Colorado Technical University
Article #2 in the Capstone Paper Option Submitted to
The Graduate Council
in Partial Fulfillment of
The Requirement for the Degree of
Doctor of
Computer Science with a concentration
in Enterprise
Information Systems
Department of Computer Science
By
Tai Cleveland
BS, Electronic Engineering Technology 1991, from NSU
Tahlequah, Oklahoma
MS, Information Systems Security, 2006 from CTU
Colorado Springs, Colorado
April 10, 2013
Tai Cleveland
Colorado Technical University
Impact of LAN/WAN on Database Security in the Cloud
Computing Environment
Abstract
Cloud computing has been gaining momentum as a business
platform due to its practically unlimited Internet-powered infrastructure as
well as its various advantages over proprietary applications. However, while
subscriptions to cloud-based services results in cost efficiency among users,
the open nature of the cloud computing environment exposes it to security
threats. The attractiveness of the cloud computing environment lies in the
simplicity with which organizations can enhance their information system and
almost effortlessly adapt to it. The very simplicity, which entices
organizations to the clouds, nevertheless renders it vulnerable to unscrupulous
entities that prey on corporate and confidential client data to serve their
selfish motives through unauthorized access.
As cloud applications and services operate in a virtual
environment, the open nature of the technology empowers businesses through data
and device independence, sharing capability, scalability, and agility. The same
virtual environment, however, makes database security a primary concern as the
openness of its enhanced virtual interfaces facilitates easy access and/or
transfer of information across computer channels. This renders cloud computing
a potential target for security attack vectors in the form of denial of service
(DoS), cloud malware injection, authentication, and man-in-the-middle
cryptographic attacks, among others. The mere fact that information is stored
in databases makes them critical areas for data security. The local area
network/wide area network (LAN/WAN) bridges the interconnectivity between
organizational users and cloud services, and this is one aspect of data
security in cloud computing which can benefit from further research. Therefore,
this study will attempt to assess the impact of LAN/WAN on database security in
the cloud computing environment.
Table of
Contents
Abstract........................................................................................................................................... 2
Table of Contents............................................................................................................................ 3
Introduction..................................................................................................................................... 4
Background of the Study.................................................................................................... 6
Problem Statement............................................................................................................ 11
Methodology................................................................................................................................. 15
Summary and Conclusions............................................................................................................ 17
References..................................................................................................................................... 19
Introduction
Security issues are a key concern in
cloud computing in the light of new security threats which evolve.vis a vis,
the rapid advances in Internet and information technology. It is thus
reasonable to expect that these threats will perpetuate within creasing use of technology.
New countermeasures are necessary to maintain the integrity of the information
technology systems susceptible to these threats (Michael & Denolt, 2010;
Sridhar, 2010). Security issues, therefore, constitute an enduring concern in cloud
computing (Verma & Kaushal, 2011).
Traditionally, data security models
are aimed at protecting the perimeter of the organization. In the more recent technology
environment, however, this approach is no longer sufficient. Particularly, in
the case of cloud computing, potential risks are as likely to come from within
the organization as from external sources. Among other critical procedures,
measures to control data corruption, access, disruption and loss must be
adapted to the new cloud computing paradigm. This poses a great challenge for
organizations which have migrated to the clouds because whether it is in the public
or private cloud, data is practically under the control of the service
providers (Wang, 2012).
Businesses that have migrated their
information systems to the clouds are at the mercy of data security being
offered by providers unless they opt to reinforce their data security at their
own costs. Needless to say, therefore, that data security is not guaranteed
fail-secured. Accordingly, cloud-enabled organizations are concerned with the
security of their information, especially with regard to exposure to
unauthorized parties. Moreover, attacks are changing to more sophisticated
forms to gain access to specific types of data and take control of valuable
corporate information.
Cloud computing offers a
multiplicity of advantages to business organizations, ranging from cost
efficiency to easier exchange of valuable data within various frameworks.
