p. 179 |
12.1.1 What is OpenStack? | p. 179 |
12.1.2 Openstack Structure | p. 180 |
12.1.3 Security in OpenStack | p. 184 |
12.1.4 OpenStack Configuration Files | p. 185 |
12.2 Amazon Web Services | p. 185 |
12.3 Component Architecture | p. 186 |
12.3.1 Nova-api | p. 186 |
12.3.2 Nova-database | p. 188 |
12.3.3 Nova-scheduler | p. 192 |
12.4 Prototype | p. 192 |
12.4.1 Trust Attestation via the DC-C | p. 192 |
12.4.2 Trust Management by the DCS | p. 195 |
12.5 Summary | p. 197 |
References | p. 198 |
13 Case Study | p. 199 |
13.1 Scenario | p. 199 |
13.2 Home Healthcare Architecture in the Cloud | p. 200 |
13.3 Insiders Analysis for Home Healthcare | p. 201 |
13.3.1 Model Instance | p. 201 |
13.3.2 Identifying Potential Insiders and Insiders | p. 201 |
13.3.3 Insider Threat Analysis | p. 205 |
13.4 Cloud Threats | p. 207 |
References | p. 212 |
Index | p. 213 |