a
- abstract digital forensic model (ADFM) 242
- abuse of services 293
- access control, cloud IaaS
- AWS
- AWS access‐control model 91–93
- secure information and resource‐sharing model 93–98
- Azure
- azure access‐control model 99–102
- secure information and resource‐sharing model 102–107
- background 82–83
- OpenStack
- OSAC model 83–90
- secure information and resource‐sharing model 86–90
- access control lists (ACLs) 36
- Access Control model with SID extension (AWSAC‐SID) 94
- AccessData Forensic Toolkit (FTK) 213
- acquisition of the gmail account 252
- Address Resolution Protocol (ARP) 38
- Administrative Azure‐AC‐SID Model 105–107
- Advanced Encryption Standard (AES) 34
- Advanced Encryption Standard (AES‐256) encryption 16
- Advanced Forensics Format (AFF) 324
- Advanced Imager (AIMAGE) 324
- Advanced Research Projects Agency Network (ARPANET) 283
- Air Force Research Laboratory (AFRL) 172
- Amazon Cloud Drive (ACD) 264
- Amazon, DoS attack 137
- Amazon Elastic Block Store (EBS) 14
- Amazon Elastic Compute Cloud (EC2) 177, 213
- data loss 137
- server, attack 137
- Amazon Machine Images (AMIs) 38
- Amazon S3 14, 213
- Amazon SimpleDB 14
- Amazon Simple Storage Service (AS3) 264, 274–275
- approach and experiments 275–276
- discussion 279–281
- findings and analysis 276–279
- Amazon Virtual Private Cloud (VPC) 37
- Amazon Web Services (AWS) 14, 52, 94, 163, 227, 275, 302
- administrative AWS‐AC‐SID model 96–98
- configuration‐management software 39
- industry‐specific standards 35
- IT security standards 35
- security‐monitoring tools 37
- American Institute of Certified Public Accountants (AICPA) 18, 173
- antivirus (AV) storms 131
- Apache Hadoop project 212
- API‐centric acquisition and processing 314–315
- application programming interfaces (API) 11, 24, 131, 264, 288
- application scenario 223
- application service providers (ASPs) 52
- APT28/Pawn Storm 229
- asymmetric encryption 25
- attack‐centric metrics 144
- attacks‐as‐a‐service 322
- audit‐centric forensic services 315–316
- Auditing Standards Board (ASB) 18
- auxiliary information 63
- auxiliary repository (AuxRep) 63
- AWS access‐control (AWS‐AC) model
- accounts 91
- credentials 93
- cross‐account access 93
- object types and operations 92
- roles and services 92
- users and groups 91–92
- virtual permission assignment 92
- Azure access control, cloud IaaS
- azure access‐control model 99–102
- secure information and resource‐sharing model 102–107
- Azure Active Directory User (AADU) 101
b
- Beowulf cluster 323
- bigrams 324
- Bluepipe architecture 325
- boot storms 131
- botnet 227
- Browse_Deleted 278
- bulletproof hosts (BPH) 259, 260
- bunchofminions.jpg 278
- business application (BA) 63
- Business Operation Support Service (BOSS) 171
c
- cardholder data environment (CDE) 182
- card verification value (CVV) 17
- central processing unit (CPU) 164
- Certified Accountable Tamper‐evident Storage (CATS) 13
- chain‐of‐custody subsystem 289
- Chief Information Officers (CIOs) 171
- Chief Information Security Officers (CISOs) 175
- 2000 Children’s Internet Protection Act 230
- chunk 65
- classless inter‐domain routing (CIDR) 273
- Clean IT 228
- client data reduction (CDR) 59
- cloud auditing
- amplified cloud security problems 163–165
- cloud security issues and research efforts 167–170
- cloud‐specific security problems 163, 165–167
- in future research 183–184
- publications 162
- standards organizations 162
- cloud auditor
- cloud‐based dependency graph 150–153
- cloud‐based forensics‐as‐a‐service (FaaS) 332–334
- CloudBerry Drive 276, 279
- cloud broker
- cloud carrier
