Cloud Management and Security

Written by an expert with over 15 years? experience in the field, this book establishes the foundations of Cloud computing, building an in-depth and diverse understanding of the technologies behind Cloud computing.

In this book, the author begins with an introduction to Cloud computing, presenting fundamental concepts such as analyzing Cloud definitions, Cloud evolution, Cloud services, Cloud deployment types and highlighting the main challenges. Following on from the introduction, the book is divided into three parts: Cloud management, Cloud security, and practical examples.

Part one presents the main components constituting the Cloud and federated Cloud infrastructure
(e.g., interactions and deployment), discusses management platforms (resources and services), identifies and analyzes the main properties of the Cloud infrastructure, and presents Cloud automated management services: virtual and application resource management services. Part two analyzes the problem of establishing trustworthy Cloud, discusses foundation frameworks for addressing this problem
? focusing on mechanisms for treating the security challenges, discusses foundation frameworks and mechanisms for remote attestation in Cloud and establishing Cloud trust anchors, and lastly provides a framework for establishing a trustworthy provenance system and describes its importance in addressing major security challenges such as forensic investigation, mitigating insider threats and operation management assurance. Finally, part three, based on practical examples, presents real-life commercial and open source examples of some of the concepts discussed, and includes a real-life case study to reinforce learning ? especially focusing on Cloud security.

Key Features

? Covers in detail two main aspects of Cloud computing: Cloud management and Cloud security

? Presents a high-level view (i.e., architecture framework) for Clouds and federated Clouds which is useful for professionals, decision makers, and students

? Includes illustrations and real-life deployment scenarios to bridge the gap between theory and practice

? Extracts, defines, and analyzes the desired properties and management services of Cloud computing and its associated challenges and disadvantages

? Analyzes the risks associated with Cloud services and deployment types and what could be done to address the risk for establishing trustworthy Cloud computing

? Provides a research roadmap to establish next-generation trustworthy Cloud computing

? Includes exercises and solutions to problems as well as PowerPoint slides for instructors

Preface ix

References xii

1 Introduction 1

1.1 Overview 1

1.2 Cloud definition 2

1.3 Cloud evolution 3

1.4 Cloud services 5

1.5 Cloud deployment types 6

1.6 Main challenges of Clouds 7

1.7 Summary 10

1.8 Exercises 10

References 11

Part One Cloud management 13

2 Cloud structure 15

2.1 Introduction 15

2.2 Infrastructure components 15

2.3 Cloud Layers 17

2.4 Cloud relations 23

2.5 Cloud dynamics 27

2.6 Data types 27

2.7 Summary 30

2.8 Exercises 30

References 30

3 Fundamentals of Cloud management 31

3.1 Introduction 31

3.2 Clouds management services 32

3.3 Virtual control center 37

3.4 Prerequisite input-data for the management services 37

3.5 Management of user requirements 40

3.6 Summary 46

3.7 Exercises 47

References 47

4 Cloud properties 49

4.1 Introduction 49

4.2 Adaptability property 50

4.3 Resilience property 51

4.4 Scalability property 52

4.5 Availability property 53

4.6 Reliability property 53

4.7 Security and privacy property 54

4.8 Business model 55

4.9 Summary 56

4.10 Exercises 57

References 57

5 Automated management services 59

5.1 Introduction 59

5.2 Virtual layer self-managed services 60

5.3 Virtual services interdependency 65

5.4 Application layer self-managed services 67

5.5 Application services interdependency 70

5.6 Security and privacy by design 71

5.7 Multi-tier application deployment in the Cloud 73

5.8 Main challenges and requirements 79

5.9 Summary 82

5.10 Exercises 82

References 83

Part Two Clouds security fundamentals 85

6 Background 87

6.1 Topics flow 87

6.2 Trusted Computing 89

6.3 Summary 97

References 97

7 Challenges for establishing trust in Clouds 99

7.1 Introduction 99

7.2 Effects of Cloud dynamism on trust relationships 100

7.3 Challenges 103

7.4 Summary 105

7.5 Exercises 105

References 105

8 Establishing trust in Clouds 107

8.1 Introduction 107

8.2 Organization requirements 107

8.3 Framework requirements 108

8.4 Device properties 111

8.5 Framework architecture 112

8.6 Required software agents 116

8.7 Framework workflow 119

8.8 Discussion and analysis 125

8.9 Summary 126

8.10 Exercises 127

References 127

9 Clouds chains of trust 129

9.1 Introduction 129

9.2 Software agents revision 130

9.3 Roots of and chains of trust definition 130

9.4 Intra-layer chains of trust 132

9.5 Trust across layers 140

9.6 Summary 143

9.7 Exercises 143

References 143

10 Provenance in Clouds 145

10.1 Introduction 145

10.2 Motivating scenarios 148

10.3 Log records management and requirements 150

10.4 Framework domain architecture 155

10.5 Framework software agents 157

10.6 Framework workflow 160

10.7 Threat analysis 171

10.8 Discussion and future directions 173

10.9 Exercises 175

References 175

11 Insiders 177

11.1 Introduction 177

11.2 Insiders definition 178

11.3 Conceptual models 182

11.4 Summary 185

11.5 Exercises 185

References 186

Part Three Practical examples 187

12 Real life examples 189

12.1 Open Stack 189

12.2 Amazon web services 195

12.3 Component architecture 197

12.4 Prototype 203

12.5 Summary 209

Reference 209

13 Case study 211

13.1 Scenario 211

13.2 Home healthcare architecture in the Cloud 212

13.3 Insiders analysis for home healthcare 212

13.4 Cloud threats 220

References 226