What’s the best way to protect servers in the cloud? How can you account for the transient nature of cloud servers and provide the same protection in the cloud as on on-premises? To find out, InfoQ spoke with Mark Nunnikhoven, a Principal Engineer in the Cloud & Emerging Technologies division at Trend Micro. You can find Mark on Twitter as @marknca.
This article builds on the foundational Regulatory Compliant Cloud Computing (RC3) architecture for application security in the cloud by defining a Data Encryption Infrastructure(DEI) which is not application specific. DEI encompasses technology components and an application architecture that governs the protection of sensitive data within an enterprise.
This opinion piece discusses three specific suggestions for improving the SCIM data model: 1. Both the enterprise client and cloud provider should map their internal IDs to a shared External ID, which is the only ID exposed through the API. 2. Multi-valued attributes of a resource must be converted from an array into a dictionary with unique keys. 3. 3 ways to improve the PATCH command
Orlando Scott-Cowley discusses security in the cloud and the need for industry standards to lower the barriers to entry while ensuring that customer data is safe.
In this article, authors discuss a distributed architecture based on principles from security management and software engineering to address cloud computing’s security challenges.
Managing security requirements from early phases of software development is critical. In this article, author Rohit Sethi discusses how to map security requirements to user stories in Agile projects. 2
In this IEEE article, authors Stephen Yau and Ho An talk about the advantages and challenges in application development using service-oriented architecture and cloud computing technologies. 2
This article presents a web application architecture that leverages cloud resources and an enterprise key-management infrastructure to lower costs while proving compliance to data-security regulations 8
Security concerns plague cloud consumers so how should these concerns be addressed? This article introduces the basic principles and patterns that should guide a cloud security architecture.
In this IEEE article, author Eric Olden discusses an identity fabric that links multiple applications to a single identity to manage the volume of user identities in the cloud. 1
In this IEEE panel discussion article, guest editors Ivan Arce and Anup Ghosh facilitated the discussion on cloud computing security risks.
In this article, Michael Poulin elaborates on the differences between of governance and management and tries to explore the 'wonderland' of governance in a service-oriented environment. 3