- cloud compliance
- compliance need 181–183
- data availability 178–179
- data confidentiality 177–178
- dataflows 180–181
- data integrity 176–177
- data privacy 179–180
- in future research 183–184
- need for 181–183
- cloud components
- cloud computing , 189, 204–206
- accessibility
- characteristics –7
- compliance
- deployment models –6
- measured service
- on‐demand, self‐service
- performance
- rapid elasticity
- reliability
- and security issues –9
- service‐delivery models –5
- shared resources
- versatility
- cloud consumer
- Cloud Controls Matrix (CCM) 115, 173
- cloud digital evidence
- adapting to the new landscape 304–305
- API‐centric acquisition and processing 314–315
- audit‐centric forensic services 315–316
- cloud forensics as a reactive technology 301–302
- cloud service models 306
- hardware 305
- infrastructure‐as‐a‐service 307
- middleware 305
- new forensics landscape 302–304
- operating system 305
- PaaS/IaaS forensics 312
- platform‐as‐a‐service 307
- procedural expansion of existing forensic practices 313
- runtime 305
- SaaS forensics 308–311
- software‐as‐a‐service 306–307
- virtualization 305
- cloud‐distributed systems 168
- cloud drive forensics 310–311
- Cloudera 330
- cloud federation 160, 172
- CloudFence 315
- cloud forensic readiness for SLA management (SLACFR) formal model 295
- cloud forensics
- and challenges 213–214
- legal 284–285
- organizational 284
- technical 284
- cloud computing 204–206
- digital evidence collection and extraction 208–209
- digital forensics 206–207
- dynamic cloud forensics model 210–211
- evidence analysis and fixation 210
- forensics moving into the cloud 208
- methods and approaches 211–213
- process and model
- Access Data’s Forensic Tool Kit 244
- data identification 243
- depth of knowledge 246
- digital forensic procedures 245
- Guidance Software’s Encase 244
- IaaS 243
- law enforcement agencies 245
- model 246–247
- non‐law enforcement bodies 245
- PaaS 243
- post‐search investigation stage 250–251
- pre‐search stage 248
- SaaS 243
- search stage 248–250
- transformative computing technologies 243
- as a reactive technology 301–302
- research findings 203
- tools 213
- cloud forensics readiness 287–288
- CFRS advantages 290–291
- contractual constraints 292–293
- court presentation 294
- forensics readiness system constraints 290
- formal model 294–295
- operations in a CFRS 289–290
- reference architecture 288–289
- service level agreements 291–292
- SLO and security threats 293–294
- cloud forensics readiness system (CFRS) 288
- cloud identity and access management (IdAM) 14
- cloud infrastructure security
- application level 28
- host level
- IaaS host security 27–28
- SaaS and PaaS host security 27
- hypervisor security 28–31
- infrastructure protection
- disaster recovery 46–47
- incident response team 47–48
- malicious insiders 48–49
- monitoring and defending infrastructure 47
- patching vulnerabilities 45–46
- software maintenance 45–46
- technology stack 46
- network‐level mitigation 26
- cloud‐native application forensics 308–310
- Cloudopsy 315
- cloud provider
- cloud risk assessment and disaster recovery
- high‐level architecture 146
- Seclius framework 147
- cloud security
- countermeasures 134–136
- evaluation 153–154
- in future 137–138
- hacking 136–137
- identity security ,
- information security
- infrastructure security
- IOT 138
- standards
- COBIT 19
- CSA CCM 17
- FISMA 17
- HIPAA 17
- ISAE No.3402 18
- ISO 9001:2008 18–19
- ISO 31000:2009 19
- ISO/IEC 27001:2005 19
- ITIL 18
- PCI DSS 17
- SOC 2 17
- SSAE No.16 18
- threats
