Cloud Management and Security

Written by an expert with over 15 years’ experience in the field, this book establishes the foundations of Cloud computing, building an in-depth and diverse understanding of the technologies behind Cloud computing. In this book, the author begins with an introduction to Cloud computing, presenting fundamental concepts such as analyzing Cloud definitions, Cloud evolution, Cloud services, Cloud deployment types and highlighting the main challenges. Following on from the introduction, the book is divided into three parts: Cloud management, Cloud security, and practical examples. Part one presents the main components constituting the Cloud and federated Cloud infrastructure (e.g., interactions and deployment), discusses management platforms (resources and services), identifies and analyzes the main properties of the Cloud infrastructure, and presents Cloud automated management services: virtual and application resource management services. Part two analyzes the problem of establishing trustworthy Cloud, discusses foundation frameworks for addressing this problem – focusing on mechanisms for treating the security challenges, discusses foundation frameworks and mechanisms for remote attestation in Cloud and establishing Cloud trust anchors, and lastly provides a framework for establishing a trustworthy provenance system and describes its importance in addressing major security challenges such as forensic investigation, mitigating insider threats and operation management assurance. Finally, part three, based on practical examples, presents real-life commercial and open source examples of some of the concepts discussed, and includes a real-life case study to reinforce learning – especially focusing on Cloud security. Key Features • Covers in detail two main aspects of Cloud computing: Cloud management and Cloud security • Presents a high-level view (i.e., architecture framework) for Clouds and federated Clouds which is useful for professionals, decision makers, and students • Includes illustrations and real-life deployment scenarios to bridge the gap between theory and practice • Extracts, defines, and analyzes the desired properties and management services of Cloud computing and its associated challenges and disadvantages • Analyzes the risks associated with Cloud services and deployment types and what could be done to address the risk for establishing trustworthy Cloud computing • Provides a research roadmap to establish next-generation trustworthy Cloud computing • Includes exercises and solutions to problems as well as PowerPoint slides for instructors

Table of Contents:
Preface ix References xii 1 Introduction 1 1.1 Overview 1 1.2 Cloud definition 2 1.3 Cloud evolution 3 1.4 Cloud services 5 1.5 Cloud deployment types 6 1.6 Main challenges of Clouds 7 1.7 Summary 10 1.8 Exercises 10 References 11 Part One Cloud management 13 2 Cloud structure 15 2.1 Introduction 15 2.2 Infrastructure components 15 2.3 Cloud Layers 17 2.4 Cloud relations 23 2.5 Cloud dynamics 27 2.6 Data types 27 2.7 Summary 30 2.8 Exercises 30 References 30 3 Fundamentals of Cloud management 31 3.1 Introduction 31 3.2 Clouds management services 32 3.3 Virtual control center 37 3.4 Prerequisite input-data for the management services 37 3.5 Management of user requirements 40 3.6 Summary 46 3.7 Exercises 47 References 47 4 Cloud properties 49 4.1 Introduction 49 4.2 Adaptability property 50 4.3 Resilience property 51 4.4 Scalability property 52 4.5 Availability property 53 4.6 Reliability property 53 4.7 Security and privacy property 54 4.8 Business model 55 4.9 Summary 56 4.10 Exercises 57 References 57 5 Automated management services 59 5.1 Introduction 59 5.2 Virtual layer self-managed services 60 5.3 Virtual services interdependency 65 5.4 Application layer self-managed services 67 5.5 Application services interdependency 70 5.6 Security and privacy by design 71 5.7 Multi-tier application deployment in the Cloud 73 5.8 Main challenges and requirements 79 5.9 Summary 82 5.10 Exercises 82 References 83 Part Two Clouds security fundamentals 85 6 Background 87 6.1 Topics flow 87 6.2 Trusted Computing 89 6.3 Summary 97 References 97 7 Challenges for establishing trust in Clouds 99 7.1 Introduction 99 7.2 Effects of Cloud dynamism on trust relationships 100 7.3 Challenges 103 7.4 Summary 105 7.5 Exercises 105 References 105 8 Establishing trust in Clouds 107 8.1 Introduction 107 8.2 Organization requirements 107 8.3 Framework requirements 108 8.4 Device properties 111 8.5 Framework architecture 112 8.6 Required software agents 116 8.7 Framework workflow 119 8.8 Discussion and analysis 125 8.9 Summary 126 8.10 Exercises 127 References 127 9 Clouds chains of trust 129 9.1 Introduction 129 9.2 Software agents revision 130 9.3 Roots of and chains of trust definition 130 9.4 Intra-layer chains of trust 132 9.5 Trust across layers 140 9.6 Summary 143 9.7 Exercises 143 References 143 10 Provenance in Clouds 145 10.1 Introduction 145 10.2 Motivating scenarios 148 10.3 Log records management and requirements 150 10.4 Framework domain architecture 155 10.5 Framework software agents 157 10.6 Framework workflow 160 10.7 Threat analysis 171 10.8 Discussion and future directions 173 10.9 Exercises 175 References 175 11 Insiders 177 11.1 Introduction 177 11.2 Insiders definition 178 11.3 Conceptual models 182 11.4 Summary 185 11.5 Exercises 185 References 186 Part Three Practical examples 187 12 Real life examples 189 12.1 Open Stack 189 12.2 Amazon web services 195 12.3 Component architecture 197 12.4 Prototype 203 12.5 Summary 209 Reference 209 13 Case study 211 13.1 Scenario 211 13.2 Home healthcare architecture in the Cloud 212 13.3 Insiders analysis for home healthcare 212 13.4 Cloud threats 220 References 226

About the Author :
Dr. Imad M. Abbadi University of Oxford, UK