Faced with the lack of solutions for secure distribution of AWS access keys to developers, AdRoll decided to build their own open source Hologram, a system that brings Amazon's Instance Profile mechanism to developer workstations. Adair details the process, tool design and main features.
Security audits are an important part of IT security programs. In this article, authors highlight the challenges in cloud computing business models, based on interviews with cloud security auditors. They talk about the challenges in the areas of transparency, encryption and colocation and domain-tailored audits as ideal solution in the new model.
Security. Cloud. Two words that are almost always together but rarely happily. Read on to learn why that isn’t the case and what you need to known about securing your critical infrastructure in the cloud.
What’s the best way to protect servers in the cloud? To find out, InfoQ spoke with Mark Nunnikhoven, a Principal Engineer in the Cloud & Emerging Technologies division at Trend Micro.
This article defines a Data Encryption Infrastructure (DEI) which encompasses technology components and an application architecture that governs the protection of sensitive data within an enterprise.
This opinion piece discusses limitations in the SCIM data model specification as perceived by the author. He provides three specific suggestions which were also posted to the SCIM mailing list. 5
Orlando Scott-Cowley discusses security in the cloud and the need for industry standards to lower the barriers to entry while ensuring that customer data is safe.
In this article, authors discuss a distributed architecture based on principles from security management and software engineering to address cloud computing’s security challenges.
Managing security requirements from early phases of software development is critical. In this article, author Rohit Sethi discusses how to map security requirements to user stories in Agile projects. 2
In this IEEE article, authors Stephen Yau and Ho An talk about the advantages and challenges in application development using service-oriented architecture and cloud computing technologies. 2
This article presents a web application architecture that leverages cloud resources and an enterprise key-management infrastructure to lower costs while proving compliance to data-security regulations 8
Security concerns plague cloud consumers so how should these concerns be addressed? This article introduces the basic principles and patterns that should guide a cloud security architecture.