- cloud infrastructure, attacks on 131
- cloud interface, attacks on 131
- cloud resources, abuse of 132–133
- data breaches and losses 132
- malware propagation 132
- resource exhaustion attacks 131
- virtualization, attacks on 133–134
- cloud security alliance (CSA) 35, 115, 132, 158, 159, 192
- Cloud Security Alliance Cloud Controls Matrix (CSA CCM) 17
- cloud security and privacy management
- conceptual reference model 110
- current trends and future 125
- security and privacy analysis
- privacy assessment aspect 116–117
- risk exposure assessment and management 112–116
- vulnerability assessment 111–112
- security practices and recommendation 117–118
- Cloud Select Industry Group, Subgroup on Service Level Agreement (C‐SIG‐SLA) 182
- Cloud Service Level Agreement Standardization (Cloud SLAS) Guideline 181
- cloud service provider (CSP) 23, 81
- cloud specific tools 304
- cloud storage forensics 264–265
- cloud storage systems
- costs reduction, data‐reduction techniques 57–59
- cryptographic solutions
- end‐to‐end encryption 56–57
- stage encryption 55–56
- in future
- cryptographic key management, usability 75
- hardware trends 74
- new cryptographic techniques 74–75
- privacy and side‐channel attacks 76
- trusted execution environments 75–76
- Cloud Trust Protocol (CTP) 173
- Cockatoo workflow 116
- Common Criteria (CC) 164
- communication threat 134
- community cloud , 206
- compound annual growth rate (CAGR) 158
- compression algorithms 60
- computation breaches
- computer emergency response team (CERT) 164
- computer forensics 240
- computer forensics tool testing (CFTT) 333
- Computer Security Incident Response Team (CSIRT) 34
- conceptual reference model 110
- conditional probability table (CPT) 150, 152
- configuration‐management software 39
- Consensus Assessments Initiative Questionnaire (CAIQ) 173
- consequence‐centric security assessment
- cloud‐based dependency graph 150–153
- cloud risk assessment and disaster recovery 146–148
- cloud security consequence tree 148–149
- cloud security evaluation 153–154
- consequence tree (CT)
- Control Objectives for Information and related Technology (COBIT) 19
- convergent encryption 61
- coordinator module (CoMod) 64
- core project (CP)
- countermeasure 129
- crimeware‐as‐a‐service (CaaS) 322
- Criminal Justice Information Services (CJIS) 35
- critical module (CritMod) 64
- cross‐site scripting (XSS) 28, 225
- cryptographic attack 160
- cryptographic module 64
- cuckoo attack 69
- curious cloud administrators 54
- customer guest OS 28
- customer relationship management (CRM) 32
- CyberCaliphate 229
- cybercrime‐as‐a‐service (CaaS) 322
- cyberlaw 227–230
- cyberterrorism
- benefits of cloud 225–227
- 2000 Children’s Internet Protection Act 230
- cloud context 222–223
- cyberlaw 227–230
- cyber‐specific laws 230
- defining 220–221
- EU Council Framework Decision on Combating Terrorism 231
- 2001 European Convention on Cybercrime 231
- 2014 Protecting Canadians from Online Crime Act in Canada 231
- terrorism 218–220
- vs. terrorist use of cyberspace 221–222
- UN‐sponsored Comprehensive Convention on International Terrorism 231
- usage of cloud 223–225
d
- data acquisition
- Amazon simple storage service 274–281
- business models 261
- cloud storage forensics 264–265
- data center as a source of evidence 259–260
- data‐dense environment 258, 265–274
- Dropbox account 257
- inside the internet 258–259
- law enforcement interventions in cybercrime 259
- legal environment of operations 261–263
- non‐law‐enforcement‐friendly ISPs 258
- data availability 178–179
- database encryption key (DEK) 44
