Privacy, Identity, and Cloud Computing

Harry Katzan Jr.

ISBN 10: 145024629X ISBN 13: 9781450246293

Editore: iUniverse, 2010

Lingua: Inglese

Print on Demand

Condizione: Nuovo Brossura

Lista dei preferiti

Venduto da preigu, Osnabr�ck, Germania

Venditore AbeBooks dal 5 agosto 2024

Valutazione del venditore 5 su 5 stelle

Visualizza gli articoli del venditore

Mostra tutte le copie di questo libro

Nuovi - Brossura

Condizione: Nuovo

Prezzo:

EUR 21,05

Spedizione EUR 70,00
Spedito da Germania a U.S.A.

Quantit�: 5 disponibili

Aggiungere al carrello

Lista dei preferiti

Riguardo questo articolo

Codice articolo 119367160

Contatta il venditore

Segnala questo articolo

Dati bibliografici

Titolo

Privacy, Identity, and Cloud Computing

Editore

iUniverse

Data di pubblicazione

2010

Lingua

Inglese

ISBN 10

145024629X

ISBN 13

9781450246293

Rilegatura

Taschenbuch

Condizione

Neu

Dimensioni

Peso

315 grammi

Cataloghi dei venditori

B�cher

Descrizione articolo

Riassunto

Three important technology issues face professionals in today's business, education, and government world. In Privacy, Identity, and Cloud Computing, author and computer expert Dr. Harry Katzan Jr. addresses the subjects of privacy and identity as they relate to the new discipline of cloud computing, a model for providing on-demand access to computing service via the Internet. A compendium of eight far-reaching papers, Privacy, Identity, and Cloud Computing thoroughly dissects and discusses the following: • The privacy of cloud computing • Identity as a service • Identity analytics and belief structures • Compatibility relations in identity analysis • Conspectus of cloud computing • Cloud computing economics: Democratization and monetization of services • Ontological view of cloud computing • Privacy as a service Katzan provides not only a wealth of information, but gives exposure to these topics facing today's computer users. Ultimately, these are important facets of modern computing, and all their implications must be considered thoroughly in anticipation of future developments.

Estratto. � Ristampato con autorizzazione. Tutti i diritti riservati.

Privacy, Identity, and Cloud Computing

By Harry Katzan, Jr.

iUniverse, Inc.

Copyright � 2010 Harry Katzan, Jr.
All right reserved.
ISBN: 978-1-4502-4629-3

1. On the Privacy of Cloud Computing...........................................................152. Identity as a Service.......................................................................413. Identity Analytics and Belief Structures....................................................594. Compatibility Relations in Identity Analysis................................................715. Conspectus of Cloud Computing...............................................................856. Cloud Computing Economics: Democratization and Monetization of Services.....................997. Ontological View of Cloud Computing.........................................................1218. Privacy as a Service........................................................................1339. Liberty, Freedom, and Rights................................................................18110. Principles of Data Regulation..............................................................191

Chapter One

On the Privacy of Cloud Computing

INTRODUCTION

It seems as though most computer users would like privacy and information security while having convenient access to interlinked computing services both on-premises and in the cloud. In this instance, the cloud is a metaphor for the Internet, which can be used as the delivery vehicle for computing services and the storage of information. Advocates of cloud computing are faced with two major problems, that is, in addition to the usual problem of transferring one's resources from one operational environment to another. The first of the major problems is the ongoing feeling that we are experiencing the "dj vu all over again" syndrome. Many of us have gone through an avalanche of new technological advances intended as solutions to our administrative and operational problems - at least, the ones involving management and information systems. Some of the technical innovations we have experienced include scalable main-frame computers, advanced operating systems, time sharing, client/server, online systems, mini computers, personal computers, artificial intelligence, hand-held computers, the Internet and the World Wide Web, mobile computers, social networking, and by the time this paper is published, there will no doubt be several more entries to add to the list. So one has reason to be skeptical of someone writing that cloud computing is worthy of serious attention. Of course, we think it is, for obvious reasons.

