Book of the Month: Cloud Security & Privacy

Other day while I was crawling through the books at the local book mall,  I just ran into this book.  Immediately I popped up amazon site on my cell to check the ratings and found that its rated 4.5 (out of 11 ratings) which is a signal for must buy.  Cloud computing being the hot topic in the IT industry today, I bought this book without giving it second thought and it turned out to be worth it.

Cloud computing and Virtualization are buzzing factors of tech world today and lot of techno geeks trying to harbor as much information as possible so that they can be on top of it. As it is relatively new word around the city, lot of people still have vague idea about practicality of cloud computing and its security/privacy aspects.  This book is set to clear those weeds out and bring more light into the subject from the perspective of reality.



Here is the Table of Contents of the book,

Chapter 1    Introduction

Chapter 2    What Is Cloud Computing?

Chapter 3    Infrastructure Security

Chapter 4    Data Security and Storage

Chapter 5    Identity and Access Management

Chapter 6    Security Management in the Cloud

Chapter 7    Privacy

Chapter 8    Audit and Compliance

Chapter 9    Examples of Cloud Service Providers

Chapter 10    Security-As-a-[Cloud] Service

Chapter 11    The Impact of Cloud Computing on the Role of Corporate IT

Chapter 12    Conclusion, and the Future of the Cloud

Appendix     SAS 70 Report Content Example

Appendix     SysTrust Report Content Example

Appendix     Open Security Architecture for Cloud Computing


The book starts with basics,  What is cloud computing?  this is the good and required beginning for any book of this kind as it helps not only professionals but also new comers to understand the subject from the ground zero. The book goes on explaining basic concepts revolving around cloud computing and its various service models.

Next it delves into main topics of cloud security surrounding all 3 models of cloud computing,  SaaS (Software-As-A-Service), PaaS (Platform-As-A-Service) and IaaS (Infrastructure-As-A-Service). Later chapters addresses  privacy concerns on the cloud including cloud auditing.  There is one chapter which explains all the big players in cloud computing space and explains what type of services\technologies being offered by them. The short chapter on Security-As-A-Service is interesting, it describes how cloud computing can be extended to provide various security services such as email filtering, web content filtering, virus scanning etc.

Being one of the first book on the cloud security,  this book gets full marks for doing the complete justice to the title by explaining it in detail and in simple terms.  A much needed book for the current infosec professionals to understand and expand their earthly security horizons on to the cloud.

This is a must read book for anyone either novice or expert who wants to know everything about cloud computing and its security paradigm.

Ebook Link:

Similar posts
  • Microsoft MCSE Certification: Your Ne... Microsoft MCSE is the most in-demand certification for all those professionals who work in the Information Technology industry. Most IT companies prefer hiring those workers who carry the Microsoft MCSE certificate. That is why most of the IT job applicants today try to get certified by Microsoft. In the competitive job market, MCSE helps an [...]
  • Computer Security Tips: Stay Safe Onl... In recent times cyber security has raised the level of awareness and public consciousness as never before. Both large corporations and big organizations try to take care of online security as much as they can. That’s why cyber criminals and hackers have focused more on smaller companies and single entrepreneurs. This awful tendency leads to [...]
  • SecurityXploded Mentorship Programme ... I am writing this blog to share my SecurityXploded Student Mentorship Programme experience with the future students of this programme. My mentorship programme started last year in August when I was in 2nd year of MS at IIIT-Allahabad. I knew about SecurityXploded community since I used to follow their blogs, training programmes and security tools [...]
  • Code Injection and API Hooking Techni... Hooking covers a range of techniques used for many purposes like debugging, monitoring, intercepting messages, extending functionality etc. Hooking is also used by a lot of rootkits to camouflage themselves on the system. Rootkits use various hooking techniques when they have to hide a process, hide a network port, redirect file writes to some different [...]
  • Announcement – SecurityXploded ... From the past two years we are working actively on couple of projects to support the security community. As you all may already know that we have successfully completed our reversing and malware analysis training programme and we are very glad that it was very helpful for everyone. In my opinion the success of any [...]

Leave a Reply