- data breach/loss , 293
- data center as a source of evidence 259–260
- data confidentiality 177–178
- in cloud storage systems
- costs reduction, data‐reduction techniques 57–59
- cryptographic solutions 55–57
- confidentiality goals and adversaries 54–55
- reconciling data reduction, techniques 60–62
- security analysis
- in presence of deduplication 71
- security impact, of technologies 71–72
- storage‐access adversary 70
- TD overhead and performance implications 72–74
- data‐driven acquisition 328
- data‐efficiency module 64
- dataflows 180–181
- data gathering 267–268
- data governance
- data integrity 11, 176–177
- data privacy 179–180
- data protection authorities (DPAs) 179
- Data Protection Heat Index (DPHI) 175
- data‐protection measures 165
- data‐recovery vulnerability
- data‐reduction techniques 57–59
- data remanence 10
- Data security Standard (DSS) certificates 163
- data storage provider (DSP) 178
- deduplication 58
- defense‐centric approaches 144
- denial of service (DoS) 37, 131, 293
- dependency graph (DG) 150
- system‐call interception 151
- digital evidence collection and extraction 208–209
- digital forensic readiness (DFR) 284–287
- digital forensic research workshop (DFRWS) 240–242
- digital forensics 206–207
- analysis 321
- framework model development 240–241
- process
- abstract digital forensic model 242
- DFRWS investigative model 241–242
- digital forensic framework model development 240–241
- enhanced integrated digital investigation process 242–243
- integrated digital investigation process 242
- search stage 251–253
- digital forensics as a service (DFaaS) successor to XIRAF 327–328
- digital forensics investigation (DFI) 291
- digital investigation action classes 241
- distributed denial of service (DDoS) attacks , 38, 129, 160, 224, 293
- distributed file system (DFS) 44
- distributed state‐monitoring 168
- domain 81
- domain name system (DNS) 24, 258
- Dropbox account 257
- dynamic cloud forensics model 210–211
- dynamic pipelining 328
- dynamite 242
e
- Eclipse‐based integrated development environment (IDE) 32
- electronic authentication 10
- EnCase 213
- EnCase Portable 253
- encryption/decryption provider (EDP) 178
- end‐to‐end encryption 56–57
- enhanced integrated digital investigation process (EIDIP) 242–243
- ETag 276
- EU Council Framework Decision on Combating Terrorism 228, 231
- European Commission (EC) 180
- European Economic Area (EEA) 180
- European Network and Information Security Agency (ENISA) 45
- European Union (EU) 12, 180
- European Union’s General Data Protection Regulation (GDPR) 53
- EVault SaaS 15
- evidence analysis and fixation 210
- expert users (EU)
- exploit‐as‐a‐service 322
- Extensible Markup Language (XML) 131
- external adversaries 54
- External Certificate Authority 34
f
- Family Educational Rights and Privacy Act (FERPA) 35, 332
- fault tolerance 13
- fear, uncertainty, and doubt (FUD) 24
- Federal Information Processing Standard (FIPS) 37
- Federal Information Processing Standard (FIPS) Publication 140‐2 20
- Federal Information Security Management Act (FISMA) 17
- Federal Risk and Authorization Management Program (FedRAMP) 161
- fight against terrorism 219
- file carving 303
- file‐encryption key (FK) 65
- file‐to‐process dependency 150
- flooding attacks ,
- Force.com 15, 31–34
- continuous, zero‐cost improvements 32
- shared infrastructure 32
- single version 32
- forensic cloud 212, 324
- forensic database 288
- forensics artifacts subsystem 288
- forensics‐as‐a‐service (FaaS) 209
- chapter road map 323
- cloud‐based 332–334
- cloud computing 322
- digital forensic analysis 321
