Info
- Utilizzare la checkbox di selezione a fianco di ciascun documento per attivare le funzionalità di stampa, invio email, download nei formati disponibili del (i) record.
Cloud Security Handbook for Architects
| Cloud Security Handbook for Architects |
| Autore | Mishra Ashish |
| Edizione | [1st ed.] |
| Pubbl/distr/stampa | Delhi : , : Orange Education PVT Ltd, , 2023 |
| Descrizione fisica | 1 online resource (291 pages) |
| ISBN | 9789395968997 |
| Formato | Materiale a stampa  |
| Livello bibliografico | Monografia |
| Lingua di pubblicazione | eng |
| Nota di contenuto |
Intro -- Cover Page -- Title Page -- Copyright Page -- Foreword -- Dedication Page -- About the Author -- Technical Reviewers -- Acknowledgements -- Preface -- Errata -- Table of Contents -- SECTION I: Overview and Need to Transform to Cloud Landscape -- 1. Evolution of Cloud Computing and its Impact on Security -- Introduction -- Structure -- Evolution of cloud -- Cloud computing journey -- Cloud computing overview -- Characteristics of cloud computing -- Cloud types -- Cloud computing service model -- Cloud computing trends -- Recognizing the development of cloud -- Justifications for using the cloud -- Analyzing the risk of cloud services -- Inherent risk -- Techniques to reduce the inherent risk -- Cloud computing privacy concerns -- Assessing your organization's cloud maturity -- Analyzing the development of cloud risk -- Shadow IT and its rise -- Understanding the shared responsibility paradigm -- Key considerations for the upliftment of cloud security -- Risk analysis -- Controls on user access -- Automation -- Continual monitoring -- Conclusion -- Reference -- 2. Understanding the Core Principles of Cloud Security and its Importance -- Introduction -- Structure -- Principles and concept understanding -- Most restrictive -- Defense in Depth -- Threat actors as well as trust limits -- Segregation of duties -- Fail-safe -- Economy of mechanism -- Complete mediation -- Open design -- Least common mechanism -- Weakest chain -- Making use of the current landscape -- Architectural considerations -- Basic concerns -- Compliance -- Security control -- Controls -- Additional controls -- Information classification -- Objectives for information classification -- Benefits of information classification -- Concepts behind information classification -- Classification criteria -- Procedures for classifying information.
Security awareness, training, and education -- Security awareness -- Instruction and learning -- PKI and encryption key management -- Digital certificate -- Identity and access management -- Identity management -- Passwords -- Implementing identity management solution -- Access controls -- Controls -- Controlling access types -- Mandatory access control -- Discretionary access control -- Non-discretionary access control -- Single Sign-On (SSO) -- Strategy to adopt cloud security -- Enabling secure cloud migrations with a cross-platform, integrated segmentation strategy -- Avoiding problems associated with complex, segregated, and bloated legacy data -- Examining the danger posed by the extended attack surface of the cloud -- Best practices on cloud security -- Recognizing the shared responsibility model -- Asking detailed security questions to your cloud provider -- Installing Identity and Access Management (IAM) software -- Your staff should receive training -- Creating and enforcing cloud security guidelines -- Protecting your endpoints -- Securing data while it is moving and at rest -- Utilizing technology for intrusion detection and prevention -- Audits and penetration testing should be performed -- Conclusion -- References -- 3. Cloud Landscape Assessment and Choosing a Solution for Your Enterprise -- Introduction -- Structure -- Defining organization cloud security roles and responsibilities -- Deep-dive into the Shared Responsibility Model -- Cloud Service Provider (CSP) responsibilities -- Customer responsibilities -- Core cloud team roles and responsibilities -- Understanding team structures -- Managing risk in the cloud -- Risk Management Framework (RMF) -- Cloud Service Provider (CSP) risk management process -- Customer's risk management process for cloud landscape -- Monitoring and managing cloud risk. An approach towards cloud security assessment -- Basic principles for cloud security assessment -- Need to adopt cloud security assessment -- Benefits of adopting cloud security assessment -- Ideas to keep in mind before beginning your assessment -- Executing cloud security assessment -- Architecture overview -- Internal versus internet-based enterprise assessments -- Guidelines -- Account management and user authentication -- Vulnerability assessments for network and systems -- External alone, internal only, or both -- Server and workstation compliance assessment -- Network and security system compliance assessment -- Testing the security of web applications -- Hypervisor layer assessment -- Reporting and sharing the data that follows -- Selecting the right cloud service provider (CSP) -- Time to choose the right cloud service provider -- Cloud security -- Standards and accreditations -- Roadmap for technologies and services -- Security and data governance -- Dependencies and partnerships for services -- SLAs, commercials, and contracts -- Performance and dependability -- Provider lock-in, exit strategy, and migration support -- Conclusion -- References and useful information -- SECTION II: Building Blocks of Cloud Security Framework and Adoption Path -- 4. Cloud Security Architecture and Implementation Framework -- Introduction -- Structure -- Cloud security architecture overview -- Key elements and responsibilities of cloud architecture -- Shared responsibilities in cloud security architecture -- Infrastructure as a Service (IaaS) -- Software as a Service (SaaS) -- Platform as a Service (PaaS) -- Architectural