The second major issue is privacy, and it stems from the fact that with cloud computing, data and programs are stored off-premises and managed by a service provider. When a third party gets a hold of your data, who knows what is going to happen to it. Many proponents of cloud computing conveniently characterize it as analogous to the electric utility. The basic idea is that the private generators of the twentieth century were replaced by the electricity grids of today without undue concern. It is easy to imagine, however, that the measurement of electricity usage would have been of concern to some people in the early 1900s. Although similar in some respects, cloud computing is different in one important way. The cloud will typically handle information, which is the basic unit of exchange, about which security and privacy are of paramount concern. With electricity, there is no interest in individual electrons. With information, the key issues are identity, security, and privacy. The side issues are one's inherent identity attributes (such as age, gender, and race), accountability (for online computing activities), and anonymity (in order to preserve free speech and other forms of behavior for the parties involved). The main consideration may turn out to be a matter of control, because from an organizational perspective, control over information has historically been with the organization that creates or maintains it. From a personal perspective, on the other hand, a person should have the wherewithal to control their identity and the release of information about themselves, and in the latter case, a precise determination of to whom it is released and for what reason.. Who owns the data? Is it the person about whom the data pertains? Is it the organization that prototypically manages the data? Or, is it the cloud provider that physically stores the data somewhere out in cyberspace? Consider your financial information. Is it your property or is it your bank's business property? We will try to provide a perspective on this important issue in the following sections. Privacy issues are not fundamentally caused by cloud computing, but they are exacerbated by employing the technology for economic benefit. To put it as diplomatically as possible, if a business employs cloud computing to save money on its IT bill, should it be allowed to do so at the "privacy" expense of its customers?

CLOUD COMPUTING CONCEPTS

Cloud computing is an architectural model for deploying and accessing computer facilities via the Internet. A cloud service provider would supply ubiquitous access through a web browser to software services executed in a cloud data center. The software would satisfy consumer and business needs. Because software availability plays a major role in cloud computing, the subject is often referred to as software-as-a-service (SaaS). Conceptually, there is nothing particularly special about a cloud data center, because it is a conventional web site that provides computing and storage facilities. The definitive aspect of a cloud data center is the level of sophistication of hardware and software needed to scale up to service a large number of customers. Cloud computing is a form of service provisioning where the service provider supplies the network access, security, application software, processing capability, and data storage from a data center and operates that center as a utility in order to supply on-demand self service, broad network access, resource pooling, rapid application acquisition, and measured service. The notion of measured service represents a "pay for what you use" metered model applied to differing forms of customer service.

Cloud Service Characteristics

The operational environment for cloud computing supports three categories of informational resources for achieving agility, availability, collaboration, and elasticity in the deployment and use of cloud services that include software, information, and cloud infrastructure. The software category includes system software, application software, infrastructure software, and accessibility software. The information category refers to large collections of data and the requisite database and management facilities needed for efficient and secure storage utilization. The category of cloud infrastructure is comprised of computer resources, network facilities, and the fabric for scalable consumer operations. We are going to adopt a description of a cloud framework that necessarily includes three forms of description: terminology, architectural requirements, and a reference model. The description generally adheres to the National Institute of Standards and Technology (NIST) cloud-computing paradigm. (Mell 2009b, Brunette 2009)

Agility generally refers to the ability to respond in a timely manner to market and product changes through business alignment, which is achieved by decreasing the lead time to deploy a new application by reducing or eliminating the effect of training, hardware acquisition, and software acquirement. Thus, the IT department is able to respond more quickly to business needs. Availability concerns two aspects of computer utilization: the time that the facilities are available for use and the scope of the resources that are available. Cloud computing facilitates collaboration through network access, provided that the software tools for end user cooperation are available. Elasticity is the characteristic of cloud services that permits computing and storage capability to be scaled up to meet demands on an on-demand basis through resource pooling.

Based on this brief assessment, we can characterize cloud computing as possessing the following characteristics: (Nelson 2009)

On-demand self service Broad network access Resource pooling Rapid elasticity Measured service

The benefit of having lower costs and a less complex operating environment is particularly attractive to small-to-medium-sized enterprises, certain governmental agencies, research organizations, and many countries.