- GPU‐based distributed forensic analysis 325–331
- limitations in state‐of‐the‐art research and tools 331–332
- limitations of traditional computer forensics 323–324
- MPI MapReduce 334
- potential of looking up to the cloud 324
- forensics readiness system constraints 290
- forensic triage 211
- F‐Response 213
- FROST 287
- FTK Imager v 3.4.26 276
- functionally encryptable data 177
g
- General Service Administration (GSA) 172
- generic distributed framework (GDF) 326
- geo‐redundant storage (GRS) 44
- getInfoByIdResponse 265
- Gibbs sampler 153
- GoGrid 15
- Google App Engine 15, 40–42
- Google Cloud Storage 315
- governance, risk management, and compliance (GRC) 173, 183
- GPU‐based distributed forensic analysis
- Bluepipe architecture 325
- central processing units 325
- data deduplication driven acceleration of forensic analysis 330–331
- forensics‐as‐a‐service 330
- generic distributed framework 326
- graphics processing units 325
- GRR rapid response framework 328–329
- Hansken 327–328
- limitations in state‐of‐the‐art research and tools 331–332
- MPI MapReduce 328
- scalable file‐based data store for forensic analysis 329–330
- XML information retrieval approach to digital forensics 326–327
- Gramm‐Leach‐Bliley Act (GLBA) 53
- graphics processing unit (GPU) 164
- GRR rapid response framework 328–329
h
- Hansken 327–328
- hard disk drive (HDD) 57
- hardware‐based isolation (HBI) 71
- Health Insurance Portability and Accountability Act (HIPAA) 17, 35, 53, 332
- hierarchical multitenancy (HMT) 83
- highavailability and integrity layer (HAIL) 176
- hijacking 293
- hop analysis 267, 272–273
- host firewalls 205
- host‐hopping attacks 168
- hybrid cloud , 206
- Hypertext Transfer Protocol Secure (HTTPS) 41
- Hyper‐V hypervisor 42
- hypervisor security
- environment 29
- implementation 29
- type‐1 (or native, bare‐metal) 30
- type‐2 (or hosted) 30
i
- IBM BlueGene/L supercomputer 323
- identity security
- granular authorization
- strong authentication
- IEEE 802.15.4 network 286
- 19‐inch‐wide server system 260
- indicator of compromise (IOC) 125
- indirectly critical assets 147
- Information and Communication Technology (ICT) 19
- information rights management (IRM)
- information security
- accountability
- personal information protection 12
- validation, attribution and evidence 13
- authorization 11
- availability 12
- confidentiality
- data remanence 10
- electronic authentication 10
- privacy 11
- software confidentiality 11
- integrity 11–12
- key considerations 14
- nonrepudiation 13–14
- Information Security Management System (ISMS) standards 17, 193
- information system (IS) 10
- Information Systems Audit and Control Association (ISACA) 19
- information technology (IT) communities 189
- Information Technology Infrastructure Library (ITIL) 18
- Information Technology Operation Support (ITOS) 171
- infrastructure‐as‐a‐service (IaaS) , 23, 82, 130, 204, 223, 307
- host security
- customer guest OS 28
- virtualization software security 27–28
- virtual server security 28
- infrastructure security
- initialization vector (IV) 65
- insecure APIs 293
- integrated digital investigation process (IDIP) 242
- integrity 11
- International Association of Privacy Professionals (IAPP) 175
- International Auditing and Assurance Standards Board (IAASB) 18
- International Electrotechnical Commission (IEC) 193
- International Federation of Accountants (IFAC) 18
- International Organization for Standardization (ISO) 193
- 9001:2008 18–19
- 27001 163
- 27002 27
- 31000:2009 19
- International Standards for Assurance Engagements (ISAE) No. 3402 18