Nevertheless, businesses face many challenges with their migration from
traditional to open systems. As data travels through wired and/or wireless
networks, data protection is essential. Data protection is especially vital to
assure client confidentiality and security compliance for businesses. Being an
emergent technology, cloud computing will undoubtedly benefit from research
aimed at bolstering data protection and security. This alone provides a strong
justification for the conduct of the proposed study.
There
are a number of external factors which may affect the proposed study. The
factors include: Data location or database, otherwise data centers; network
topology of the underlying environment; data segregation; external servers,
especially when they are compromised; and pertinent regulations (Sangroya,
Kumar, Dhok & Varma, 2010). These will be explained in the next section.
One aspect of data security in the cloud computing
environment which can benefit from further research is the local area
network/wide area network (LAN/WAN). According to Cleveland (2009), LAN/WAN database
security is customized by cloud service providers in response to various
customer needs given the level of control the organization needs or requires.
However, data security offered by cloud service providers is usually not
sufficient which necessitates other ways of ensuring data security of the
LAN/WAN in the cloud computing database. Protection and proper reporting is
seen as a positive framework on which to formulate software to counteract
threats. Furthermore, increased awareness of Trojan and hacker attacks, as well
as other vector attacks, is crucial in being able to build a standard database
server security.
Ultimately, being prepared against the aforementioned
security attacks is viewed to be important in database security as LAN/WAN
systems are now integral to industry business practices. LAN/WAN systems are
vital as they assure faster data exchange and efficient information storage.
Furthermore, LAN/WAN networks facilitate ideal interconnectedness both in a
wired and wireless framework (Mather et al., 2009).
According to Lyon, (1997) devices connected to a LAN or to
the Internet by means of modern technologies that include well-known and
not-so-well-known ports increase the need for secure operation . Improved WAN
performance adds an extra degree of security by transporting data through
distinctive well-secured pipelines. Both LAN and WAN security implementations
are beneficial for both service providers and enterprises as they broaden
virtual networks outside their facilities, leading these security measures to
enhance higher network productivity (Cole, 2009). To facilitate strengthening
of data security in the cloud- computing environment through LAN/WAN, there is
a need to assess its impact in the cloud from the perspective of business
organizations subscribed to cloud services and service providers.
This proposed study will, therefore,
serve as a forum for organizations and providers to contribute their
experiences in securing their business data in the cloud, particularly with
respect to LAN/WAN. Inputs from the study will eventually be synergized to
develop a best practices approach that could lead to better infrastructure
development as explained in Rittinghouse and Ransome (2009). To this end, it is
hoped that organizations who have harnessed cloud computing utilities will be
able to effectively monitor data exchanges, especially in terms of securing
access from the back to the front- end portions of the system. This is integral
to intelligent security management, and the proposed study will be instrumental
in rendering a higher level of data security in the context.
Background of the Study
Hackers take advantage of open systems by striking during
data transfers as more companies are entering the cloud-computing environment
(Dumas, 2013).Computer security experts, therefore, cite the need to safeguard
memory, CPU, storage, and program execution in order to mitigate any security
attacks. LANs and WANs are at the core of cloud services as these networks
serve as links between the providers and consumers of cloud-based applications
and other utilities (Lin & Devine, 2010),
Accordingly, the main challenge in the LAN/WAN system is the implementation
of proper distribution channels where encryption algorithms are used while data
is being transferred over the Internet. A case in point would be wireless LANS
using the IEEE 802.11b technology standard since encryption here can easily be
broken. Once encryption is broken, the corporate network can be illegally
accessed and hackers can intercept data being transmitted at will (Joshi,
2004).
Furthermore, the lack of well-defined security
standardizations should be emphasized. There is a lack in transparency with
respect to security measures and processes applied by cloud service providers.