Cloud Computing Utilization

There are four main actors - so to speak - in cloud computing: the cloud service provider, the software service provider, the customer, and the user. Each of the actors represents centers of computer-related activity that can overlap to some degree. The cloud service provider (CSP) owns the infrastructure, hardware, software, and network facilities needed to supply cloud computing services managed by a cloud operating system. The CSP performs a function known as hosting that can be used to run computer programs, referred to as applications. This facility, known in some circles, as a cloud platform (CP), can be regarded as an application service that runs in the cloud. More specifically, a cloud platform provides services to applications in the same manner that "software as a service" programs provide services to clients using the cloud as a transport medium. A cloud platform is as much about operating in the cloud, as it is about developing applications for the cloud. A software service provider develops applications that are used by customers to obtain computing services. The SSP can be an independent software vendor (ISV) or an organization that develops a software package that uses the CP as a delivery vehicle for computing and provides application services to customers. ISV software can be used by many customers in the usual fashion for software deployment. When it is shared during operation to achieve economy-of-scale, it is regarded as a multi-tenant model, wherein each customer is one of the tenants. The customer (C) is typically an enterprise that is comprised of several employees that use the application and are regarded as users. The user (U) is probably going to be a person that uses the cloud computing service via a web browser in one of the following capacities: as an employee of an organization that is contracted to use SaaS provided by an ISV or acquired independently to run in the cloud on a cloud platform; or as a user of third-party SaaS developed by an ISV or the CSP. The four relevant scenarios are summarized by the following schema:

CSP - CP - ISV - C - U CSP - CP - ISV - U CSP - CP - C - U CSP - CP - U

For example, you will be using scenario CSP - CP - ISV - C - U if your company has acquired an operational package from a software vendor and is hosting that software in the cloud. Similarly, you will be using scenario CSP - CP - U if you are using an office package provided by a CSP and accessed via your browser. This form of conceptualization is important from a privacy point-of-view, because each exchange between modules represents a touch point for privacy concerns.

Cloud Platform

A cloud platform provides the facility for an application developer to create applications that run in the cloud or use cloud platform services that are available from the cloud. Chappell lists three kinds of cloud services: SaaS user services, on-premises application development services (attached services), and cloud application development services. (Chappell 2009) An SaaS application runs entirely in the cloud and is accessible through the Internet from an on-premises browser. Attached services provide functionality through the cloud to support service-oriented architecture (SOA) type component development that runs on-premises. Cloud application development services support the development of applications that typically interact while running in the cloud and on-premises.

A cloud platform can be conceptualized as being comprised of three complementary groups of services: foundations, infrastructure services, and application services. The foundation refers to the operating system, storage system, file system, and database system. Infrastructure services include authorization/authentication/security facilities, integration between infrastructure and application services, and online storage facilities. Application services refer to ordinary business services that expose "functional" services as SOA components. Cloud platforms are a lot like enterprise-level platforms, except that they are designed to scale up to support Internet-level operations.

CLOUD ARCHITECTURE

Cloud architecture is a collection of three categories of information resources for the deployment and use of cloud services that include software, information, and cloud infrastructure. (Katzan 2009) The software category includes system software, application software, infrastructure software, and accessibility software. The information category refers to large collections of data and the requisite database and management facilities needed for efficient and secure storage utilization. The category of cloud infrastructure includes compute resources, network facilities, and the fabric for scalable consumer operations. We are going to adopt an ontological formulation to the description of a cloud framework that necessarily includes three classes of information: terminology, architectural requirements, and a reference model. The description generally adheres to the National Institute of Standards and Technology (NIST) cloud-computing paradigm. (Mel op cit)

Service Models

The cloud service models give a view of what a cloud service is. It is a statement of being. A cloud service system is a set of elements that facilitate the development of cloud applications. (Youseff 2009) Here is a description of the three layers in the NIST service model description: (Mel op cit.)

Cloud Software as a Service (SaaS). The capability provided to the consumer is to use the provider's applications running on a cloud infrastructure. The applications are accessible from various client devices through a thin client interface such as a web browser (e.g., web-based email). The consumer does not manage or control the underlying cloud infrastructure including network, servers, operating systems, storage, or even individual application capabilities, with the possible exception of limited user-specific application configuration settings.