- Internet of Everything (IoE) 190
- Internet of Things (IoT) 138
- Internet Protocol (IP) 158
- spoofing 38
- vulnerabilities
- Internet service provider (ISP) 37, 258
- Internet technology (IT) 52
- intrusion detection systems (IDS) 34, 135, 136, 143, 165, 205
- ISO/IEC 27001:2005 19
- IT Governance Institute (ITGI) 19
j
- JavaScript Object Notation (JSON) 213
- Joint Authorization Board (JAB) 172
k
- key‐retrieval module 64
- key storage provider (KSP) 178
- kumodd 315
l
- lack of transparency 293
- law enforcement 54
- law‐enforcement adversary 70
- law enforcement interventions in cybercrime 259
- layered interleaving 176
- legal environment of operations 261–263
- local area network (LAN)
- logical block addresses (LBAs) 65
- “lone wolf” terrorism 228
m
- Magnet Forensics’ Internet Evidence Finder (IEF) 213
- malicious insiders 132, 293
- and abuse of privileges 168
- malicious tenants 54
- malware‐as‐a‐service 227, 322
- malware propagation 132
- managed storage providers (MSPs) 52
- Man‐in‐the‐cloud attack 136
- MapReduce processing model 328
- master encryption keys (MK) 65
- MD5 hash value 276
- memory‐cache isolation 164
- Message Passing Interface (MPI) 328
- Microsoft Azure 16, 42–45, 227
- compliance programs 45
- data privacy 44–45
- data protection 44
- identity and access 44
- network security 44
- SQL authentication 44
- SQL database firewall 44
- threat defense 45
- Microsoft Office 365, use case 118–124
- assessment considerations 118–119
- Nemesis architecture 119
- VULCAN framework 119
- Microsoft’s Hyper‐V, DDoS attack 137
- mission assurance 196
- Mission Assurance Analysis Protocol (MAAP) 194
- monitored data subsystem 288
- monitoring‐as‐a‐service 322
- Motion Picture Association of America (MPAA) 35
- MPI MapReduce (MMR) 328
- multitenancy , 10
- multitenant model 163
- Mutual Legal Assistance Treaty (MLAT) 179
n
- National Institute of Standards and Technology (NIST) 109, 130
- National Software Reference Library (NSRL) 329
- Nemesis architecture 119
- on‐demand web application 115
- Netherlands Network Operators Group (NLNOG) Ring 270
- network‐level mitigation 26
- NIST Cloud Computing Security Reference Architecture (NCC‐SRA) 171
- NIST Cloud Computing Security Working Group (NCC‐SWG) 171
- NIST Special Publication 800‐53 standard 19–20
- Non‐Azure Active Directory User (NAADU) 101
- non‐disclosure agreement (NDA) 27
- non‐law‐enforcement‐friendly ISPs 258, 260
- nonrepudiation 13–14
o
- on‐demand computing
- online open source intelligence (OSINT) 268, 272
- Open Certification Framework (OCF) 180
- open project (OP) 86
- open source intelligence 267
- OpenStack 287
- OSAC model
- domains and projects 83–84
- object types and operations 85
- OSAC‐HMT model components 85–86
- project hierarchy 84
- role inheritance 85
- roles 84
- token 85
- secure information and resource‐sharing model
- administrative OSAC‐HMT‐SID model 88–90
- entity components 86–88
- OSAC‐HMT‐SID model components 88
- OpenStack access control (OSAC) model
- domains and projects 83–84
- hierarchical multitenancy 87
- object types and operations 85
- OSAC‐HMT model components 85–86
- project hierarchy 84
- role inheritance 85
- roles 84
- token 85
- OpenStack Access Control Model with Secure Isolated Domain extension (OSAC‐HMT‐SID model) 86
- OpenStack Cloud Files 213
- Open Systems Interconnection (OSI) network model 209
- open virtualization format (OVF) standard language 289
- operating systems (OS) 23, 130
- Organisation for Economic Co‐operation and Development (OECD) 12, 175
- Organization accounts 104
- OS‐level virtualization 28