Cloud consumers currently have to trust their providers that the services they
are subscribed to are compliant with current security standards. To illustrate,
a formidable establishment renowned for its online business and one of the
pioneers in cloud-based technology announced in 2010 that it is compliant with
ISO 27001 and PCI DSS Level 1, which are baseline security measures for
traditional computing. The problem, however, is that to date, “no agreed
standard criteria for running a secure cloud infrastructure exist” (Doelitzscher,
Reich, Knahl & Clarke, 2013, p. 130). The question of whether the security
standards for traditional computing apply to cloud based computing has not yet
been settled.
The rate in which organizations are transferring from
traditional models of computing into the new software architectures is also a
security alarm making it necessary to become aware of new threats and
vulnerabilities. Many cite the lack of ERP and operating systems in business
applications as a striking vulnerability whereby many virtual business
transactions create increasing security problems (Rittinghouse & Ransome,
2009). Access control can, therefore, be enhanced to mitigate the risks of
compromising the security of corporate and client information (Buyya, et al.,
2011). In this regard, LANs and WANs are potential areas for tightening access
control to bolster data security by virtue of their function in the cloud
computing architecture.
A
number of external factors are, however, believed to influence data security in
cloud computing. Data loss or data security threats cannot be assumed on just
one point of failure, because data may be located at various geographically-distributed
nodes in the cloud. Thus, there are multiple points where data security may be
compromised in the cloud. Organizational and individual users of cloud
computing services generally do not have knowledge of the underlying network
topology of the cloud-based service they are subscribed into. They are,
therefore, constrained by this impediment in cases where clients may want to
supplement data security on their end (Sangroya, Kumar, Dhok & Varma,
2010).
Data
stored in the clouds are usually shared in the same environment as other data.
The common approach of encrypting data to prevent unauthorized users from
benefitting from hacked data does not present a sufficient solution for
security problems pertaining to data segregation. In cases when cloud servers are
compromised, shutting down servers to protect data will result in
unavailability of data, which is as challenging as data loss or unauthorized
data access for business organizations. Additionally, compliance to emerging
cloud regulations by government bodies may also exert some influence on the
data security since cloud service providers are subject to adhere to security
audits (Sangroya, Kumar, Dhok & Varma, 2010).
The development of the cloud as a
business system was pioneered by Amazon.com, with multiple data centers
utilized based on a utility computing basis. This trailblazing practice further
enhanced their operational efficiency as an online retailer. The firm
successfully maintained their database security by prioritizing protection of
their LAN/WAN system(Reese, 2009). Amazon’s cloud model implemented technology
to facilitate provision of more control for their clients via the LAN/WAN
system. While off-premise data storage in Amazon’s data centers are subject to
connectivity and latency constraints between the clients’ LAN and the data
centers, security measures, particularly encryption, strengthened database
protection (Hurwitz, Kuafman, Halper & Kirsch, 2012).
The cloud architecture has since
been developed by other companies such as Google and IBM with strides in the
improvement of the security systems. The current trend is to transfer company
owned hardware and software assets and sharing systems on a per-service basis.
This amasses huge savings for the company with the reduction of cost- upkeep
expenditures on their end (Reese, 2009).
As the Internet and online retailing has boomed since the
new millennium, the lack of standardization has led to the creation of a Cloud
Security Alliance by eBay and ING, among others, in order to promote best
practices in the industry. The alliance has since been adopted as a platform to
share information and security experiences with other computer technology
experts (Messmer, 2009). Forming alliances presents an opportunity for
organizations to partner with cloud providers to help reduce their overall risk
exposure. Accordingly, the alliance group has announced fifteen domain areas of
concern that should be prioritized for organizations in order to assure database
security in a LAN/WAN system. These are governance and enterprise risk,
information and life-cycle management, compliance and audit, e Discovery, which
is production of electronically stored
information (Buyya,
Broberg & Gościński, 2011), encryption
and key management, application security, identity and access management and
incident response. Other technological groups such as Sun Microsystems, VMware
and IBM have cited portability, interoperability and monitoring as key security
issues in a LAN/WAN security database (Rittinghouse & Ransome, 2009).
