BT
x Your opinion matters! Please fill in the InfoQ Survey about your reading habits!
  • Introduction to Cloud Security Architecture from a Cloud Consumer's Perspective

    by Subra Kumaraswamy on  Dec 07, 2011

    Security concerns are the number one barrier to cloud services adoption. How do we evaluate a vendor's solution? What is an optimal security architecture? What are consumer versus provider responsibilities? What are industry standard patterns in this regard? This article answers some of these questions based on first hand experience dealing with large scale cloud adoption.

  • Comparison of Intrusion Tolerant System Architectures

    by Quyen L. Nguyen and Arun Sood on  Nov 25, 2011 3

    In this IEEE article, authors Quyen L. Nguyen and Arun Sood discuss three types of intrusion tolerant system (ITS) architectures and their efficiency for intrusion tolerance and survivability. For the ITS architectures, they propose a taxonomy with four categories: detection triggered, algorithm driven, recovery based, and hybrid.

  • Virtual Panel: Security Considerations in Accessing NoSQL Databases

    by Srini Penchikala on  Nov 15, 2011 4

    NoSQL databases offer alternative data storage options for storing unstructured data compared to traditional relational databases. Though the NoSQL databases have been getting a lot of attention lately, the security aspects of storing and accessing NoSQL data haven't been given much emphasis. This article focuses on the security considerations and best practices in accessing the NoSQL databases.

Developer-Driven Threat Modeling

Posted by Danny Dhillon on  Nov 11, 2011

In this IEEE article, author Danny Dhillon discusses a developer-driven threat modeling approach to identify threats based on the dataflow diagrams for assessing and mitigating the security risks. 3

Mobile Attacks and Defense

Posted by Charlie Miller on  Oct 17, 2011

In this IEEE article, author Charlie Miller talks about mobile security vulnerabilities. He discusses how iOS and Android phones can be attacked using mobile malware and drive-by downloads.

Agile is at a crossroad: Scale or fail?

Posted by Chris Matts and Olav Maassen on  Oct 14, 2011

Risk management is a crucial discipline for projects, and finding ways to do effective risk management on agile projects will spell the difference between Agile scaling into the enterprise or failing. 5

Resilient Security Architecture

Posted by John Diamant on  Sep 27, 2011

In this IEEE article, author John Diamant talks about improving security quality of software applications using techniques like security requirements gap analysis and architectural threat analysis.

Architecting a Cloud-Scale Identity Fabric

Posted by Eric Olden on  Jun 29, 2011

In this IEEE article, author Eric Olden discusses an identity fabric that links multiple applications to a single identity to manage the volume of user identities in the cloud. 1

Interview and Book Excerpt: CERT Resilience Management Model

Posted by Srini Penchikala on  May 30, 2011

InfoQ spoke with Rich Caralli from SEI's Resilient Enterprise Management Team about Resilience Management Model used for managing operational resilience in complex, risk-evolving environments.

A Process for Managing Risks in Distributed Teams

Posted by John Stouby Persson and Lars Mathiassen on  May 10, 2011

In this IEEE article, John Stouby Persson and Lars Mathiassen discuss a process for managing risks associated in managing the distributed software projects. 2

Threat Modeling Express

Posted by Sahba Kazerooni and Rohit Sethi on  May 09, 2011

In this article, Rohit Sethi and Sahba Kazerooni discuss an agile threat modeling approach called "Threat Modeling Express" that can be used to collaboratively define threats and countermeasures. 3

Cloud Computing Roundtable

Posted by Ivan Arce and Anup Ghosh on  Apr 11, 2011

In this IEEE panel discussion article, guest editors Ivan Arce and Anup Ghosh facilitated the discussion on cloud computing security risks.

General Feedback
Bugs
Advertising
Editorial
InfoQ.com and all content copyright © 2006-2014 C4Media Inc. InfoQ.com hosted at Contegix, the best ISP we've ever worked with.
Privacy policy
BT