Foreword xvii Introduction xix DOMAIN 1: ARCHITECTURAL CONCEPTS AND DESIGN REQUIREMENTS 1 Introduction 3 Drivers for Cloud Computing 4 Security, Risks, and Benefi ts 5 Cloud Computing Defi nitions 7 Cloud Computing Roles 12 Key Cloud Computing Characteristics 12 Cloud Transition Scenario 14 Building Blocks 16 Cloud Computing Functions 16 Cloud Service Categories 18 IaaS 18 PaaS 19 SaaS 21 Cloud Deployment Models 23 The Public Cloud Model 23 The Private Cloud Model 23 The Hybrid Cloud Model 24 The Community Cloud Model 25 Cloud Cross?-Cutting Aspects 25 Architecture Overview 25 Key Principles of an Enterprise Architecture 27 The NIST Cloud Technology Roadmap 28 Network Security and Perimeter 32 Cryptography 33 Encryption 33 Key Management 35 IAM and Access Control 37 Provisioning and Deprovisioning 37 Centralized Directory Services 38 Privileged User Management 38 Authorization and Access Management 39 Data and Media Sanitization 40 Vendor Lock?-In 40 Cryptographic Erasure 41 Data Overwriting 41 Virtualization Security 42 The Hypervisor 42 Security Types 43 Common Threats 43 Data Breaches 43 Data Loss 44 Account or Service Traffic Hijacking 45 Insecure Interfaces and APIs 45 Denial of Service 46 Malicious Insiders 46 Abuse of Cloud Services 46 Insufficient Due Diligence 47 Shared Technology Vulnerabilities 47 Security Considerations for Different Cloud Categories 48 IaaS Security 48 PaaS Security 50 SaaS Security 52 Open Web Application Security Project Top Ten Security Threats 54 Cloud Secure Data Lifecycle 55 Information and Data Governance Types 56 Business Continuity and Disaster Recovery Planning 57 Business Continuity Elements 57 Critical Success Factors 58 Important SLA Components 59 Cost?-Benefit Analysis 60 Certification Against Criteria 62 System and Subsystem Product Certification 69 Summary 72 Review Questions 73 Notes 77 DOMAIN 2: CLOUD DATA SECURITY 79 Introduction 81 The Cloud Data Lifecycle Phases 82 Location and Access of Data 83 Location 83 Access 84 Functions, Actors, and Controls of the Data 84 Key Data Functions 85 Controls 85 Process Overview 86 Tying It Together 86 Cloud Services, Products, and Solutions 87 Data Storage 87 IaaS 87 PaaS 88 SaaS 89 Threats to Storage Types 90 Technologies Available to Address Threats 91 Relevant Data Security Technologies 91 Data Dispersion in Cloud Storage 92 DLP 92 Encryption 95 Masking, Obfuscation, Anonymization, and Tokenization 102 Application of Security Strategy Technologies 105 Emerging Technologies 106 Bit Splitting 106 Homomorphic Encryption 107 Data Discovery 108 Data Discovery Approaches 108 Different Data Discovery Techniques 109 Data Discovery Issues 110 Challenges with Data Discovery in the Cloud 111 Data Classifi cation 112 Data Classifi cation Categories 112 Challenges with Cloud Data 113 Data Privacy Acts 113 Global P&DP Laws in the United States 114 Global P&DP Laws in the European Union 115 Global P&DP Laws in APEC 115 Differences Between Jurisdiction and Applicable Law 115 Essential Requirements in P&DP Laws 116 Typical Meanings for Common Privacy Terms 116 Privacy Roles for Customers and Service Providers 117 Responsibility Depending on the Type of Cloud Services 118 Implementation of Data Discovery 119 Classification of Discovered Sensitive Data 120 Mapping and Definition of Controls 123 Privacy Level Agreement 124 PLA Versus Essential P&DP Requirements Activity 124 Application of Defi ned Controls for PII 128 Cloud Security Alliance Cloud Controls Matrix 129 Management Control for Privacy and Data?-Protection Measures 133 Data Rights Management Objectives 134 IRM Cloud Challenges 134 IRM Solutions 135 Data?-Protection Policies 136 Data?-Retention Policies 137 Data?-Deletion Procedures and Mechanisms 138 Data?-Archiving Procedures and Mechanisms 139 Events 140 Event Sources 140 Identifying Event Attribute Requirements 142 Storage and Analysis of Data Events 144 SIEM 145 Supporting Continuous Operations 146 Chain of Custody and Nonrepudiation 147 Summary 148 Review Questions 149 Notes 152 DOMAIN 3: CLOUD PLATFORM AND INFRASTRUCTURE SECURITY 155 Introduction 157 The Physical Environment of the Cloud Infrastructure 157 Data Center Design 158 Network and Communications in the Cloud 159 Network Functionality 159 Software?