The rate at which businesses use on-demand
cloud computing is noteworthy, as adoption rates have doubled annually(Buyya,
Broberg & Gościński, 2011). However, businesses
must be able to adapt to cloud technology without hampering their own daily
operations. Security issues constitute an enduring concern in cloud computing
(Verma & Kaushal, 2011).Ironically, security threats evolve in tandem with
technology and new countermeasures are
necessary to maintain the integrity of the information technology systems
susceptible to these threats. It is thus reasonable to expect that the threats
will rise with the increasing use of technology (Michael & Denolt, 2010;
Sridhar, 2010).
The main issues of database security on a LAN/WAN
cloud-computing environment are the lack of standardizations, business models,
and varying opinions on sources of security threats. Furthermore, the increase
in the number of security providers is adding confusion for organizations as
how tobest address the issues at hand. Database security is a top priority, but
balancing this with the cost savings of adopting a cloud-computing environment
creates a myriad of problems for users and organizations. An additional problem
is the availability of experts in cloud computing technology is few as it is
only an emerging technology (Gnanasundaram & Shrivastava, 012). Moreover, manycite the rate of change of an organization’s security
measures are lower compared to the ability of hackers to create software
programs that are aimed to steal confidential information ( Lambert, 2005;
Mather, et al., 2009; Jackson, 2012) . This indicates the need for industry
experts to formulate stronger alliances to counteract looming security risks in
the horizon (Mather et al., 2009).
Problem Statement
Cloud computing is seen as an advantageous technological
advancement being adopted by many industries globally. Its sharing mechanism
generates faster savings and higher profit margins that are beneficial to many
businesses. Meanwhile, Information sharing in a LAN/WAN security database is
vulnerable to security risks under a cloud-computing environment. This is due
to the use of the Internet to transfer data from front- to back-end users. It
is even complicated more with the use of multiple servers storing and sending
data across various computers. Therefore, before adopting cloud computing, it
is imperative for organizations to consider the security system before
embarking on a company-wide infrastructure shift.
The cloud computing architectural environment must be robust
against security threats and physical defects in order for the company to
optimize gains. This will require an understanding of the risks inherent in
cloud computing by applying best practice methods and following legal
compliance guidelines (Rajan, 2010). Any technology
solution which enhances company operations and/or financial performance will
have its own drawbacks. The attractiveness of cloud computing in terms of
expanse and flexibility is countered by underlying threats to security.
Companies should, therefore, weigh their options very carefully before changing
to the new technology.
The age of infallible database security systems no longer
exist, especially with the open nature of cloud computing environments. As
such, the realization of threats is necessary in order to mitigate security
risks in its adoption (Mather et al., 2009). If, indeed the advantages of
migration into the cloud offset the risks to security that an organization may
be exposed, such risks should nonetheless be manageable. The impenetrability of
LANs and WANs from unauthorized intrusion during data transmission, and even
during storage, presents a viable direction for enhanced security measures. To
this end, a deeper knowledge of the impact of LANs and WANs in database
security in the cloud environment offers a potent area for research.
A key motivation for the research is the opportunity to address
the challenges database security face especially in assuring public
confidentiality and privacy. More over, the Internet and cloud computing are invaluable
tools in the business process. Optimizing the advantages of cloud computing is
crucial for industries so that they can harness the power of the Internet to
improve their financial performance.
The objective of this study is, therefore, to promote best
practices in the industry while developing security software programs to
address security risks. It is, likewise, equally important to conduct an
intelligent management and resource allocation of cloud computing providers in
order to build a reliable and efficient business infrastructure model that satisfies
both companies and consumers in terms of cloud services and data security. Best
practices, however, do not exist in a vacuum. Data security practices which one
company successfully implemented on their end need to be communicated with
comparable organizations to verify whether the practice is generally applicable
to other companies or uniquely useful to just one organization. It is hoped
that Inputs from other firms can help develop one company practice into an
industry best practices network.
