登入帳戶  | 訂單查詢  | 購物車/收銀台( 0 ) | 在線留言板  | 付款方式  | 運費計算  | 聯絡我們  | 幫助中心 |  加入書簽
會員登入 新用戶登記
HOME新書上架暢銷書架好書推介特價區會員書架精選月讀2023年度TOP分類瀏覽雜誌 臺灣用戶
品種:超過100萬種各類書籍/音像和精品,正品正價,放心網購,悭钱省心 服務:香港台灣澳門海外 送貨:速遞郵局服務站

新書上架簡體書 繁體書
暢銷書架簡體書 繁體書
好書推介簡體書 繁體書

三月出版:大陸書 台灣書
二月出版:大陸書 台灣書
一月出版:大陸書 台灣書
12月出版:大陸書 台灣書
11月出版:大陸書 台灣書
十月出版:大陸書 台灣書
九月出版:大陸書 台灣書
八月出版:大陸書 台灣書
七月出版:大陸書 台灣書
六月出版:大陸書 台灣書
五月出版:大陸書 台灣書
四月出版:大陸書 台灣書
三月出版:大陸書 台灣書
二月出版:大陸書 台灣書
一月出版:大陸書 台灣書

『英文書』Auditing Cloud Computing: A Security And Privacy Guide(ISBN=9780470874745)

書城自編碼: 1856626
分類:簡體書→原版英文書
作者: BenHalpert
國際書號(ISBN): 9780470874745
出版社: Wiley
出版日期: 2012-01-01
版次: 1 印次: 1
頁數/字數: 206/
書度/開本: 16开 釘裝: 精装

售價:HK$ 953.7

我要買

 

** 我創建的書架 **
未登入.


新書推薦:
进化战略家
《 进化战略家 》

售價:HK$ 82.8
瑜伽新史:从古印度到现代西方
《 瑜伽新史:从古印度到现代西方 》

售價:HK$ 153.6
士绅社会:中国古代“富民社会”的最高阶段
《 士绅社会:中国古代“富民社会”的最高阶段 》

售價:HK$ 57.6
盘扣制作入门必备
《 盘扣制作入门必备 》

售價:HK$ 69.6
明朝大悲咒(第六届茅盾文学奖得主  《张居正》作者熊召政明史随笔)
《 明朝大悲咒(第六届茅盾文学奖得主 《张居正》作者熊召政明史随笔) 》

售價:HK$ 66.0
野村克也胜负哲学
《 野村克也胜负哲学 》

售價:HK$ 64.8
穿越中亚:从阿拉木图到大不里士
《 穿越中亚:从阿拉木图到大不里士 》

售價:HK$ 69.6
书人有七:思想的活力
《 书人有七:思想的活力 》

售價:HK$ 70.8

 

內容簡介:
The auditor''s guide to ensuring correct security and
privacy practices in a cloud computing environment
Many organizations are reporting or projecting a significant
cost savings through the use of cloud computing—utilizing shared
computing resources to provide ubiquitous access for organizations
and end users. Just as many organizations, however, are expressing
concern with security and privacy issues for their organization''s
data in the "cloud." Auditing Cloud Computing provides
necessary guidance to build a proper audit to ensure operational
integrity and customer data protection, among other aspects, are
addressed for cloud based resources.

Provides necessary guidance to ensure auditors address security
and privacy aspects that through a proper audit can provide a
specified level of assurance for an organization''s resources
Reveals effective methods for evaluating the security and
privacy practices of cloud services
A cloud computing reference for auditors and IT security
professionals, as well as those preparing for certification
credentials, such as Certified Information Systems Auditor
CISA

