Information Technology Reference
In-Depth Information
Summary
The need for cloud computing standards arises from the presence of numerous entities in
the cloud space. Because each company can have its own technology, it is hard to imagine
a coherent cloud ecosystem without a basis for standardization. Therefore, standardization
attains utmost importance.
Similarly, security threats and attacks pose major threats to cloud computing becoming
a ubiquitous infrastructure. In this chapter, we covered topics related to important security
concepts and tools, including obfuscation, access control lists, virtual private networks,
firewalls, and DMZs. We also discussed encryption techniques, public key infrastructure,
IPSec, Transport Layer Security, and widely used cipher algorithms.
Security techniques and algorithms need to be applied to hosts and server systems to
make them secure. Special consideration and importance must also be given to secure user
credentials, antivirus software tools, and security patching. Access control and privileges
must be strictly enforced to ensure maximum security.
Chapter Essentials
Ad Hoc Standards Ad hoc standards for cloud computing are proposed by different orga-
nizations. These include the NIST Cloud Computing Standards Roadmap, IEEE Standards
Association Working Groups, Cloud Security Alliance (CSA), DMTF Open Virtualization
Format, and SNIA Cloud Data Management Interface (CDMI).
Security Concepts and Tools Some of the most common security threats and attacks
include ping of death, denial of service, and distributed denial of service. Techniques for
ensuring secure communications include obfuscation, access control lists, and virtual private
networks. Other options for making the whole network infrastructure secure include fire-
walls and provisioning demilitarized zones.
Encryption Techniques Encryption techniques are widely used to prevent data from unau-
thenticated use. These include public key infrastructure, IPSec, Transport Layer Security,
and a few widely used ciphers algorithms such as AES, DES, RSA, RC4, and RC5.
Unnecessary Ports and Services, Secure Credentials, and Security Patching Security
techniques and algorithms need to be applied to secure host and server systems. Disabling
unnecessary ports and services is an important aspect of securing network-wide systems,
which could otherwise pose security vulnerabilities. Secure user credentials and strong
password policy should be enforced because authentication is only as strong as the creden-
tials themselves. In addition, antivirus software tools and security patching are essential
aspects of implementing host hardening techniques.
Search WWH ::




Custom Search