The expected outcome is to promote a better understanding
of LAN/WAN database computing security in a cloud-computing environment to the
general public. Significantly, basic security measures can be initiated for
small to medium sized companies in order to protect the interests of all
parties within the system of networks. The promotion of a best practices
approach is to build mutually beneficial relationships with providers and users
creating a strong virtual organization. This serves as a preventive method for
data loss, insider threats, and organized crime using high-tech methods that
will be ultimately advantageous for all users.
Cloud computing is the technology of the future. With
Internet technology advancing in leaps and bounds, virtual computing in the cloud
is the ultimate technology to learn more about in the next decade. A synergy of
expert knowledge and crucial company experiences of cloud service providers and
consumers can help elevate cloud computing into the next level where data is no
longer a hindering threat, but a facilitating opportunity for corporate growth
and expansion.
The SaaS or “Software as a Service” is seen to be the most
vulnerable, wherein hackers can easily use this route to enter the business
database and information technology systems. Experts cite that newer systems
are, in fact, more susceptible than traditional computer architectures as cloud
computing, in effect makes business operations seem to have fewer boundaries.
The invention of other electronic gadgets such as the PDA and the laptop is
also a source of security threats, especially with their ability to store
customer information as high as 8GB. All of these gadgets also contain private
information that lacks encryption methods. More importantly, the ability to
transfer data between computers is also a source of data loss within companies,
making it necessary to apply physical security measures. This includes
monitoring all sources of information whether electronic, hard copy or in
transit (Mather et al., 2009).
Amongst all these sources is the ability to monitor transit
information in a LAN/WAN system as firewalls and intrusion detection systems
serve as the current best practices in information security. The promotion of
regular risk evaluations is also necessary by auditing risk threats for
businesses under a cloud-computing environment. Other than data loss is data
leakage, as mobile technologies make it easier for hackers and even employees
to use data and transfer information. This has increased the call for the
development of data loss prevention systems to be included in the LAN/WAN
security of database in a cloud-computing environment. By installing this
software, compromised computers with data leakage and mobile technology
invasion can be prevented, thereby reducing the risk into manageable monitoring
facilities (Mather et al., 2009).
The cloud-computing environment has highlighted the need
for de-parameterization, wherein a collaborated oriented architecture is
advocated. It is through this manner that organizations and security experts
can conduct securing collaborations with various vendors and online customers.
This will result in a forum-type sharing that will allow the development of
technology that suits customers and organization’s needs. An open style
communication system is seen to be advantageous for all concerned, as it is a
mode for information sharing of security practices (Mather et al., 2009).
Collaboration forums will help organizations form
partnerships with security consultants to determine the latest threats. This is
especially vital in cases where organizational crime is viewed to have
penetrated LAN/WAN database security systems by as much as thirty percent. This
exploitation figure is only an estimate as experts cite fraudulent activities
are rising by more than twenty percent globally per year. High tech criminals
are estimated to profit at least $200 million dollars in combined data theft,
phishing and hacking activities. The Internet is, in fact, a large area of
concern for LAN/WAN database security mainly through the large number of transactions
ongoing at any given time. This impacts the organization’s ability to properly
do data tracking through the system (Mather et al., 2009).
The virtual characteristic of the LAN/WAN in cloud
computing is evidence of its key strengths and inherent weaknesses, especially
in attacks using mobile malware. Industrial espionage is also crucial with the
apparent weaknesses of Web 2.0 technologies. Business models are seen to be
vulnerable to attacks as they shift from traditional to cloud models creating
large problem areas in terms of becoming indiscriminate victims to hacker
attacks. This results in emphasizing the need for collective action by organizations
under the cloud-computing environment. Protection and proper reporting is seen
as a positive framework to formulate software to counteract threats.
