CLOUD COMPUTING: Implementation, Management, and Security



Similar documents
Cloud Computing. Implementation, Management, and Security. John W. Rittinghouse James F. Ransome

CLOUD COMPUTING HANDBOOK

How To Understand Cloud Computing

Cloud Computing. Chapter 2 Software as a Service (SaaS)

Preparation Guide. EXIN Cloud Computing Foundation

TECHNOLOGY GUIDE THREE. Emerging Types of Enterprise Computing

Cloud Computing. Cloud computing:

Introduction to Cloud Services

Trends in Cloud Computing in Higher Education

Introduction to Cloud Computing

Cloud Courses Description

Legal Issues in the Cloud: A Case Study. Jason Epstein

Cloud Computing. What is Cloud Computing?

Cloud Courses Description

Preparation Guide Content. EXIN Cloud. 1. Overview 4 2. Exam Requirements 6 3. List of Basic Concepts 9 4. Exam Literature 13. Computing Foundation

8 REASONS MORE COMPANIES ARE MOVING THEIR BUSINESS PHONES TO THE CLOUD

Certified Cloud Computing Professional VS-1067

ITP 140 Mobile Technologies. Mobile Topics

Cisco WebEx Meetings Server

Architectural Implications of Cloud Computing

Introduction to Cloud Computing

Google Apps Premier Edition. Included Yes Yes Yes Storage 25 GB Varies by deployment

White Paper on CLOUD COMPUTING

CLOUD COMPUTING An Overview

Glossary of terms used in the survey

Contents. BBS Software as a Service (SaaS),7. EH introducing aoudco.pu.ing 1. Distinguishing Cloud Types 4. Exploring

Telephony Telephony more than just a phone system.

NSW Government. Wireless services (WiFi) Standard

Bringing the Cloud into Focus. A Whitepaper by CMIT Solutions and Cadence Management Advisors

How cloud computing can transform your business landscape

In a dynamic economic environment, your company s survival

Computing Service Provision in P2P Clouds

IT Infrastructure and Emerging Technologies

Product Information. Sugar vs Zoho. Features Comparison

Customer Engagement & The Cloud

End-User Access to Cloud Computing

Ananthakrishnan J Architect, Sonata Software. Ananth B Product Manager Testing Practice. Sonata Software Limited. Sonata Software Limited

Refresher on cloud computing

USE OF CLOUD COMPUTING BY SMALL AND MEDIUM ENTERPRISES

Kroll Ontrack VMware Forum. Survey and Report

Myth #1: Cloud is such a vague concept, it s impossible to know where to start.

August 6, Technology 101 for the Corporate Lawyer

Cloud Computing - Architecture, Applications and Advantages

Hosted Video in Cloud Computing

Network and Services (NETW-903)

Efficient Framework for Deploying Information in Cloud Virtual Datacenters with Cryptography Algorithms

CLOUD COMPUTING: A REVIEW

HOW HOSTED EXCHANGE COMPARES WITH GOOGLE APPS

Cloud Computing TODAY S TOPICS WHAT IS CLOUD COMPUTING? ICAC Webinar Cloud Computing September 4, What Cloud Computing is and How it Works

An Introduction to Unified Communications for Hospitals

Cloud Computing Evolution Not Revolution

HyperOffice and the On-Line Collaboration Marketplace

Essential Characteristics of Cloud Computing: On-Demand Self-Service Rapid Elasticity Location Independence Resource Pooling Measured Service

A CLOUD-BASED FRAMEWORK FOR ONLINE MANAGEMENT OF MASSIVE BIMS USING HADOOP AND WEBGL

Hexaware E-book on Q & A for Cloud BI Hexaware Business Intelligence & Analytics Actionable Intelligence Enabled

Cisco WebEx Meeting Center

WEB SERVICES FOR MOBILE COMPUTING

An Introduction to Cloud Computing Concepts

Mobile Cloud Computing T Open Source IaaS

OpenScape Web Collaboration

Why You Should Consider Cloud- Based Archiving. A whitepaper by The Radicati Group, Inc.