Cloud Platform as a Service (PaaS). The capability provided to the consumer is to deploy onto the cloud infrastructure consumer-created or acquired applications created using programming languages and tools supported by the provider. The consumer does not manage or control the underlying cloud infrastructure including network, servers, operating systems, or storage, but has control over the deployed applications and possibly application hosting environment configurations.

Cloud Infrastructure as a Service (IaaS). The capability provided to the consumer is to provision processing, storage, networks, and other fundamental computing resources where the consumer is able to deploy and run arbitrary software, which can include operating systems and applications. The consumer does not manage or control the underlying cloud infrastructure but has control over operating systems, storage, deployed applications, and possibly limited control of select networking components (e.g., host firewalls).

The three service model elements should be deployed in a cloud environment with the essential characteristics in order to achieve a cloud status.

Service Deployment Models

The essential elements of a cloud service system are given above. In order to develop enterprise-wide applications, a domain ontological viewpoint has to be assumed with deployment models from the following list: (Mel op cit.)

Private cloud. The cloud infrastructure is operated solely for an organization. It may be managed by the organization or a third party and may exist on premise or off premise.

Community cloud. The cloud infrastructure is shared by several organizations and supports a specific community that has shared concerns (e.g., mission, security requirements, policy, and compliance considerations). It may be managed by the organizations or a third party and may exist on-premises or off-premises.

Public cloud. The cloud infrastructure is made available to the general public or a large industry group and is owned by an organization selling cloud services.

Hybrid cloud. The cloud infrastructure is a composition of two or more clouds (private, community, or public) that remain unique entities but are bound together by standardized or proprietary technology that enables data and application portability (e.g., cloud bursting for load-balancing between clouds).

Most cloud software service application domains will be synthesized from a combination of the deployment models.

(Continues...)

Excerpted from Privacy, Identity, and Cloud Computingby Harry Katzan, Jr. Copyright � 2010 by Harry Katzan, Jr.. Excerpted by permission.
All rights reserved. No part of this excerpt may be reproduced or reprinted without permission in writing from the publisher.
Excerpts are provided by Dial-A-Book Inc. solely for the personal use of visitors to this web site.

Le informazioni nella sezione "Su questo libro" possono far riferimento a edizioni diverse di questo titolo.

Descrizione libreria

preigu betreibt einen Onlineversandhandel mit �ber 1 Mio. Produkten in verschiedenen Sortimenten. Das Kernsortiment besteht aus B�chern, Medien und Spielwaren. Ein gelungenes Einkaufserlebnis ist das Ziel einer jeden Bestellung bei preigu, denn der Kunde und seine Zufriedenheit stehen an erster Stelle. preigu setzt daher auf einen kompetenten Kundenservice, funktionierende Prozesse und schnelle Reaktion.

Visita la pagina della libreria

Informazioni sull?azienda del venditore

preigu GmbH & Co. KG
Lengericher Landstra�e 19, Osnabr�ck, 49078, Germany

Condizioni di vendita e spedizione

Condizioni di vendita

Standard Business Terms and customer information

I. Standard business terms

� 1 Basic provisions

(1) The following terms and conditions of business apply for all contracts concluded with us as the supplier (preigu GmbH & Co. KG) via the websites AbeBooks and/or ZVAB. Unless otherwise agreed, the inclusion of your own terms and conditions is explicitly rejected.

(2) A ?consumer' in the sense of the following regulations is every natural person who concludes a legal transaction which, to an overwh...

Ulteriori informazioni

Diritto di recesso

Instructions for revocation

Right of withdrawal for the sale of goods

Revocation right for consumers
(A ‘consumer' is any natural person who concludes a legal transaction which, to an overwhelming extent, cannot be attributed to either his commercial or independent professional activities.)

Instructions for revocation

Revocation right
You have the right to revoke this contract within 14 days without specifying any reasons.
The revocation period is 14 days with effect from the day,

on which you or a third party nominated by you, which is not the carrier, had taken possession of the products, provided you had ordered one or more products within the scope of a standard order and this/these product/products is/are delivered uniformly;
on which you or a third party nominated by you, which is not the carrier, had taken possession of the last product, provided you had ordered several products within the scope of a standard order and these products are delivered separately;
on which you or a third party nominated by you, which is not the carrier, had taken possession of the last part delivery or the last unit, provided you had ordered a product, which is delivered in several part deliveries or units;

To exercise your right of withdrawal, you must inform us (preigu GmbH & Co. KG, Lengericher Landstr. 19, 49078 Osnabr�ck, Telephone number: +49 (0) 541 / 580 72 84, E-Mail address: mail@preigu.de) by means of a clear declaration (e.g. a letter sent by post, or an e-mail) of your decision to withdraw from this contract. You can use the attached model withdrawal form for this purpose, which is, however, not mandatory.

