Other day while I was crawling through the books at the local book mall,  I just ran into this book.  Immediately I popped up amazon site on my cell to check the ratings and found that its rated 4.5 (out of 11 ratings) which is a signal for must buy.  Cloud computing being the hot topic in the IT industry today, I bought this book without giving it second thought and it turned out to be worth it.

Cloud computing and Virtualization are buzzing factors of tech world today and lot of techno geeks trying to harbor as much information as possible so that they can be on top of it. As it is relatively new word around the city, lot of people still have vague idea about practicality of cloud computing and its security/privacy aspects.  This book is set to clear those weeds out and bring more light into the subject from the perspective of reality.



Here is the Table of Contents of the book,

Chapter 1    Introduction

Chapter 2    What Is Cloud Computing?

Chapter 3    Infrastructure Security

Chapter 4    Data Security and Storage

Chapter 5    Identity and Access Management

Chapter 6    Security Management in the Cloud

Chapter 7    Privacy

Chapter 8    Audit and Compliance

Chapter 9    Examples of Cloud Service Providers

Chapter 10    Security-As-a-[Cloud] Service

Chapter 11    The Impact of Cloud Computing on the Role of Corporate IT

Chapter 12    Conclusion, and the Future of the Cloud

Appendix     SAS 70 Report Content Example

Appendix     SysTrust Report Content Example

Appendix     Open Security Architecture for Cloud Computing


The book starts with basics,  What is cloud computing?  this is the good and required beginning for any book of this kind as it helps not only professionals but also new comers to understand the subject from the ground zero. The book goes on explaining basic concepts revolving around cloud computing and its various service models.

Next it delves into main topics of cloud security surrounding all 3 models of cloud computing,  SaaS (Software-As-A-Service), PaaS (Platform-As-A-Service) and IaaS (Infrastructure-As-A-Service). Later chapters addresses  privacy concerns on the cloud including cloud auditing.  There is one chapter which explains all the big players in cloud computing space and explains what type of services\technologies being offered by them. The short chapter on Security-As-A-Service is interesting, it describes how cloud computing can be extended to provide various security services such as email filtering, web content filtering, virus scanning etc.

Being one of the first book on the cloud security,  this book gets full marks for doing the complete justice to the title by explaining it in detail and in simple terms.  A much needed book for the current infosec professionals to understand and expand their earthly security horizons on to the cloud.

This is a must read book for anyone either novice or expert who wants to know everything about cloud computing and its security paradigm.

Ebook Link: http://www.megaupload.com/?d=XM6EDN7B