Do It Yourself Telephony and Messaging Services With FOSS. GNOME Asia Summit 2015 May 9 th, gnome.asia

Peter Zhang, Ph.D. Principal consultant, ZHTECH Corporation Adjunct Professor, Cal State University, Fullerton

The Connected Agency: Enhancing Collaboration in the Insurance Industry

The Cisco Powered Network Cloud: An Exciting Managed Services Opportunity

Fundamental Concepts and Models

Capturing the New Frontier:

A CommVault Business-Value White Paper Understanding and Mitigating the Legal Risks of Cloud Computing

Infopaper. Demystifying Platform as a Service

APPLICATION OF CLOUD COMPUTING IN EDUCATION. Achmad Benny Mutiara

Sametime 101: Feature Overview. Roberto Chiabra IBM Certified IT Specialist

Comparing VMware Zimbra with Leading and Collaboration Platforms Z I M B R A C O M P E T I T I V E W H I T E P A P E R

Joseph Guarino Owner/CEO/Sr. Consultant Evolutionary IT CISSP, LPIC, MCSE 2000, MCSE 2003, PMP

Building Blocks of the Private Cloud

Transcription:

CLOUD COMPUTING: Implementation, Management, and Security By: John W. Rittinghouse and James F. Ransome CRC Press, Taylor & Francis Group, Boca Raton, FL, 2010, ISBN: 978-1-4398-0680-7 Price: $79.95 Reviewed by Joshua Matloff Journal of High Technology Law Suffolk University Law School Cloud Computing: Implementation, Management, and Security is a non-fiction introduction to cloud computing for the non-technical person. 1 The authors introduce various common cloud technologies without dwelling on technical details, directing the book toward managers and technical people alike. 2 Both classes of people can gain knowledge of what cloud computing technologies are, and the business and legal implications behind these technologies. Dr. John Rittinghouse has twenty-five years of experience as a security and management specialist. 3 Dr. Rittinghouse worked for many Fortune 500 companies, and currently assists the Department of Homeland Security and Department of Commerce. 4 Dr. James Ransome is the senior director and chief security officer of Cisco s Collaborative Software Group where he works on Cisco s WebEx product. 5 In Cloud Computing: Implementation, Management, and Security, the authors present a persuasive case for businesses to use cloud computing solutions, but a less persuasive case that the time to switch cloud computing is now. While acknowledging the vagueness and confusion 1 JOHN W. RITTINGHOUSE & JAMES F. RANSOME, CLOUD COMPUTING: IMPLEMENTATION, MANAGEMENT, AND SECURITY, xix (CRC Press, Taylor & Francis Group) (2010). 2 Id. 3 Biography of John W. Rittinghouse, Ph.D., CISM, archived at http://www.webcitation.org/5ntfjvrgr 4 Id. 5 Biography of James Ransome, Cisco Systems, Inc., archived at http://www.webcitation.org/5ntgffdpu. 1

surrounding the term cloud computing, the authors tentatively define it as the delivery of computational resources form a location other than the one from which you are computing. 6 The authors begin with the technical background of cloud computing, by describing the history and evolution of computers and the internet. After laying the basic framework of networking, the authors explain virtualization, which is a method of cloud computing that enables one piece of hardware to run multiple virtual environments. Many types of cloud computing services are available because of massive presence of the internet. Communication-as-a-Service ( CaaS ) allows for certain messaging tools such as Voice over IP ( VoIP ), Instant Messaging ( IM ), and video conferencing. 7 Infrastructure as a Service ( IaaS ) is the delivery of computer infrastructure as a service that allows the customer to maintain owner and management of their application(s) while off-loading... infrastructure management to the IaaS provider. 8 Monitoring as a Service ( MaaS ) is the outsourcing of security services to a third party security team. 9 Platform-as-a-Service ( PaaS ) is an application delivery model that is independent from the specific operation system it is running on it is meant to be only a web-based development infrastructure. 10 Software-as-a-Service ( SaaS ) is typically when a software vendor supplies software over a network as opposed to the typical distribution of installation on individual computers. 11 IT Professionals use several protocols and technologies to build cloud networks. One reason for making a switch to cloud networks is that cloud data cents are cost-effective and allow 6 RITTINGHOUSE & RANSOME, supra note 1, at xxvii. 7 RITTINGHOUSE & RANSOME, supra note 1, at 30. 8 RITTINGHOUSE & RANSOME, supra note 1, at 34-35. 9 RITTINGHOUSE & RANSOME, supra note 1, at 44. 10 RITTINGHOUSE & RANSOME, supra note 1, at 48. 11 RITTINGHOUSE & RANSOME, supra note 1, at 50. 2

