BT

Facilitating the Spread of Knowledge and Innovation in Professional Software Development

Write for InfoQ
News Articles Presentations Podcasts Guides

Topics

Choose your language

QCon San Francisco - image
QCon San Francisco

Level up your software skills by uncovering the emerging trends you should focus on. Register now.

 QCon London - image
QCon London

Discover emerging trends, insights, and real-world best practices in software development & tech leadership. Join now.

 QCon London - image
InfoQ Dev Summit Boston

Learn how senior software developers are solving the challenges you face. Register now with early bird tickets.

 The Software Architects Newsletter - image
The Software Architects' Newsletter

Your monthly guide to all the topics, technologies and techniques that every professional needs to know about. Subscribe for free.

InfoQ Homepage Cloud Security Content on InfoQ

Articles

RSS Feed
Newer Older

  • A Distributed Access Control Architecture for Cloud Computing

    Cloud computing’s multitenancy and virtualization features pose unique security and access control challenges. In this article, authors discuss a distributed architecture based on the principles from security management and software engineering to address cloud computing’s security challenges.

    Muhammad I. Sarfraz Abdulrahman A. Almutairi Walid G. Aref Arif Ghafoor Saleh Basalamah
    on Jun 12, 2012

  • Managing Security Requirements in Agile Projects

    Managing security requirements from early phases of software development is critical. Most security requirements fall under the scope of Non-Functional Requirements (NFRs). In this article, author Rohit Sethi discusses how to map NFRs to feature-driven user stories and also how to make security requirements more visible to the stakeholders.

    Rohit Sethi
    on Jun 04, 2012

  • Software Engineering Meets Services and Cloud Computing

    In this IEEE article, authors Stephen Yau and Ho An talk about application development using service-oriented architecture and cloud computing technologies. They also discuss application development challenges like security in a multi-tenant environment, quality-of-service monitoring, and mobile computing.

    Stephen S. Yau Ho G. An
    on Jan 04, 2012

  • Regulatory Compliant Cloud Computing: Rethinking web application architectures for the cloud

    Not all data is sensitive and hence an equal and balanced investment in securing all data categories is not justified. This article presents an architecture that leverages cloud-computing, cloud-storage and enterprise key-management Infrastructure(EKMI) to lower costs while complying to data-security regulations.

    Arshad Noor
    on Dec 16, 2011

  • Introduction to Cloud Security Architecture from a Cloud Consumer's Perspective

    Security concerns are the number one barrier to cloud services adoption. How do we evaluate a vendor's solution? What is an optimal security architecture? What are consumer versus provider responsibilities? What are industry standard patterns in this regard? This article answers some of these questions based on first hand experience dealing with large scale cloud adoption.

    Subra Kumaraswamy
    on Dec 07, 2011

  • Architecting a Cloud-Scale Identity Fabric

    In this IEEE article, author Eric Olden discusses an identity fabric that links multiple applications to a single identity to manage the volume of user identities that network administrators must secure and to enable a full-scale cloud adoption.

    Eric Olden
    on Jun 29, 2011

  • Cloud Computing Roundtable

    In this IEEE panel discussion article, guest editors Ivan Arce and Anup Ghosh facilitated the discussion on cloud computing security risks. The panelists are Eric Grosse (Google Security), John Howie (Microsoft), James Ransome (Cisco), Jim Reavis (Cloud Security Alliance) and Stephen Schmidt (Amazon Web Services).

    Anup Ghosh Ivan Arce
    on Apr 11, 2011

  • Wonderland Of SOA Governance

    Michael Poulin elaborates on the differences between of governance and management and tries to explore the 'wonderland' of governance in a service-oriented environment. He defines SOA Governance, explores the relationship between governance and enterprise architecture, and discusses accountability and ownership of governance efforts, and how practitioners can instrument SOA governance.

    Michael Poulin
    on Nov 11, 2009

  • Enhanced Detection of Malware

    This article, from Intel, discusses significant new threats to host agents, outlines a generic architecture for malware detection, based on enhanced cloud computing, describes how Intel platform technologies can be used to enhance computing solutions, and ends with a threat analysis of the approaches presented. Malware that masks its presence from traditional security agents is the article focus.

    and Yuriy Bulygin Carlos Rozas Divya Kolar Sunder Hormuzd Khosravi
    on Sep 30, 2009

  • Encrypting the Internet

    The authors, from Intel, offer a three pronged approach to providing secure transmission of high volume HTML traffic: new CPU instructions to accelerate cryptographic operations; a novel implementation of the RSA algorithm to accelerate public key encryption; and using SMT to balance web server and cryptographic operations. Their approach, they claim, leads to significant cost savings.

    Satyajit Grover Xiaozhu Kang Michael Kounavis andFrank Berry
    on Sep 22, 2009

  • The Dark Cloud: Understanding and Defending against Botnets and Stealthy Malware

    Botnets are the latest scourge to hit the Internet and this article defines a botnet (a collection of distributed computers or systems that has been taken over by rogue software), examines the botnet life cycle, and presents several promising anti-botnet defense strategies including canary detectors, white lists, and malware traces.

    Carl Livadas Eve Schooler Jaideep Chandrashekar Steve Orrin
    on Aug 04, 2009

  • Virtual Panel on Cloud Computing

    In this virtual panel, InfoQ wants to find out from leading cloud experts what are the benefits brought by cloud computing as well as the constraints in using them, what is better to use, a public or a private cloud, is the cloud interoperability needed, what is the difference between providing infrastructure or a platform, and how can a client enforce regulatory compliance.

    Abel Avram
    on May 19, 2009
Newer Articles
Older Articles
BT