Timely and practical, Auditing Cloud Computing expertly
provides information to assist in preparing for an audit addressing
cloud computing security and privacy for both businesses and cloud
based service providers.
關於作者:
BEN HALPERT, CISSP, is an information security
researcher and practitioner. He has keynoted and presented sessions
at numerous conferences and was a contributing author to
Readings and Cases in the Management of Information Security
and the Encyclopedia of Information Ethics and Security.
Halpert writes a monthly security column for Mobile Enterprise
magazine as well as an IT blog www.benhalpert.com. He is also an
adjunct instructor and on the advisory board of numerous colleges
and universities.
目錄
Preface xiii
Chapter 1: Introduction to Cloud Computing
History
Defining Cloud Computing
Elasticity
Multitenancy
Economics
Abstraction
Cloud Computing Services Layers
Infrastructure as a Service
Platform as a Service
Software as a Service
Roles in Cloud Computing
Consumer
Provider
Integrator
Cloud Computing Deployment Models
Private
Community
Public
Hybrid
Challenges
Availability
Data Residency
Multitenancy
Performance
Data Evacuation
Supervisory Access
In Summary
Chapter 2: Cloud-Based IT Audit Process
The Audit Process
Control Frameworks for the Cloud
ENISA Cloud Risk Assessment
FedRAMP
Entities Using COBIT
CSA Guidance
CloudAuditA6—The Automated Audit, Assertion, Assessment, and
Assurance API
Recommended Controls
Risk Management and Risk Assessment
Risk Management
Risk Assessment
Legal
In Summary
Chapter 3: Cloud-Based IT Governance
Governance in the Cloud
Understanding the Cloud
Security Issues in the Cloud
Abuse and Nefarious Use of Cloud Computing
Insecure Application Programming Interfaces
Malicious Insiders
Shared Technology Vulnerabilities
Data LossLeakage
Account, Service, and Traffic Hijacking
Unknown Risk Profile
Other Security Issues in the Cloud
Governance
IT Governance in the Cloud
Managing Service Agreements
Implementing and Maintaining Governance for Cloud Computing
Implementing Governance as a New Concept
Preliminary Tasks
Adopt a Governance Implementation Methodology
Extending IT Governance to the Cloud
In Summary
Chapter 4: System and Infrastructure Lifecycle Management for the
Cloud
Every Decision Involves Making a Tradeoff
Example: Business ContinuityDisaster Recovery
What about Policy and Process Collisions?
The System and Management Lifecycle Onion
Mapping Control Methodologies onto the Cloud
Information Technology Infrastructure Library
Control Objectives for Information and Related Technology
National Institute of Standards and Technology
Cloud Security Alliance
Verifying Your Lifecycle Management
Always Start with Compliance Governance
Verification Method
Illustrative Example
Risk Tolerance
Special Considerations for Cross-Cloud Deployments
The Cloud Provider’s Perspective
Questions That Matter
In Summary
Chapter 5: Cloud-Based IT Service Delivery and Support
Beyond Mere Migration
Architected to Share, Securely
Single-Tenant Offsite Operations
Managed Service Providers
Isolated-Tenant Application Services
Application Service Providers
Multitenant Cloud Applications and Platforms
Granular Privilege Assignment
Inherent Transaction Visibility
Centralized Community Creation
Coherent Customization
The Question of Location
Designed and Delivered for Trust
Fewer Points of Failure
Visibility and Transparency
In Summary
Chapter 6: Protection and Privacy of Information Assets in the
Cloud
The Three Usage Scenarios
What Is a Cloud? Establishing the Context—Defining Cloud
Solutions and their Characteristics
What Makes a Cloud Solution?
Understanding the Characteristics
Service Based
On-Demand Self-Service
Broad Network Access
Scalable and Elastic
Unpredictable Demand
Demand Servicing
Resource Pooling
Managed Shared Service
Auditability
Service Termination and Rollback
Charge by Quality of Service and Use
Capability to Monitor and Quantify Use
Monitor and Enforce Service Policies
Compensation for Location Independence
Multitenancy
Authentication and Authorization
Confidentiality
Integrity
Authenticity
Availability
Accounting and Control
Collaboration Oriented Architecture
Federated Access and ID Management
The Cloud Security Continuum and a Cloud Security Reference
Model
Cloud Characteristics, Data Classification, and Information
Lifecycle Management
Cloud Characteristics and Privacy and the Protection
of Information Assets
Information Asset Lifecycle and Cloud Models
Data Privacy in the Cloud
Data Classification in the Context of the Cloud
Regulatory and Compliance Implications
A Cloud Information Asset Protection and Privacy Playbook
In Summary
Chapter 7: Business Continuity and Disaster Recovery
Business Continuity Planning and Disaster Recovery
Planning Overview
Problem Statement
The Planning Process
The Auditor’s Role
Augmenting Traditional Disaster Recovery with Cloud Services
Cloud Computing and Disaster Recovery: New Issues to Consider
Cloud Computing Continuity
Audit Points to Emphasize
In Summary
Chapter 8: Global Regulation and Cloud Computing
What is Regulation?
Federal Information Security Management Act
Sarbanes-Oxley Law
Health Information Privacy Accountability Act
GrahamLeachBliley Act
Privacy Laws
Why Do Regulations Occur?
Some Key Takeaways
The Real World—A Mixing Bowl
Some Key Takeaways
The Regulation Story
Privacy
International Export Law and Interoperable Compliance
Effective Audit
Identifying Risk
In Summary
Chapter 9: Cloud Morphing: Shaping the Future of Cloud Computing
Security and Audit
Where Is the Data?
A Shift in Thinking
Cloud Security Alliance
CloudAudit 1.0
Cloud Morphing Strategies
Virtual Security
Data in the Cloud
Cloud Storage
Database Classes in the Cloud
Perimeter Security
Cryptographic Protection of the Data
In Summary
Appendix: Cloud Computing Audit Checklist
About the Editor
About the Contributors
Index

 

 

書城介紹  | 合作申請 | 索要書目  | 新手入門 | 聯絡方式  | 幫助中心 | 找書說明  | 送貨方式 | 付款方式 香港用户  | 台灣用户 | 大陸用户 | 海外用户
megBook.com.hk
Copyright © 2013 - 2024 (香港)大書城有限公司  All Rights Reserved.