Cloud management and security

1. Introduction

1.1. Overview

1.2. Cloud Definition

1.3. Cloud Evolution

1.4. Cloud Services

1.5. Cloud Deployment Types

1.6. Main Challenges of Clouds

1.7. Summary

1.8. Exercises

References

2. Cloud Structure

2.1. Introduction

2.2. Infrastructure Components

2.2.1. Storage Components

2.2.2. Physical Servers

2.2.3.Network Components

2.3. Cloud Layers

2.3.1. Vertical Slices

2.3.2. Horizontal Slices

2.3.3. Horizontal vs. Vertical Slices

2.3.4. Illustrative Example

2.4. Cloud Relations

2.4.1. Intra-layer Relations

2.4.2. Across-layer Relations

2.5. Cloud Dynamics

2.6. Data Types

2.7. Summary

2.8. Exercises

References

3. Fundamentals of Cloud Management

3.1. Introduction

3.2. Clouds Management Services

3.2.1. Application Deployment Scenario

3.2.2. Identifying Cloud Management Services

3.3. Virtual Control Center

3.4. Prerequisite Input Data for Management Services.

3.5. Management of User Requirements

3.5.1. Requirement Management Workflow

3.5.2. Challenges and Requirements

3.5.3. Categories and Delegation of User Requirements

3.5.4. Illustrative Example

3.6. Summary

3.7. Exercises

References

4. Cloud Properties

4.1. Introduction

4.2. Adaptability Property

4.3. Resilience Property

4.4. Scalability Property

4.5. Availability Property

4.6. Reliability Property

4.7. Security and Privacy Property

4.8. Business Model

4.9. Summary

4.10. Exercises

References

5. Automated Management Services

5.1. Introduction

5.2. Virtual Layer Self-managed Services

5.2.1. Adaptability as a Virtual Service

5.2.2. System Architect as a Virtual Service

5.2.3. Resilience as a Virtual Service

5.2.4. Scalability as a Virtual Service

5.2.5. Availability as a Virtual Service

5.2.6. Reliability as a Virtual Service

5.3. Virtual Services Interdependency.

5.4. Application Layer Self-managed Services

5.4.1. Adaptability as an Application Service

5.4.2. Resilience as an Application Service

5.4.3. Scalability as an Application Service

5.4.4. Availability as an Application Service

5.4.5. Reliability as an Application Service

5.5. Application Services Interdependency

5.6. Security and Privacy by Design

5.7. Multi-tier Application Deployment in the Cloud

5.7.1. Application Architecture

5.7.2. Managed Services Interaction

5.8. Main Challenges and Requirements

5.8.1. Challenges

5.8.2. Requirements

5.9. Summary

5.10. Exercises

References

6. Background

6.1. Topics Flow

6.2. Trusted Computing

6.2.1. Introduction

6.2.2. Trusted Platform Module

6.2.3. TCG Main Components

6.2.4. The TP Main Functions

6.2.5. Challenges in TCG Specifications

6.3. Summary

References

7. Challenges for Establishing Trust in Clouds

7.1. Introduction.

7.2. Effects of Cloud Dynamism on Trust Relationships

7.2.1. Load Balancing

7.2.2. Horizontal Scaling

7.2.3. Vertical Scaling

7.2.4. Redundancy

7.2.5. Clustering

7.3. Challenges

7.4. Summary

7.5. Exercises

References

8. Establishing Trust in Clouds

8.1. Introduction

8.2.Organization Requirements

8.3. Framework Requirements

8.4. Device Properties

8.5. Framework Architecture

8.5.1. Dynamic Domain Concept

8.5.2. Proposed Architecture

8.6. Required Software Agents

8.6.1. Server Agent Functions

8.6.2. Client Agent Functions

8.6.3. Server Agent Initialization

8.6.4. Client Agent Initialization

8.7. Framework Workflow

8.7.1. Management Domain and Collaborating Management Domain Establishment

8.7.2.Organization Home Domain Establishment

8.7.3. Adding Devices to a Domain

8.7.4. Outsourced Domain and Collaborating Outsourced Domain Establishment

8.8. Discussion and Analysis.

8.8.1. Benefits of Using Trusted Computing

8.8.2. Benefits of the Framework Architecture

8.8.3. Content Protection

8.9. Summary

8.10. Exercises

References

9. Clouds Chains of Trust

9.1. Introduction

9.2. Software Agents Revision

9.3. Roots of and Chains of Trust Definition

9.3.1. Roots of Trust

9.3.2. Chains of Trust

9.4. Intra-layer Chains of Trust

9.4.1.A Resource Chain of Trust

9.4.2.Compositional Chains of Trust

9.4.3. Physical Layer DCoT and CDCoT

9.4.4. Virtual Layer DCoT and CDCoT

9.4.5. Application Layer DCoT and CDCoT

9.5. Trust Across Layers

9.6. Summary

9.7. Exercises

References

10. Provenance in Clouds

10.1. Introduction

10.1.1. Log and Provenance

10.1.2. Problem Description and Objectives

10.1.3.Organization of the Chapter

10.2. Motivating Scenarios

10.3. Log Records Management and Requirements

10.3.1. Database Design

10.3.2. Security Requirements.

10.3.3. Other Requirements and Device Properties

10.4. Framework Domain Architecture

10.5. Framework Software Agents

10.5.1. Cloud Server Agent

10.5.2. LaaS Server Agent

10.5.3. LaaS Client Agent

10.5.4. VM Agent

10.5.5. Cloud Client Agent

10.6. Framework Workflow

10.6.1. Cloud Server Agent Initialization

10.6.2. LaaS Server Agent Initialization

10.6.3. LCA and CCA Initialization

10.6.4. LaaS Domain Establishment

10.6.5. Adding Devices to an LaaSD

10.6.6. Establishing Trust between Server Agents

10.6.7. MD Establishment and Management

10.6.8. Secure Log Storage

10.7. Threat Analysis

10.8. Discussion and Future Directions

10.8.1. Establishing Trust

10.8.2. Log Retention

10.8.3. Achievement of Objectives

10.9. Summary

10.10. Exercises

References

11. Insiders

11.1. Introduction

11.2. Insiders Definition

11.2.1. Background

11.2.2. Definition

11.2.3. Rules of Identifying Insiders.

11.3. Conceptual Models

11.3.1.Organizational View

11.3.2. Assets and Clients

11.3.3. Infrastructure Model

11.3.4. Procedure for Identifying Potential and Malicious Insiders

11.4. Summary

11.5. Exercises

References

12. Real-Life Examples

12.1. OpenStack

12.1.1. What is OpenStack?

12.1.2. Openstack Structure

12.1.3. Security in OpenStack

12.1.4. OpenStack Configuration Files

12.2. Amazon Web Services

12.3.Component Architecture

12.3.1. Nova-api

12.3.2. Nova-database

12.3.3. Nova-scheduler

12.4. Prototype

12.4.1. Trust Attestation via the DC-C

12.4.2. Trust Management by the DC-S

12.5. Summary

References

13. Case Study

13.1. Scenario

13.2. Home Healthcare Architecture in the Cloud

13.3. Insiders Analysis for Home Healthcare

13.3.1. Model Instance

13.3.2. Identifying Potential Insiders and Insiders

13.3.3. Insider Threat Analysis

13.4. Cloud Threats

References.