-Defined Networking 160 The Compute Parameters of a Cloud Server 161 Virtualization 161 Scalability 162 The Hypervisor 162 Storage Issues in the Cloud 163 Object Storage 164 Management Plane 164 Management of Cloud Computing Risks 166 Risk Assessment and Analysis 166 Cloud Attack Vectors 170 Countermeasure Strategies Across the Cloud 170 Continuous Uptime 171 Automation of Controls 171 Access Controls 171 Physical and Environmental Protections 172 Key Regulations 173 Examples of Controls 173 Protecting Data Center Facilities 173 System and Communication Protections 173 Automation of Confi guration 174 Responsibilities of Protecting the Cloud System 174 Following the Data Lifecycle 175 Virtualization Systems Controls 176 Managing Identification, Authentication, and Authorization in the Cloud Infrastructure 178 Managing Identification 178 Managing Authentication 179 Managing Authorization 179 Accounting for Resources 179 Managing Identity and Access Management 179 Making Access Decisions 179 The Entitlement Process 180 The Access Control Decision?-Making Process 180 Risk Audit Mechanisms 181 The Cloud Security Alliance Cloud Controls Matrix 182 Cloud Computing Audit Characteristics 182 Using a VM 183 Understanding the Cloud Environment Related to BCDR 183 On?-Premises, Cloud as BCDR 184 Cloud Service Consumer, Primary Provider BCDR 184 Cloud Service Consumer, Alternative Provider BCDR 185 BCDR Planning Factors 185 Relevant Cloud Infrastructure Characteristics 185 Understanding the Business Requirements Related to BCDR 186 Understanding the BCDR Risks 188 BCDR Risks Requiring Protection 188 BCDR Strategy Risks 188 Potential Concerns About the BCDR Scenarios 189 BCDR Strategies 190 Location 191 Data Replication 191 Functionality Replication 192 Planning, Preparing, and Provisioning 192 Failover Capability 192 Returning to Normal 193 Creating the BCDR Plan 193 The Scope of the BCDR Plan 193 Gathering Requirements and Context 193 Analysis of the Plan 194 Risk Assessment 194 Plan Design 194 Other Plan Considerations 195 Planning, Exercising, Assessing, and Maintaining the Plan 195 Test Plan Review 197 Testing and Acceptance to Production 201 Summary 201 Review Questions 202 Notes 204 DOMAIN 4: CLOUD APPLICATION SECURITY 205 Introduction 207 Determining Data Sensitivity and Importance 208 Understanding the API Formats 208 Common Pitfalls of Cloud Security Application Deployment 209 On?-Premises Does Not Always Transfer (and Vice Versa) 210 Not All Apps Are Cloud Ready 210 Lack of Training and Awareness 210 Lack of Documentation and Guidelines 211 Complexities of Integration 211 Overarching Challenges 211 Awareness of Encryption Dependencies 213 Understanding the Software Development Lifecycle Process for a Cloud Environment 213 Secure Operations Phase 214 Disposal Phase 215 Assessing Common Vulnerabilities 215 Cloud?-Specific Risks 218 Threat Modeling 220 STRIDE Threat Model 220 Approved Application Programming Interfaces 221 Software Supply Chain (API) Management 221 Securing Open Source Software 222 Identity and Access Management 222 Identity Management 223 Access Management 223 Identity Repository and Directory Services 223 Federated Identity Management 224 Federation Standards 224 Federated Identity Providers 225 Federated SSO 225 Multifactor Authentication 225 Supplemental Security Devices 226 Cryptography 227 Tokenization 228 Data Masking 228 Sandboxing 229 Application Virtualization 229 Cloud?-Based Functional Data 230 Cloud?-Secure Development Lifecycle 231 ISO/IEC 27034?-1 232 Organizational Normative Framework 232 Application Normative Framework 233 Application Security Management Process 233 Application Security Testing 234 Static Application Security Testing 234 Dynamic Application Security Testing 235 Runtime Application Self?-Protection 235 Vulnerability Assessments and Penetration Testing 235 Secure.