云之安全、隐私与数字取证

　　《云之安全、隐私与数字取证（英文版）》以独特而系统的方式讨论了云的安全和隐私问题以及相关的云取证。云计算是一种新兴的革命性技术，它一直在改变人们的生活和工作方式。但是，随着云计算和相关服务的不断发展，安全和隐私已成为一个关键问题。该书由该领域专家撰写，集中讨论了云的安全性和隐私性，以及云数据、应用程序和服务的数字取证。该书前半部分可使读者对云安全的背景有全面的了解，也将有助于他们理解该书后半部分的数字调查、指导和建议。
　　《云之安全、隐私与数字取证（英文版）》第—部分包括云基础架构的安全性，数据的机密性，云laaS中的访问控制，云安全和隐私管理，黑客攻击和对策，风险管理和灾难恢复，审计和合规以及安全服务（SaaS）；第二部分包括云取证的模型、挑战和方法，云中的网络恐怖主义，云中的数字取证过程和模型，数据采集，数字证据管理、演示和法庭准备，数字证据分析和取证服务（FaaS）。
　　《云之安全、隐私与数字取证（英文版）》可作为信息安全、信息技术、计算机科学和网络取证领域高年级本科生和研究生的学习参考书，也可供安全专业人员、数字取证从业者和云服务提供商参考使用。

List of Contributorsxv
Part ⅠCloud Securityand Privacy
Introduction to the Cloud and Fundamental Security and Privacylssues of the Cloud
Hassan Takabi and Mohammod GhasemiGol
1．1 Introduction
1．2 Cloud Computing and Securitylssues
1．3 Identity Securityin the Cloud
1．4 Information Securityin the Cloud
1．4．1 Confidentiality
1．4．2 Integrity
1．4．3 Availability
1．4．4 Accountability
1．4．5 Nonrepudiation
1．4．6 Key Considerations in Information Security
1．4．7 Information Security Analysis in Some Clouds
1．5 Cloud Security Standards
1．6 Conclusion
References
2 Cloudlnfrastructure Security
Mohammad Ghasemi Go
2．1 Introduction
2．2 Infrastructure Securityin the Cloud
2．2．1 Infrastructure Security： The Network Level
2．2．1．1 Network-LeveI Mitigation
2．2．2 Infrastructure Security： The Host Level
2．2．2．1 SaaS and PaaS Host Security
2．2．2．2 IaaS Host Security
2．2．3 Infrastructure Security： The Application Level
2．2．4 Hypervisor Securityin the Cloud
2．3 Infrastructure Security Analysis in Some Clouds
2．3．1 Force URL
2．3．2 Amazon AWS
2．3．3 Google App Engine
2．3．4 Microsoft Azure
2．4 Protecting Cloud Infrastructure
2．4．1 Software Maintenance and Patching Vulnerabilities
2．4．2 The Technology Stack
2．4．3 Disaster Recovery
2．4．4 Monitoring and Defending Infrastructure
2．4．5 Incident Response Team
2．4．6 Malicious Insiders
2．5 Conclusion
References
3 Confidentiality of Data in the Cloud： Conflicts Between Security and Cost
Nathalie Boracaldo and Joseph Glider
3．1 Introduction．
3．2 Background
3．3 Confidentiality： Threats and Adversaries
3．4 Achieving Data Confidentiality in Cloud Storage Systems
3．4．1 Cryptographic Solutions
3．4．1．1 Stage Encryption
3．4．1．2 End-to-End Encryption
3．5 Reducing Cloud Storage System Costs through Data-Reduction
Techniques
3．6 Reconciling Data Reduction and Confidentiality
3．6．1 Existing Techniques
3．7 Trusted Decrypter
3．7．1 Overview
3．7．2 Secure Data-Reduction Operations
3．7．2．1 Preliminaries
3．7．2．2 Detailed Secure Data-Reduction Operations
3．7．2．3 Write Requests
3．7．2．4 Read Requests
3．7．2．5 Rekeying Requests
3．7．2．6 File Deletion
3．7．2．7 Offboarding Requests
3．7．2．8 Secure Data Deletion
3．7．3 Securing the CriticaI Module
3．7．4 Security Analysis
3．7．4．1 Data Confidentiality
3．7．4．2 Data Confidentiality in the Presence of Deduplication
3．7．4．3 Security Impact of Different Technologies
3．7．5 TD Overhead and Performance Implications
3．8 Future Directions for Cloud Storage Confidentiality with Low Cost
……
Part Ⅱ Cloud Forensics