The Next Frontier: Managing Confidentiality and Integrity of Data in the Cloud

Detalhes bibliográficos
Autor(a) principal: Rocha, Francisco
Data de Publicação: 2013
Outros Autores: Abreu, Salvador, Correia, Miguel
Tipo de documento: Livro
Idioma: eng
Título da fonte: Repositório Científico de Acesso Aberto de Portugal (Repositórios Cientìficos)
Texto Completo: http://hdl.handle.net/10174/10492
Resumo: Many companies have embraced the benefits of cloud computing because of its pay-per-use cost model and the elasticity of resources that it provides. But from a data confidentiality and integrity viewpoint, moving a company’s IT systems to a public cloud poses some challenges. System protection is often based on perimeter security, but in the cloud, the company’s systems run on the cloud provider’s hardware and coexist with software from both the provider and other cloud service consumers. Simply put, the cloud blurs the formerly clear separation between the trusted inside and the untrusted outside. Malicious insiders represent a particularly significant concern for security in the cloud, as cloud operators and system administrators are unseen, unknown, and not onsite. Confidential data such as passwords, cryptographic keys, or files are just a few commands away from access by a malicious or incompetent system administrator. This ReadyNote addresses the threat of malicious insiders in the context of clouds that provide the infrastructure as a service (IaaS) model, in the sense of clouds where consumers can run virtual machines. The text is complementary to several guidelines and reports on cloud security that have been published by organizations like the National Institute of Standards and Technology (NIST), the European Network and Information Security Agency (ENISA), and the Cloud Security Alliance.
id RCAP_06292403824b666e5e23ffe67692e852
oai_identifier_str oai:dspace.uevora.pt:10174/10492
network_acronym_str RCAP
network_name_str Repositório Científico de Acesso Aberto de Portugal (Repositórios Cientìficos)
repository_id_str 7160
spelling The Next Frontier: Managing Confidentiality and Integrity of Data in the CloudCloudSecurityMany companies have embraced the benefits of cloud computing because of its pay-per-use cost model and the elasticity of resources that it provides. But from a data confidentiality and integrity viewpoint, moving a company’s IT systems to a public cloud poses some challenges. System protection is often based on perimeter security, but in the cloud, the company’s systems run on the cloud provider’s hardware and coexist with software from both the provider and other cloud service consumers. Simply put, the cloud blurs the formerly clear separation between the trusted inside and the untrusted outside. Malicious insiders represent a particularly significant concern for security in the cloud, as cloud operators and system administrators are unseen, unknown, and not onsite. Confidential data such as passwords, cryptographic keys, or files are just a few commands away from access by a malicious or incompetent system administrator. This ReadyNote addresses the threat of malicious insiders in the context of clouds that provide the infrastructure as a service (IaaS) model, in the sense of clouds where consumers can run virtual machines. The text is complementary to several guidelines and reports on cloud security that have been published by organizations like the National Institute of Standards and Technology (NIST), the European Network and Information Security Agency (ENISA), and the Cloud Security Alliance.IEEE Computer Society Press2014-02-03T17:34:02Z2014-02-032013-03-01T00:00:00Zinfo:eu-repo/semantics/publishedVersioninfo:eu-repo/semantics/bookhttp://hdl.handle.net/10174/10492http://hdl.handle.net/10174/10492enghttps://www.createspace.com/4173739naonaondspa@di.uevora.ptnd498Rocha, FranciscoAbreu, SalvadorCorreia, Miguelinfo:eu-repo/semantics/openAccessreponame:Repositório Científico de Acesso Aberto de Portugal (Repositórios Cientìficos)instname:Agência para a Sociedade do Conhecimento (UMIC) - FCT - Sociedade da Informaçãoinstacron:RCAAP2024-01-03T18:53:27Zoai:dspace.uevora.pt:10174/10492Portal AgregadorONGhttps://www.rcaap.pt/oai/openaireopendoar:71602024-03-20T01:04:23.139289Repositório Científico de Acesso Aberto de Portugal (Repositórios Cientìficos) - Agência para a Sociedade do Conhecimento (UMIC) - FCT - Sociedade da Informaçãofalse