Furthermore, increased awareness of Trojan and hacker attacks is crucial in
being able to build a standard database server security. Ultimately, this is
viewed to be particularly important in database security as LAN/WAN systems are
now integral to industry business practices. LAN/WAN systems are vital as they
assure faster data exchange and efficient information storage. It facilitates
ideal interconnectedness both in a wired and wireless framework (Mather et al.,
2009).
Forums are expected to develop an open standards framework
for cloud computing security as this is currently being supported by HP, IBM,
AMD and Microsoft. The need for standardization is apparent in order to build
integrity into the LAN/WAN system. A multifaceted approach is necessary in
creating a security framework that encompasses many domains e.g. private,
public, virtual and non-virtual entities. This multi-tenant approach is seen to
be the most viable in building an end-to-end security environment (Mather et
al., 2009).
Methodology
According to Cleveland (2009) LAN/WAN database security is
customized to the various customer needs given the level of control the
organization needs or requires to give up to the cloud service providers.
However, this is not sufficient, necessitating the inculcation of other ways of
ensuring LAN/WAN data security in the cloud computing data base. One of these ways
is encryption. End-to-end data encryption adds encryption to communication
paths ensuring only the intended party having the correct identity accesses the
data in a LAN/ WAN platform.
For further security of data in a cloud computing system,
each cloud service should be secured and must have its encryption turned on.
Another way of securing a database is by the use of the Hashing Method of
cryptography, where the information cannot be decoded until the person wishing
to access it matches the hash value of the new message as required (Stallings,
2007). Moreover, data in databases should be backed-up using modern
technologies such as RAID technologies to ensure that, in case of any
eventuality where the data becomes corrupted or deleted, processes can be
restored swiftly with minimum losses in data, especially in the most sensitive
ones.
According to Lyon, (1997) devices connected to a LAN or
connected to the Internet by means of a modem, run many services that watch both
well-known and unknown ports which increase the need for secure operation
platforms. Improved WAN performance adds an extra degree of security by
necessitating data to be transported through distinctive pipelines that are well
secured. Both LAN and WAN security implementations are beneficial for both
service providers and enterprises as they appear to broaden virtual networks
outside their facilities leading to these security measures enhancing higher
network productivity (Cole, 2009).
The research design will be exploratory in nature, using
quantitative and qualitative research methods. The use of second-hand materials
such as academic books and scholarly materials will be an invaluable resource
in meeting the research objectives. These objectives are to ascertain the
effectiveness of forums as an ideal source of standardization in LAN/WAN
database security systems and whether this is an effective tool in developing
new security technologies. Second, a collection of best industry practices in
security measures will be conducted to contribute to existing literature on the
subject. This will add to the breadth of knowledge in applying basic security
measures and complex security protocols.
The research philosophy will be descriptive: Gathering data
from known technological companies and security providers. A qualitative
approach will be applied in soliciting first hand sources to determine the
effectiveness of current practices and security breaches if any. It is crucial
to understand security concerns in the LAN/WAN system, especially gathering
experiences from companies that have adopted cloud-computing environments.
Furthermore, understanding the related substantive issues will be highlighted
wherein the methodological design of this undertaking is viewed to be
advantageous to the researcher. The final goal is to search for an optimal
solution against security risks through an analytical framework.
Summary and
Conclusions
The advantages of cloud computing are many, from cost
efficiencies to easier exchanges of valuable data within multiple frameworks.
Security developers today face many challenges with the large migration of
organizations from traditional to open natured systems. Data protection as it
travels through either a wired or wireless network is necessary. This is
especially vital to assure client confidentiality and compliance for
businesses. Being able to monitor data exchanges is integral to intelligent
security management especially securing access from the back to front end
portions of the system. Significantly, a forum will provide an avenue for all
organizations and customers to develop a best practices approach that is seen
to lead to better infrastructure development (Rittinghouse & Ransome,
2009).
The cloud
computing architecture using a LAN/WAN system has the advantage of
virtualization and application centralization, wherein in database security, it
can be prioritized in order to promote further growths. Security protocols can
be initiated by software systems that include firewalls and intrusion detection
features that protect all network users. More importantly, the shared system
creates a dynamic environment that makes it difficult for hackers to penetrate.
