|
|
xi | |
|
|
xiii | |
|
|
xv | |
Acknowledgments |
|
xvii | |
Introduction |
|
xix | |
|
Chapter 7 Secure Cloud Architecture |
|
|
1 | (10) |
|
7.1 Governance and Comprehensive Risk Analysis |
|
|
4 | (7) |
|
Chapter 8 Risk and Trust Assessment |
|
|
11 | (14) |
|
Chapter 9 Managing Risk in the Cloud |
|
|
25 | (12) |
|
Chapter 10 Cloud Security Access Control |
|
|
37 | (12) |
|
|
44 | (1) |
|
10.2 Multilevel Authentication |
|
|
45 | (1) |
|
|
46 | (1) |
|
10.4 Password Administration |
|
|
46 | (1) |
|
|
46 | (3) |
|
Chapter 11 Cloud Security Risk Management |
|
|
49 | (22) |
|
|
49 | (2) |
|
11.2 Indirect Measurements and Metrics |
|
|
51 | (1) |
|
|
52 | (3) |
|
|
55 | (16) |
|
11.4.1 Security Risks Not Particular to Cloud Computing |
|
|
55 | (2) |
|
11.4.2 Cloud--specific Hazards |
|
|
57 | (4) |
|
11.4.3 Safety SLA for Cloud Services |
|
|
61 | (10) |
|
Chapter 12 Infrastructure--as--a--Service (IaaS) |
|
|
71 | (6) |
|
|
71 | (2) |
|
|
73 | (1) |
|
12.3 Security Implications |
|
|
73 | (1) |
|
|
74 | (1) |
|
|
75 | (1) |
|
|
75 | (2) |
|
Chapter 13 Cryptographic Key Management for Data Protection |
|
|
77 | (8) |
|
13.1 Key Management System Design Choices |
|
|
80 | (2) |
|
13.2 Cloud Key Management Challenges |
|
|
82 | (1) |
|
13.3 Cloud Key Management Strategies |
|
|
83 | (2) |
|
13.3.1 Establish Trust in Crypto Module |
|
|
83 | (1) |
|
13.3.2 Use Key Splitting Techniques |
|
|
84 | (1) |
|
Chapter 14 Managing Legal Compliance Risk and Personal Data Protection |
|
|
85 | (16) |
|
14.1 Digital Agenda for Europe 2015 |
|
|
87 | (2) |
|
14.2 Addressing Legal Compliance |
|
|
89 | (12) |
|
14.2.1 Precontractual phase |
|
|
89 | (1) |
|
14.2.2 Step 1: Precontractual Phase |
|
|
90 | (1) |
|
14.2.3 Risks and Opportunities for Your Cloud Service Client |
|
|
90 | (1) |
|
14.2.4 Outsourcing Cloud Services |
|
|
90 | (1) |
|
14.2.5 Step 2: Major Issues in Entering a Cloud Service Contract |
|
|
91 | (1) |
|
14.2.6 Jurisdiction and Applicable Law |
|
|
91 | (2) |
|
|
93 | (1) |
|
14.2.8 Amendments to the Contract |
|
|
94 | (1) |
|
14.2.9 Data Location and Transfers of Data |
|
|
94 | (1) |
|
14.2.10 Processing of Personal Data by Subcontractors |
|
|
95 | (1) |
|
14.2.11 Data Subjects' Rights (Intervenability) |
|
|
96 | (1) |
|
14.2.12 Step 3: Exiting a Cloud Service Contract: Major Issues |
|
|
96 | (1) |
|
14.2.13 Lock--in and Interoperability |
|
|
96 | (1) |
|
14.2.14 Service--level Agreements |
|
|
96 | (1) |
|
14.2.15 Termination of the Contract |
|
|
97 | (4) |
|
Chapter 15 Future Directions in Cloud Computing Security |
|
|
101 | (4) |
|
|
102 | (3) |
About the Author |
|
105 | (2) |
Index |
|
107 | |