p
- PaaS/IaaS forensics 312
- Packet sniffing, by other tenants 38
- pay‐as‐you‐go
- Payment Card Industry (PCI) 163
- Payment Card Industry Data Security Standard (PCI DSS) 17
- peer‐to‐peer (P2P) networks 61
- perimeter monitoring 34
- permissibility of encryption and expectation of privacy 263
- personally identifiable information (PII) 14, 176
- pertinent network data 252
- petabytes (PB) 178
- phishing attacks 226
- Phoenix shared‐memory implementation 328
- physical block address (PBA) 65
- plan, do, check, act (PDCA) model 193
- PlanetLab 271
- platform‐as‐a‐service (PaaS) –5, 23, 82, 130, 204, 223, 307
- port scanning 38
- Post Office Protocol (POP) 252
- Privacy Certification Module (PCM) 180
- Privacy Level Agreement (PLA) Working Group 179
- private cloud , 190, 206, 239
- proofs of ownership (PoWs) 60
- Proofs of Retrievability (POR) 176
- 2014 Protecting Canadians from Online Crime Act in Canada 231
- pseudo‐random function (PRF) protocol 61
- public cloud , 190, 205–206, 239
- public key infrastructure (PKI) 25, 286
- Python programming language 213
q
- quality assurance (QA) 40
r
- Rackspace 16
- random access memory (RAM) 249–250
- readiness core module 289
- redundant array of independent disks (RAID) 15, 57
- reference architecture 288–289
- repository scenario 223
- Representational State Transfer (REST) 31, 131, 213
- resource pooling
- RIPE Atlas 271
- RIPEstat 271
- risk management and disaster recovery
- consequence‐centric security assessment
- cloud‐based dependency graph 150–153
- cloud risk assessment and disaster recovery 146–148
- cloud security consequence tree 148–149
- cloud security evaluation 153–154
- Rivest–Shamir–Adleman (RSA) 15
- role‐based access control (RBAC) model 193
- root of trust and isolation platform 64
- routing analysis 267
- Routing and Remote Access Service (RRAS) 43
s
- Safe harbor 18
- Salesforce.com 32
- s3.amazonaws.com.lnk 212
- Sarbanes‐Oxley Act (SOX) 15
- SAS 70 18
- scalable file‐based data store for forensic analysis 329–330
- scanning‐as‐a‐service 322
- scene/onsite infrastructural questionnaire 251–252
- Seclius framework 147
- secure isolated domain (SID)
- secure isolated project (SIP)
- secure logging services (SecLaaS) 317
- secure offboarding 54
- secure sockets layer (SSL) 15, 33, 37, 55, 131, 192
- secure telephone unit (STU) 24
- Security and Risk Management (S&RM) 171
- security‐as‐a‐service (SECaaS)
- flowchart 197
- framework
- discovery module 195
- integration module 195
- mission assurance 196
- monitoring module 195
- phases of 198
- risk‐assessment module 195
- security controls 195
- security implications 191
- Security Content Automation Protocol (SCAP) standards 169
- Security Development Lifecycle (SDL) 16
- security event management (SEM) 34
- security information and event management (SIEM) 192
- security project (SP) 86
- Semantic Natural Language Processor (SNLP) 112
- service‐engine attacks 168
- service‐level agreement (SLA) , 24, 159, 193, 291–292
- service‐level objectives (SLOs) 292
- Service Organization Control 2 (SOC 2) 17
- service‐oriented architecture (SOA) 165
- Service Oriented Architecture and Web Services (SOA‐WS) 283
- service provider interface (SPI) 23
- Shared Access Signatures (SAS) 43
- silverline 177
- Simple Object Access Protocol (SOAP) 31, 131
- small and medium‐sized enterprises (SMEs) 177
- small to medium‐size businesses (SMBs) 26
- social terrorism 218
- software‐as‐a‐service (SaaS) , 23, 82, 130, 204, 223, 306–307
- application configurations 111
- forensics
- cloud drive forensics 310–311
- cloud‐native application forensics 308–310