You can also exercise your right of withdrawal online by clicking on a button labelled accordingly (such as ‘Withdraw from contract' or similar) on the AbeBooks/ZVAB website. If you use this online function, you will immediately receive a confirmation of receipt on a durable medium (e.g. via email) containing information on the content of the withdrawal notice, as well as the date and time of its receipt.

In order to safeguard the revocation period, it is sufficient that you send the notification about the exercise of the revocation right before the expiry of the revocation period.

Consequences of the revocation

If you revoke this contract, we shall repay all the payments, which we received from you, including the delivery costs (with the exception of additional costs, which arise from that fact that you selected a form of delivery other than the most reasonable standard delivery offered by us), immediately and at the latest within 14 days from the day on which we received the notification about the revocation of this contract from you. We use the same means of payment, which you had originally used during the original transaction, for this repayment unless expressly agreed otherwise with you; you will not be charged any fees owing to this repayment.

We can refuse the repayment until the products are returned to us or until you have furnished evidence that you have sent the products back to us, depending on whichever is earlier.

You must return or transfer the products to us immediately and, in any case, at the latest within 14 days with effect from the day on which you inform us of the revocation of this contract. The deadline is maintained if you send the products before the expiry of the 14 day deadline.

You bear the direct costs for returning the products.

You must pay for any depreciation of the products only if this depreciation can be attributed to any handling with you that was not necessary for checking the condition, features and functionality of the products.

Criteria for exclusion or expiry

The revocation right is not available for contracts

for delivery of products, which are not prefabricated and for whose manufacturing an individual selection or stipulation by the consumer is important or which are clearly tailored to the personal requirements of the consumer;
for delivery of products, which can spoil quickly or whose use-by date would be exceeded quickly;
for delivery of alcoholic drinks, whose price was agreed at the time of concluding the contract, which however can be delivered 30 days after the conclusion of the contract at the earliest and whose current value depends on the fluctuations in the market, on which the entrepreneur has no influence;
for delivery of newspapers, periodicals or magazines with the exception of subscription contracts. The revocation right expires prematurely in case of contracts
for delivery of sealed products, which are not suitable for return for reasons of health protection or hygiene if their seal has been removed after the delivery;
for delivery of products if they have been mixed inseparably with other goods after the delivery, owing to their condition;
for delivery of sound or video recording or computer software in a sealed package if the seal has been removed after the delivery.

Specimen - revocation form

(If you wish to revoke the contract, please fill up this form and send it back to us.)

To preigu GmbH & Co. KG, Lengericher Landstr. 19, 49078 Osnabr�ck, Email address: mail@preigu.de :
I/we () herewith revoke the contract concluded by me/ us () regarding the purchase of the following products ()/
the provision of the following service ()
Ordered on ()/ received on ()
Name of the consumer(s)
Address of the consumer(s)
Signature of the consumer(s) (only in case of a notification on paper)
Date

(*) Cross out the incorrect option.

Condizioni di spedizione

Tariffe di spedizione da Germania a U.S.A.

Tariffe di spedizione da Germania a U.S.A.
Quantit� dell?ordine	Da 60 a 60 giorni lavorativi	Da 60 a 60 giorni lavorativi
Primo articolo	EUR 70.00	EUR 70.00

I tempi di consegna sono stabiliti dai venditori e variano in base al corriere e al paese. Gli ordini che devono attraversare una dogana possono subire ritardi e spetta agli acquirenti pagare eventuali tariffe o dazi associati. I venditori possono contattarti in merito ad addebiti aggiuntivi dovuti a eventuali maggiorazioni dei costi di spedizione dei tuoi articoli.

Informazioni dettagliate sul venditore