云之安全隐私与数字取证(英文版)(精)

本书以独特而系统的方式讨论了云的安全和隐私 方面以及相关的云取证。云计算是一种新兴的革命性 技术，它一直在改变人们的生活和工作方式。但是， 随着云计算和相关服务的不断发展，安全和隐私已成 为一个关键问题。本书由该领域顶级专家撰写，集中 讨论了云的安全性和隐私性，以及云数据、应用程序 和服务的数字取证。本书前半部分可使读者对云安全 的背景有全面的了解，这将有助于他们进入本书后半 部分的数字调查、指导和建议。 本书第一部分包括云基础架构的安全性，数据的 机密性，云IaaS中的访问控制，云安全和隐私管理， 黑客攻击和对策，风险管理和灾难恢复，审计和合规 和安全服务（SaaS）；第二部分包括云取证的模型、 挑战和方法，云中的网络恐怖主义，云中的数字取证 过程和模型，数据采集，数字证据管理、演示和法庭 准备，数字证据分析和取证服务（FaaS）。 本书可作为信息系统、信息技术、计算机和网络 取证以及计算机科学领域高级本科生和研究生的学习 参考书，也可供安全专业人员、数字取证从业者和云 服务提供商参考使用。

List of Contributors Part I Cloud Security and Privacy 1 Introduction to the Cloud and Fundamental Security and Privacy Issues of the Cloud Hassan Takabi and Mohammad GhasemiGol 1.1 Introduction 1.2 Cloud Computing and Security Issues 1.3 Identity Security in the Cloud 1.4 Information Security in the Cloud 1.4.1 Confidentiality 1.4.2 Integrity 1.4.3 Availability 1.4.4 Accountability 1.4.5 Nonrepudiation 1.4.6 Key Considerations in Information Security 1.4.7 Information Security Analysis in Some Clouds 1.5 Cloud Security Standards 1.6 Conclusion References 2 Cloud Infrastructure Security Mohammad GhasemiGol 2.1 Introduction 2.2 Infrastructure Security in the Cloud 2.2.1 Infrastructure Security: The Network Level 2.2.1.1 Network-Level Mitigation 2.2.2 Infrastructure Security: The Host Level 2.2.2.1 SaaS and PaaS Host Security 2.2.2.2 IaaS Host Security 2.2.3 Infrastructure Security: The Application Level 2.2.4 Hypervisor Security in the Cloud 2.3 Infrastructure Security Analysis in Some Clouds 2.3.1 Force URL 2.3.2 Amazon AWS 2.3.3 Google App Engine 2.3.4 Microsoft Azure 2.4 Protecting Cloud Infrastructure 2.4.1 Software Maintenance and Patching Vulnerabilities 2.4.2 The Technology Stack 2.4.3 Disaster Recovery 2.4.4 Monitoring and Defending Infrastructure 2.4.5 Incident Response Team 2.4.6 Malicious Insiders 2.5 Conclusion References 3 Confidentiality of Data in the Cloud: Conflicts Between Security and Cost Nathalie Baracaldo and Joseph Glider 3.1 Introduction 3.2 Background 3.3 Confidentiality: Threats and Adversaries 3.4 Achieving Data Confidentiality in Cloud Storage Systems 3.4.1 Cryptographic Solutions 3.4.1.1 Stage Encryption 5S 3.4.1.2 End-to-End Encryption 3.5 Reducing Cloud Storage System Costs through Data-Reduction Techniques 3.6 Reconciling Data Reduction and Confidentiality 3.6.1 Existing Techniques 3.7 Trusted Decrypter 3.7.1 Overview 3.7.2 Secure Data-Reduction Operations 3.7.2.1 Preliminaries 3.7.2.2 Detailed Secure Data-Reduction Operations 3.7.2.3 Write Requests 3.7.2.4 Read Requests 3.7.2.5 Rekeying Requests 3.7.2.6 File Deletion 3.7.2.7 Offboarding Requests 3.7.2.8 Secure Data Deletion 3.7.3 Securing the Critical Module 3.7.4 Security Analysis 3.7.4.1 Data Confidentiality 3.7.4.2 Data Confidentiality in the Presence of Deduplication 3.7.4.3 Security Impact of Different Technologies 3.7.5 TD Overhead and Performance Implications 3.8 Future Directions for Cloud Storage Confidentiality with Low Cost …… Part II Cloud Forensics Index