dc.title.none.fl_str_mv The Next Frontier: Managing Confidentiality and Integrity of Data in the Cloud
title The Next Frontier: Managing Confidentiality and Integrity of Data in the Cloud
spellingShingle The Next Frontier: Managing Confidentiality and Integrity of Data in the Cloud
Rocha, Francisco
Cloud
Security
title_short The Next Frontier: Managing Confidentiality and Integrity of Data in the Cloud
title_full The Next Frontier: Managing Confidentiality and Integrity of Data in the Cloud
title_fullStr The Next Frontier: Managing Confidentiality and Integrity of Data in the Cloud
title_full_unstemmed The Next Frontier: Managing Confidentiality and Integrity of Data in the Cloud
title_sort The Next Frontier: Managing Confidentiality and Integrity of Data in the Cloud
author Rocha, Francisco
author_facet Rocha, Francisco
Abreu, Salvador
Correia, Miguel
author_role author
author2 Abreu, Salvador
Correia, Miguel
author2_role author
author
dc.contributor.author.fl_str_mv Rocha, Francisco
Abreu, Salvador
Correia, Miguel
dc.subject.por.fl_str_mv Cloud
Security
topic Cloud
Security
description Many companies have embraced the benefits of cloud computing because of its pay-per-use cost model and the elasticity of resources that it provides. But from a data confidentiality and integrity viewpoint, moving a company’s IT systems to a public cloud poses some challenges. System protection is often based on perimeter security, but in the cloud, the company’s systems run on the cloud provider’s hardware and coexist with software from both the provider and other cloud service consumers. Simply put, the cloud blurs the formerly clear separation between the trusted inside and the untrusted outside. Malicious insiders represent a particularly significant concern for security in the cloud, as cloud operators and system administrators are unseen, unknown, and not onsite. Confidential data such as passwords, cryptographic keys, or files are just a few commands away from access by a malicious or incompetent system administrator. This ReadyNote addresses the threat of malicious insiders in the context of clouds that provide the infrastructure as a service (IaaS) model, in the sense of clouds where consumers can run virtual machines. The text is complementary to several guidelines and reports on cloud security that have been published by organizations like the National Institute of Standards and Technology (NIST), the European Network and Information Security Agency (ENISA), and the Cloud Security Alliance.
publishDate 2013
dc.date.none.fl_str_mv 2013-03-01T00:00:00Z
2014-02-03T17:34:02Z
2014-02-03
dc.type.status.fl_str_mv info:eu-repo/semantics/publishedVersion
dc.type.driver.fl_str_mv info:eu-repo/semantics/book
format book
status_str publishedVersion
dc.identifier.uri.fl_str_mv http://hdl.handle.net/10174/10492
http://hdl.handle.net/10174/10492
url http://hdl.handle.net/10174/10492
dc.language.iso.fl_str_mv eng
language eng
dc.relation.none.fl_str_mv https://www.createspace.com/4173739
nao
nao
nd
spa@di.uevora.pt
nd
498
dc.rights.driver.fl_str_mv info:eu-repo/semantics/openAccess
eu_rights_str_mv openAccess
dc.publisher.none.fl_str_mv IEEE Computer Society Press
publisher.none.fl_str_mv IEEE Computer Society Press
dc.source.none.fl_str_mv reponame:Repositório Científico de Acesso Aberto de Portugal (Repositórios Cientìficos)
instname:Agência para a Sociedade do Conhecimento (UMIC) - FCT - Sociedade da Informação
instacron:RCAAP
instname_str Agência para a Sociedade do Conhecimento (UMIC) - FCT - Sociedade da Informação
instacron_str RCAAP
institution RCAAP
reponame_str Repositório Científico de Acesso Aberto de Portugal (Repositórios Cientìficos)
collection Repositório Científico de Acesso Aberto de Portugal (Repositórios Cientìficos)
repository.name.fl_str_mv Repositório Científico de Acesso Aberto de Portugal (Repositórios Cientìficos) - Agência para a Sociedade do Conhecimento (UMIC) - FCT - Sociedade da Informação
repository.mail.fl_str_mv
_version_ 1799136527963389952

Registros relacionados