BT

Facilitating the Spread of Knowledge and Innovation in Professional Software Development

Write for InfoQ
News Articles Presentations Podcasts Guides

Topics

Choose your language

InfoQ Dev Summit Boston

Discover transformative insights to level up your software development decisions. Use code LIMITEDOFFERIDSBOSTON24 for an exclusive offer.
InfoQ Dev Summit Munich

Get practical advice from senior developers to navigate your current dev challenges. Use code LIMITEDOFFERIDSMUNICH24 for an exclusive offer.
QCon San Francisco

Level up your software skills by uncovering the emerging trends you should focus on. Register now.
The Software Architects' Newsletter

Your monthly guide to all the topics, technologies and techniques that every professional needs to know about. Subscribe for free.

InfoQ Homepage Cloud Security Content on InfoQ

Articles

RSS Feed
Newer Older
  • DevOps

    Respect Your Organisational Monoliths

    There is a lot of information about DevOps, the technology, the culture, the behaviour. There is not a lot of information about tackling DevOps in large enterprises and there is certainly very little about tackling DevOps in large financial organisations. This article presents lessons learnt rolling out DevOps in a large insurance organisation.

    Margo Cronin
    on Aug 18, 2016
  • Culture & Methods

    Towards an Agile Software Architecture

    Boyan Mihaylov covers his experience when working with both traditional waterfall software architectures and agile ones. He depicts the similarities and differences between these with a focus on three areas: the specifics of the software architect role, the timespan of the software architecture, and the output of the software architecture.

    Boyan Mihaylov
    on Dec 28, 2015

  • Hologram - Finally, AWS Key Distribution that Makes Sense

    Faced with the lack of solutions for secure distribution of AWS access keys to developers, AdRoll decided to build their own open source Hologram, a system that brings Amazon's Instance Profile mechanism to developer workstations. Adair details the process, tool design and main features.

    Arian Adair
    on Mar 31, 2015

  • Cloud Security Auditing: Challenges and Emerging Approaches

    Security audits are an important part of IT security programs. In this article, authors highlight the challenges in cloud computing business models, based on interviews with cloud security auditors. They talk about the challenges in the areas of transparency, encryption and colocation and domain-tailored audits as ideal solution in the new model.

    William Aiken Syed Rizvi John Kissell Jungwoo Ryoo
    on Mar 08, 2015

  • A Pragmatic Approach to Scaling Security in the Cloud

    Security. Cloud. Two words that are almost always together but rarely happily. Read on to learn why that isn’t the case and what you need to known about securing your critical infrastructure in the cloud.

    Mark Nunnikhoven
    on Jun 06, 2014

  • Securing Servers in the Cloud: An Interview With Trend Micro

    What’s the best way to protect servers in the cloud? How can you account for the transient nature of cloud servers and provide the same protection in the cloud as on on-premises? To find out, InfoQ spoke with Mark Nunnikhoven, a Principal Engineer in the Cloud & Emerging Technologies division at Trend Micro. You can find Mark on Twitter as @marknca.

    Richard Seroter
    on Nov 13, 2013

  • Automating Data Protection Across the Enterprise

    This article builds on the foundational Regulatory Compliant Cloud Computing (RC3) architecture for application security in the cloud by defining a Data Encryption Infrastructure(DEI) which is not application specific. DEI encompasses technology components and an application architecture that governs the protection of sensitive data within an enterprise.

    Arshad Noor
    on Feb 07, 2013

  • Don't SCIM over your Data Model

    This opinion piece discusses three specific suggestions for improving the SCIM data model: 1. Both the enterprise client and cloud provider should map their internal IDs to a shared External ID, which is the only ID exposed through the API. 2. Multi-valued attributes of a resource must be converted from an array into a dictionary with unique keys. 3. 3 ways to improve the PATCH command

    Ganesh Prasad
    on Aug 08, 2012

  • Standardizing the Cloud for Security

    Orlando Scott-Cowley discusses security in the cloud and the need for industry standards to lower the barriers to entry while ensuring that customer data is safe.

    Orlando Scott-Cowley
    on Jul 05, 2012

  • A Distributed Access Control Architecture for Cloud Computing

    Cloud computing’s multitenancy and virtualization features pose unique security and access control challenges. In this article, authors discuss a distributed architecture based on the principles from security management and software engineering to address cloud computing’s security challenges.

    Muhammad I. Sarfraz Saleh Basalamah Arif Ghafoor Walid G. Aref Abdulrahman A. Almutairi
    on Jun 12, 2012

  • Managing Security Requirements in Agile Projects

    Managing security requirements from early phases of software development is critical. Most security requirements fall under the scope of Non-Functional Requirements (NFRs). In this article, author Rohit Sethi discusses how to map NFRs to feature-driven user stories and also how to make security requirements more visible to the stakeholders.

    Rohit Sethi
    on Jun 04, 2012

  • Software Engineering Meets Services and Cloud Computing

    In this IEEE article, authors Stephen Yau and Ho An talk about application development using service-oriented architecture and cloud computing technologies. They also discuss application development challenges like security in a multi-tenant environment, quality-of-service monitoring, and mobile computing.

    Ho G. An Stephen S. Yau
    on Jan 04, 2012
Newer Articles
Older Articles
BT