CONFERENCE PROCEEDINGS
Advanced Search
Home > Proceedings > Volume 11011 > Article
Presentation + Paper
17 May 2019 Security in the Cloud: understanding your responsibility
Kelly W. Bennett, James Robertson
Author Affiliations +
Proceedings Volume 11011, Cyber Sensing 2019; 1101106 (2019) https://doi.org/10.1117/12.2521821
Event: SPIE Defense + Commercial Sensing, 2019, Baltimore, MD, United States
Abstract
The popularity of public cloud services continues to grow with Gartner predicting the total worldwide revenue to almost double from $145 billion in 2017 to $278 billion in 20211 . Many cloud service types are components of this growth including Software-as-a-Service (SAAS), Platform-as-a-Service (PAAS) and Infrastructure-as-a-Service (IAAS). The use of cloud services brings many possible benefits such as scalability, high performance and availability, flexibility, cost effectiveness and security 2 . However; each of these benefits comes with some responsibilities and requires a detailed knowledge of the specific cloud services used. For example, in Amazon Web Services (AWS) shared responsibility model for security, AWS is responsible for securing the facilities, physical security of hardware, network infrastructure, and the virtualization infrastructure. The cloud service customer is responsible for securing and managing the applications that run in the cloud, the operating systems, data-at-rest, data-in-transit, policies and other responsibilities. This paper works through several different use cases and provides the details for properly securing the services with which Army Research Laboratory (ARL) researchers interact. The use cases include sample configurations and descriptions required to fulfill the customer security responsibilities in a public cloud environment. Cloud services used include AWS Elastic Computer Cloud (EC2) Windows and Linux instances, Relational Database Services (RDS), Simple Cloud Storage Service (S3), Glacier S3 Storage, and DynamoDB. Challenges and approaches associated with delegating temporary security credentials, Identity and Access Management (IAM) service, and securing data-at-rest and data-in-transit will also be discussed.
Conference Presentation
© (2019) COPYRIGHT Society of Photo-Optical Instrumentation Engineers (SPIE). Downloading of the abstract is permitted for personal use only.
Citation Download Citation
Kelly W. Bennett and James Robertson "Security in the Cloud: understanding your responsibility", Proc. SPIE 11011, Cyber Sensing 2019, 1101106 (17 May 2019); https://doi.org/10.1117/12.2521821
ACCESS THE FULL ARTICLE
ORGANIZATIONAL
Sign in with credentials provided by your organization.
INSTITUTIONAL
Select your institution to access the SPIE Digital Library.
SELECT YOUR INSTITUTION
PERSONAL
Sign in with your SPIE account to access your personal subscriptions or to use specific features such as save to my library, sign up for alerts, save searches, etc.
PERSONAL SIGN IN
No SPIE Account? Create one
PURCHASE THIS CONTENT
SUBSCRIBE TO DIGITAL LIBRARY
50 downloads per 1-year subscription
Members: $195
Non-members: $335 ADD TO CART
25 downloads per 1 - year subscription
Members: $145
Non-members: $250 ADD TO CART
PURCHASE SINGLE ARTICLE
Includes PDF, HTML & Video, when available
Members: $17.00
Non-members: $21.00 ADD TO CART
PROCEEDINGS
 18 PAGES + PRESENTATION
DOWNLOAD PAPER SAVE TO MY LIBRARY
WATCH
PRESENTATION
GET CITATION
Lens.org Logo
CITATIONS
Cited by 1 scholarly publication.
Advertisement
Advertisement
RIGHTS & PERMISSIONS
Get copyright permission  Get copyright permission on Copyright Marketplace
KEYWORDS
Clouds
Computer security
Databases
Network security
Operating systems
Analytical research
Information security
RELATED CONTENT
Subscribe to Digital Library
Receive Erratum Email Alert
Back to Top