- new tools 311
- and PaaS host security 27
- software confidentiality 11
- software‐defined networks (SDNs) 225
- software development life cycle (SDLC) 33
- Software Guard Extensions (SGX) 71
- software integrity 11
- software interfaces 11
- solid state disk (SSD) 55
- stage encryption 55–56
- standards development organizations (SDOs) 126
- Statement on Auditing Standards (SAS) 173
- Statement on Standards for Attestation Engagements (SSAE) No. 16 18
- storage‐access adversary 70
- storage application (SA) 63
- storage scaling 330
- storage service providers (SSPs) 52
- Stuxnet worm 221
- symmetric cryptosystem 64
- Syrian state terrorism 219
- SysAdmin, Audit, Network, Security (SANS) , 164
- SysTrust 15, 27
t
- tenant 81
- tenant offboarding 54
- terabytes (TB) 178
- terrorism 218–220
- terrorist use of cyberspace 221–222
- theft attacks 168
- third‐party auditor (TPA) 170
- threat monitoring 34
- threshold cryptosystem 61
- Tier standard 18
- token 85
- tokenization 192
- topological vulnerability analysis (TVA) 144
- traceback 242
- traceroute 266
- track‐shingling technique 303
- transborder dataflow 180
- Transmission Control Protocol/Internet Protocol (TCP/IP) network model 209
- transparent data encryption (TDE) 44
- transport layer security (TLS) , 33
- triple data encryption algorithm (3DES) 44
- trusted code base (TCB) 71
- Trusted Computer Security Evaluation Criteria (TCSEC) 29
- Trusted Computing Group (TCG) 169, 193
- trusted decrypter (TD) 59
- coordinator module (CoMod) 64
- critical module (CritMod) 64
- secure data‐reduction operations
- detailed secure data‐reduction operations 65–66
- file deletion 68
- offboarding requests 68
- preliminaries 64–65
- read requests 67
- rekeying requests 67
- secure data deletion 68
- securing critical module 68–69
- write requests 66–67
- trusted execution environments (TEEs) 69
- Trusted Network Communications (TNC) 192
- trusted platform module (TPM) 176, 192
u
- ubiquitous network access
- UN Convention for the Suppression of Acts of Nuclear Terrorism 229
- uninterruptible power supply (UPS) 33
- United States Government (USG) 171
- unlawful combatants 219
- UN‐sponsored Comprehensive Convention on International Terrorism 231
- U.S. Department of Defense (DoD) 14, 24
- User (U) 104
- User Datagram Protocol (UDP) 72
- U.S. National Institute of Standards and Technology (NIST) , 189
v
- virtual computer system (VCS) 29
- virtual hard disk (VHD) 43
- virtualization 129
- software security 27–28
- threats
- communication threat 134
- cross‐VM side‐channel attack 133
- sharing of VM images 133–134
- VM escape attack 133
- virtualizedbased isolation (VBI) 71
- virtual machine (VM) , 25, 131
- escape in VirtualBox 136–137
- Workstation Player 12.1.0. 276
- virtual‐machine based rootkit (VMBR) 30
- virtual machine manager (VMM) 28, 284
- virtual private network (VPN) 37
- dynamic routing 43
- static routing 43
- virtual server security 28
- VULCAN framework 113, 116, 119
- vulnerability assessment 111–112
- vulnerability diagnostic trees (VDTs) 170
w
- WebCacheV01.dat 276
- web service‐level agreement (WSLA) 165
- Web Services Description Language (WSDL) , 131
- web services security (WSSecurity)
- WHOIS analysis 266
- WHOIS queries 272
- wide area network (WAN)
- WikiLeaks 260
- Windows Azure storage 213
- Windows based virtual machines (VM) 264
x
- XML information retrieval approach to digital forensics (XIRAF) 326–327
- XML signature
..................Content has been hidden....................
You can't read the all page of ebook, please click
here login for view all page.