Book of the Month: Cloud Security & Privacy

Other day while I was crawling through the books at the local book mall,  I just ran into this book.  Immediately I popped up amazon site on my cell to check the ratings and found that its rated 4.5 (out of 11 ratings) which is a signal for must buy.  Cloud computing being the hot topic in the IT industry today, I bought this book without giving it second thought and it turned out to be worth it.

Cloud computing and Virtualization are buzzing factors of tech world today and lot of techno geeks trying to harbor as much information as possible so that they can be on top of it. As it is relatively new word around the city, lot of people still have vague idea about practicality of cloud computing and its security/privacy aspects.  This book is set to clear those weeds out and bring more light into the subject from the perspective of reality.



Here is the Table of Contents of the book,

Chapter 1    Introduction

Chapter 2    What Is Cloud Computing?

Chapter 3    Infrastructure Security

Chapter 4    Data Security and Storage

Chapter 5    Identity and Access Management

Chapter 6    Security Management in the Cloud

Chapter 7    Privacy

Chapter 8    Audit and Compliance

Chapter 9    Examples of Cloud Service Providers

Chapter 10    Security-As-a-[Cloud] Service

Chapter 11    The Impact of Cloud Computing on the Role of Corporate IT

Chapter 12    Conclusion, and the Future of the Cloud

Appendix     SAS 70 Report Content Example

Appendix     SysTrust Report Content Example

Appendix     Open Security Architecture for Cloud Computing


The book starts with basics,  What is cloud computing?  this is the good and required beginning for any book of this kind as it helps not only professionals but also new comers to understand the subject from the ground zero. The book goes on explaining basic concepts revolving around cloud computing and its various service models.

Next it delves into main topics of cloud security surrounding all 3 models of cloud computing,  SaaS (Software-As-A-Service), PaaS (Platform-As-A-Service) and IaaS (Infrastructure-As-A-Service). Later chapters addresses  privacy concerns on the cloud including cloud auditing.  There is one chapter which explains all the big players in cloud computing space and explains what type of services\technologies being offered by them. The short chapter on Security-As-A-Service is interesting, it describes how cloud computing can be extended to provide various security services such as email filtering, web content filtering, virus scanning etc.

Being one of the first book on the cloud security,  this book gets full marks for doing the complete justice to the title by explaining it in detail and in simple terms.  A much needed book for the current infosec professionals to understand and expand their earthly security horizons on to the cloud.

This is a must read book for anyone either novice or expert who wants to know everything about cloud computing and its security paradigm.

Ebook Link:

Similar posts
  • SecurityXploded Mentorship Programme ... I am writing this blog to share my SecurityXploded Student Mentorship Programme experience with the future students of this programme. My mentorship programme started last year in August when I was in 2nd year of MS at IIIT-Allahabad. I knew about SecurityXploded community since I used to follow their blogs, training programmes and security tools [...]
  • Code Injection and API Hooking Techni... Hooking covers a range of techniques used for many purposes like debugging, monitoring, intercepting messages, extending functionality etc. Hooking is also used by a lot of rootkits to camouflage themselves on the system. Rootkits use various hooking techniques when they have to hide a process, hide a network port, redirect file writes to some different [...]
  • Announcement – SecurityXploded ... From the past two years we are working actively on couple of projects to support the security community. As you all may already know that we have successfully completed our reversing and malware analysis training programme and we are very glad that it was very helpful for everyone. In my opinion the success of any [...]
  • Advanced Malware Analysis Training Se... Here is the quick update on this month’s Local Security meet (SX/Null/G4H/owasp) and our advanced malware training session on (Part 2) Dissecting the HeartBeat  RAT Functionalities   This is part of our FREE ‘Advanced Malware Analysis Training’ series started from Dec 2012.       In this extended session, I explained “Decrypting various Communications Of HeartBeat [...]
  • Advanced Malware Analysis Training Se...   Here is the quick update on this month’s Local Security meet (SX/Null/G4H/owasp) and our advanced malware training session on (Part 1) Reversing & Decrypting Communications of HeartBeat RAT This is part of our FREE ‘Advanced Malware Analysis Training’ series started from Dec 2012.       In this extended session, I explained “Decrypting The [...]

No Comments Yet

1 Ping/Trackback

  1. Twitted by tnagareshwar on July 26, 2010 at 12:10 am

Leave a Reply

Our Company

Follow us on Facebook

Join Mailing List

Get direct access to our expert trainers or mingle with like minded security folks in our mailing list