for better collaboration 12 Service-oriented architectures ( SOAs ) can leverage network services, but SOAs only somewhat overlap with the area of cloud computing. 13 Cloud computing is not a replacement for SOAs, but SOAs are a building step towards getting a cloud computing system. 14 The authors describe how to enable an SOA by planning for capacity, availability, and security. 15 After planning, open source software can then inexpensively enable the systems. 16 The book describes various open source solutions such as the Apache web server, database software such as MySQL and PostgreSQL, and virtualization software such as VMWare and Xen. 17 Sun xvm VirtualBox, available free of charge, can virtualize software on a computer. 18 The authors detail the general steps of downloading and installing the virtualization software. 19 Then, the authors describe how to download and install a guest operating system onto to the Sun xvm VirtualBox while using FreeDOS. 20 The book provides screenshots of every step of the installation process for both the Sun xvm VirtualBox and the FreeDos Operating System. 21 The three elements of federation, presence, and privacy in cloud computing help describe, on a semi-technical level, whether there are reasonable concerns about security in the cloud and how those concerns can be eliminated. 22 Federation is, generally, the ability for two 12 RITTINGHOUSE & RANSOME, supra note 1, at 62 (describing collaboration as the opiate of the masses ). The authors further note that employees could be concerned, for instance, that the company email system is limited to 80 MB of storage, where Google and Yahoo! offer gigabytes of storage. RITTINGHOUSE & RANSOME, supra note 1, at 67. 13 RITTINGHOUSE & RANSOME, supra note 1, at 70-71. 14 RITTINGHOUSE & RANSOME, supra note 1, at 72. 15 RITTINGHOUSE & RANSOME, supra note 1, at 73-74. 16 RITTINGHOUSE & RANSOME, supra note 1, at 77. 17 RITTINGHOUSE & RANSOME, supra note 1, at 78-79, 82-83. 18 RITTINGHOUSE & RANSOME, supra note 1, at 103. 19 RITTINGHOUSE & RANSOME, supra note 1, at 104-112. 20 RITTINGHOUSE & RANSOME, supra note 1, at 112-21. (describing FreeDOS as one of many possible free virtual operating systems available online). 21 RITTINGHOUSE & RANSOME, supra note 1, at 103-128. 22 RITTINGHOUSE & RANSOME, supra note 1, at 129. 3

servers to exchange information. There are four different types of federation and some are more secure than the others. 23 Presence in the cloud is what allows for a user s availability to be broadcast to other users. 24 Privacy is the relationships between collection and dissemination of data, technology, the public expectation of privacy, and the legal issues surrounding them. 25 However, there are legal issues regarding data privacy. 26 Laws can oblige a cloud provider to examine user records for evidence of criminal activity but the status of privacy and confidentiality in the cloud is legally uncertain. 27 Security in cloud computing is only as good as the security of the cloud computing provider. 28 Compliance standards help with data level security, requiring that data is not intermixed with other data. 29 In addition, statutes and regulations such as the Sarbanes-Oxley Act, the Gramm-Leach-Biley Act, and the Health Insurance Portability and Accountability Act also govern security in cloud computing. 30 Third party risk management can mitigate legal actions if the provider hasn t performed due diligence on its third-party vendors. 31 The book does not limit the discussion to technical security methods, but also stresses the importance of training a company s personnel to comply with security standards as well. 32 Technical standards continue to emerge in cloud computing. 33 For instance, the open cloud consortium develops standards to allow different cloud numbers to operate with each 23 RITTINGHOUSE & RANSOME, supra note 1, at 132. 24 RITTINGHOUSE & RANSOME, supra note 1, at 136. 25 RITTINGHOUSE & RANSOME, supra note 1, at 147. 26 RITTINGHOUSE & RANSOME, supra note 1, at 149. 27 RITTINGHOUSE & RANSOME, supra note 1, at 149-50. 28 RITTINGHOUSE & RANSOME, supra note 1, at 158. 29 RITTINGHOUSE & RANSOME, supra note 1, at 160. 30 RITTINGHOUSE & RANSOME, supra note 1, at 160. 31 RITTINGHOUSE & RANSOME, supra note 1, at 169. 32 RITTINGHOUSE & RANSOME, supra note 1, at 164. 33 RITTINGHOUSE & RANSOME, supra note 1, at 183. 4