Furthermore, this highlights the human element in database security management
wherein insiders can instigate threats. A deeper understanding of basic and
complex database security approaches are viewed to develop a long-term security
strategy that is a progress of intelligent
References
Buyya, R.,
Broberg, J., & Gościński, A. (Eds.). (2011). Cloud computing: Principles and paradigms. Hoboken, N.J.: Wiley.
Doelitzscher,
F., Reich, C., Knahl, M. & Clarke, N. (2013). Understanding cloud audits,
In S. Pearson & G. Yee (Eds.), Privacy and security for cloud computing
(pp. 125-166). London: Springer.
Dumas, M. B.
(2013). Diving into the bit stream: Information technology meets society in
a digital world. New York, NY: Rutledge.
Gnanasundaram,
S. & Shrivastava, A. (Eds.). (2012). Information storage management:
Storing, managing, and protecting digital information in classic, virtualized,
and cloud environments (2nd ed.). Indianapolis, IN: John Wiley
& Sons.
Hurwitz, J.,
Kaufman, M., Halper, F. & Kirsch, D. (2012). Hybrid cloud for dummies.
Hoboken, NJ: John Wiley & Sons.
Jackson, G. M.
(2012). Predicting malicious behavior: Tools and techniques for ensuring
global security. Indianapolis, IN: John Wiley & Sons.
Joshi, V. C.
(2004). E-finance: Log in to the future. Thousand Oaks, CA: Sage Publications.
Lambert, L.
(2005). The Internet: A historical encyclopedia. Santa Barbara, CA:
ABC-CLIO - MTM Publishing.
Lin, G. &
Devine, M. (2010). The role of networks in cloud computing. In B. Furht &
A. Escalante (Eds.), Handbook of cloud computing (pp. 65-82). London:
Springer.
Mather, T., Kumaraswamy, S. & Latif, S. (2009). Cloud security and privacy: An enterprise perspective
on risks and compliance. New York: O'Reilly Media.
Messmer, E. (2009). Cloud security alliance formed to
promote best practices: eBay and ING are among founding members. Retrieved
from http://www.networkworld.com/news/2009/033109-cloud-security-alliance.html
Rajan, S. (2010). Cloud security series-Sarbanes Oxley compliance.
Retrieved from http://cloudcomputing.sys-con.com/node/1622079.
Reese, C. (2009). Cloud
application architectures: Building applications and infrastructure in the cloud.
New York, NY: O'Reilly Media
Rimal,
B. R., Choi, E. & Lumb, I. (2010). A taxonomy, survey & issues of cloud
computing ecosystems. In N. Antonopoulos & L. Gillam (Eds.), Cloud
computing: Principles, systems and applications (pp. 21-46). Heidelberg,
DEU: Springer Science + Business Media.
Rittinghouse, J. & Ransome, J. (2009). Cloud computing: Implementation, management,
and security. Boston, MA: CRC Press.
Sangroya, A., Kumar, S., Dhok, J. & Varma, V. (2010).
Towards analyzing data security risks in cloud computing environments. Communications
in Computer and Information Science, 54, 255-265.
Slabeva, K. S. & Wozniak, T. (2010). An introduction to
cloud computing. In K. S. Slabeva, T. Wozniak &S. Ristol (Eds.), Grid
& cloud computing: A business perspective on technological applications.
Heidelberg, DEU: Springer Business + Media.
Verma, A. & Kaushal, S. (2011). Cloud computing
security issues and challenges: A survey. In A. Abraham, J. L. Mauri, J. F.
Buford, Suzuki, J. & S. M. Thampi (Eds.), Proceedings from ACC 2011: The
First International Conference on Advances in Computing and Communications
(pp. 445-454). Heidelberg, DEU: Springer Science + Business Media.
No comments:
Post a Comment