type for cloud security -- Cloud security architecture building blocks -- Evolution of cloud security architecture -- Responsibilities of cloud security architecture -- Public cloud versus private cloud -- CSP versus customer. Adoption of cloud security architecture on various service models -- Software as a Service (SaaS) -- Infrastructure as a Service (IaaS) -- Platform as a Service (PaaS) -- Cloud security framework -- System design -- Operational excellence -- Security, compliance, and privacy -- Reputation -- Cost management -- Performance management -- Adopting cloud security -- Five phases of adoption -- The foundational layer -- The perimeter layer -- Data protection -- Visibility -- Cloud solution -- Cloud security principles -- Autonomic security -- Autonomic system -- Autonomic protection -- Autonomic healing -- Evaluating the cloud security maturity model -- Cloud migration -- Software development for the cloud -- Need to shift software to cloud -- Strategy for cloud migration -- Real-time challenges while migrating to cloud -- Benefits of cloud migration -- Approaches to cloud migration -- Scenarios for cloud migration -- Common cloud services centralization -- Need to centralize common services -- Consumer PaaS -- Resources and services for development -- Public facing services -- Security services -- Human impact -- Spending money on people -- Support staff -- Microservices and container security -- Microservices-based architecture -- Securing the microservices architecture -- Adopting security while designing the solution -- Verifying dependencies -- Adopting HTTPS for everything -- Making use of identity and access tokens -- Securing secrets via encryption -- Knowing how to secure your cloud and cluster -- Covering all of your security bases -- Conclusion -- References and useful information -- Questions -- 5. Native Cloud Security Controls and Building Blocks -- Introduction -- Structure -- Asset management and protection -- Classification and identification of data -- Classification level for data -- Relevant regulatory or industry requirements. Cloud-based data asset management -- Cloud resource tags -- Data protection in the cloud -- Tokenization -- Encryption -- Key management -- Encryption on both the client and server sides -- Cryptographic erasure -- Enabling encryption to protect against different attacks -- Tagging cloud assets -- IAM on cloud -- Enterprise-to-Employee (B2B) and Enterprise-to-Consumer (B2C) -- Multi-Factor Authentication (MFA) -- API keys and passwords -- Shared credentials -- Single Sign-On (SSO) -- SAML and OIDC -- SSO with legacy applications -- Vulnerability management -- Differences in traditional IT -- Components that are at risk -- Data access layer -- Application layer -- Middleware -- Operating system -- Virtual infrastructure -- Physical infrastructure -- Vulnerability scanners for networks -- Cloud Service Provider (CSP) security management tools -- Container scanner -- Dynamic Application Security Testing (DAST) -- Static Application Security Testing (SAST) -- Software Composition Analysis Scanner (SCA) -- Interactive Application Scanning Test (IAST) -- Runtime Application Self-Protection (RASP) -- Code reviews -- A few tools for vulnerability management -- Network security -- Concepts and definitions -- Whitelists and blacklists -- DMZ -- Proxies -- SDN -- Feature of the network virtualization -- Encapsulation and overlay networks -- Virtual Private Cloud (VPC) -- Network Address Translation (NAT) -- Adoption path of network security components -- Encryption in motion -- Segmenting the network with firewalls -- Perimeter controls -- Internal segmentation -- Security groups -- Network segmentation and firewall policies for container -- Administrative access -- Jump servers (or bastion hosts) -- Virtual Private Network (VPN) -- Site-to-site communications -- Client-to-site communications -- Web Application Firewall (WAF) -- DDoS protection. Intrusion Detection System (IDS) and Intrusion Prevention System (IPS). |
| Record Nr. | UNINA-9910860868003321 |
Mishra Ashish
|
||
| Delhi : , : Orange Education PVT Ltd, , 2023 | ||
| Materiale a stampa | ||
| Lo trovi qui: Univ. Federico II | ||
| ||
Industry 4.0 and Healthcare : Impact of Artificial Intelligence / / edited by Ashish Mishra, Jerry Chun-Wei Lin
| Industry 4.0 and Healthcare : Impact of Artificial Intelligence / / edited by Ashish Mishra, Jerry Chun-Wei Lin |
| Autore | Mishra Ashish |
| Edizione | [1st ed. 2023.] |
| Pubbl/distr/stampa | Singapore : , : Springer Nature Singapore : , : Imprint : Springer, , 2023 |
| Descrizione fisica | 1 online resource (253 pages) |
| Disciplina | 610.285 |
| Altri autori (Persone) | LinJerry Chun-Wei |
| Collana | Advanced Technologies and Societal Change |
| Soggetto topico |
Computational intelligence
Artificial intelligence Medical care Cooperating objects (Computer systems) Internet of things Health services administration Computational Intelligence Artificial Intelligence Health Care Cyber-Physical Systems Internet of Things Health Care Management |
| ISBN |
9789819919499
9819919495 |
| Formato | Materiale a stampa |
| Livello bibliografico | Monografia |
| Lingua di pubblicazione | eng |
| Nota di contenuto | An Artificial Intelligence Based Model for the Detection of Heart Disease Using Machine Learning -- Recent Advancements in AI-Assisted Drug Design and Discovery Systems -- Designing Dense-Healthcare IOT Networks for Industry 4.0 Using AI based Energy Efficient Reinforcement Learning Protocol -- The Impact of Artificial Intelligence on Healthcare -- Brain Tumor Segmentation of MR Images Using SVM and Fuzzy Classifier in Machine learning. |
| Record Nr. | UNINA-9910767587203321 |
|
Mishra Ashish
|
||
| Singapore : , : Springer Nature Singapore : , : Imprint : Springer, , 2023 | ||
| Materiale a stampa | ||
| Lo trovi qui: Univ. Federico II | ||
| ||