原文传递
Applying U.S. Military Cybersecurity Policies to Cloud Architectures.
| 题名: | Applying U.S. Military Cybersecurity Policies to Cloud Architectures. |
| 作者: | Atadika, M. K. |
| 关键词: | Cybersecurity, Department of defense, Cloud computing, Information security, Denial of service attack, Risk analysis, Computer network security, Operating systems, Computational forensics, Authentication, Computer programs, Incident response, Misconfigurations, Cloud service providers, Dod cyber incident handling, Cloud executive steering group, Cesg, Cloud spillage, Data leaks, Dfir, Incident-response tactics, Cloud computing security requirements guide |
| 摘要: | The Department of Defense (DoD) has accelerated its adoption of cloud technologies, which come with inherent risks. This thesis investigated four important cybersecurity issues that the DoD must address: customer misconfigurations, data leaks, complications in security controls, and necessary changes to digital forensic incident-response tactics. We examined current U.S. policy documents and found a number of issues that need to be clarified for contracting with cloud service providers. Human misunderstandings largely drive cloud misconfigurations, which eventually become cloud data spills that require a digital forensic incident-response. To prevent misconfigurations, it is essential that DoD staff receive continual in-depth cloud training and that the DoD redefines the roles for virtualized cloud architectures. Fortunately, the selection of the cloud service model can highlight which cloud layers the DoD is responsible for, and therefore which security controls to implement. Federal cloud computing policy, DoD FedRAMP+, specifies the security controls needed based on the sensitivity of the data. However, once a cyber-incident is declared, digital forensics analysts confront a myriad of cloud-specific technological, legal, and boundary challenges. The security vulnerabilities must be considered during a transformational migration from on-premises architectures to cloud technologies. This thesis offers recommendations to address these vexing cybersecurity issues. |
| 报告类型: | 科技报告 |
相关文献
- HADL: HUMS Architectural Description Language.
- Hadl: HUMS Architectural Description Language
- HD Diesel Hybrid Truck Powertrain Study.
- Role of the U.S. Government in the Cybersecurity of Private Entities.
- A VARIABLE STABILITY TEST VEHICLE FOR ITS APPLICATIONS.
- EMERGENCY VEHICLE EARLY WARNING SYSTEM TO BE TESTED IN MONROVIA.
检索历史
应用推荐