other. 34 Application developers also have standards, such as AJAX, an interface that allows developers to dynamically grab data from the cloud and display it on the client side. 35 Data standards, like XML, allow users to create their own markup to enable sharing of structured data. 36 Messaging standards range from the IMAP STMP and POP email standards to syndication standards, RSS and ATOM and regular communication standards such as HTTP or XMMP. 37 Some of the popular Software-as-a-Service providers can be integrated into other cloud computing solutions. 38 The book describes YouTube, the popular streaming video website, Zimbra, a web-based email, calendar, and collaboration software package, Facebook, the social networking website, Zoho, the document application suite, and the DimDim collaboration suite. The book introduces these SaaS packages are case studies of cloud computing integration. 39 Mobile internet devices, such as smartphones, can also integrate with cloud computing. 40 The authors explain the differences between the popular smartphone operating systems, iphone, Android, BlackBerry, Windows Mobile, and Ubuntu Mobile Internet Device. 41 The authors describe mobile virtualization and collaboration applications for mobile devices. 42 In closing, the authors predict that cloud computing is at an immature stage of its development, but that when security and privacy improves cloud computing will expand. The authors, however, believe that companies and consumers are missing out on cloud computing because 34 RITTINGHOUSE & RANSOME, supra note 1, at 183. 35 RITTINGHOUSE & RANSOME, supra note 1, at 188. 36 RITTINGHOUSE & RANSOME, supra note 1, at 189-90. 37 RITTINGHOUSE & RANSOME, supra note 1, at 193-205. 38 RITTINGHOUSE & RANSOME, supra note 1, at 214. 39 RITTINGHOUSE & RANSOME, supra note 1, at 215-223. 40 RITTINGHOUSE & RANSOME, supra note 1, at 235. 41 RITTINGHOUSE & RANSOME, supra note 1, at 237-250. 42 RITTINGHOUSE & RANSOME, supra note 1, at 257. 5

they do not fully grasp the concept and they hope the book improves the grasp of this technology. 43 Cloud Computing: Implementation, Management, and Security collects and provides quality information about cloud computing in one source. As a resource, this book would be valuable to either a business person trying to decide whether to switch to cloud computing, or IT personnel who would like to educate themselves on cloud computing because it has a wealth of information of both the background of cloud computing, and examples of possible implementations. It does not fully answer concerns about the maturity of the technology, and while it does explain the security of cloud computing, it would not fully assuage the fears of a manager about possible security breaches in the cloud because, as the authors admit, the technology is at an immature stage of its development. Structurally, however, the book lays forth a pyramid of ideas to reach its conclusion: that cloud computing is here to stay, and companies should get on board. The book does prove this thesis, but lacks a continuous theme of clearly bringing each chapter back to why cloud computing should be implemented at companies. In appendix B, a mock dialogue of a board meeting explains why a company would switch to cloud computing. While contrived, this appendix does a good job of concisely explaining what advantages cloud computing would provide for a company, and successfully pulls the book together. The appendix does not offer any new information it is a collection of information scattered throughout the technical chapters but it ties the book together. In sum, Cloud Computing: Implementation, Management and Security performs the difficult task of providing technical 43 RITTINGHOUSE & RANSOME, supra note 1, at 259. 6

information for people who don t necessarily have technical experience can make an informed decision about whether to adopt cloud computing. 7

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information