hakin9_2011_05_41.pdf

(5861 KB) Pobierz
675328076 UNPDF
675328076.009.png
675328076.010.png
675328076.011.png
PRACTICAL PROTECTION IT SECURITY MAGAZINE
05/2011 (41)
team
Dear Readers,
The internet does not belong to one country or region.
Therefore, international collaboration is a key area of focus
and we need to continue to work with partners around the
globe in support of our cybersecurity goals.(Howard A.
Schmidt). And that’s exactly why we devoted this issue to
cloud computing security. Because of the growing popularity
of cloud computing solutions and its future development,
the risks associated to working with cloud are also growing.
In this issue you will find several articles on cloud that
deserve your attention: An Analysis of the Cloud Security
Threat by Julian Evans, Cloud Computing Legal Framework
and Privacy by Rebecca Wynn and Cloud Security: Is the
Sky Falling Already? by Gary S. Miliefsky. I strongly advise
you to read them and I am sure you will find lots of useful
information there. We have also included some experts views
in the topic of cloud for those of you who are looking for more
enterprise oriented content.
Editor in Chief: Karolina Lesińska
karolina.lesinska@hakin9.org
Editorial Advisory Board: Matt Jonkman, Rebecca Wynn,
Steve Lape, Shyaam Sundhar, Donald Iverson, Michael Munt
DTP: Ireneusz Pogroszewski
Art Director: Ireneusz Pogroszewski
ireneusz.pogroszewski@software.com.pl
Proofreaders: Justin Farmer, Michael Munt
Top Betatesters: Rebecca Wynn, Bob Folden, Shayne Cardwell,
Simon Carollo, Graham Hili.
Special Thanks to the Beta testers and Proofreaders who helped
us with this issue. Without their assistance there would not be a
Hakin9 magazine.
Also, I would like you to meet Patrycja who will be the new
editor of Hakin9. You will find her contact details on our
website.
Senior Consultant/Publisher: Paweł Marciniak
CEO: Ewa Dudzic
ewa.dudzic@software.com.pl
Enjoy your reading
Karolina Lesińska
Editor-in-Chief
Production Director: Andrzej Kuca
andrzej.kuca@hakin9.org
Marketing Director: Karolina Lesińska
karolina.lesinska@hakin9.org
REGULARS
Subscription: Iwona Brzezik
Email: iwona.brzezik@software.com.pl
6 in Brief
Latest News From the IT Security World
Armando Romeo, eLearnSecurity
ID Theft Protect
Publisher: Software Press Sp. z o.o. SK
02-682 Warszawa, ul. Bokserska 1
Phone: 1 917 338 3631
www.hakin9.org/en
Whilst every effort has been made to ensure the high quality of
the magazine, the editors make no warranty, express or implied,
concerning the results of content usage.
All trade marks presented in the magazine were used only for
informative purposes.
8 Tools
A Beginners Guide to Ethical Hacking
by Shyaam Sundhar
All rights to trade marks presented in the magazine are
reserved by the companies which own them.
To create graphs and diagrams we used program
by
Coranti
by Michael Munt
44 ID fraud expert says...
An Analysis of the Cloud Security Threat
by Julian Evans
The editors use automatic system
Mathematical formulas created by Design Science MathType™
DISCLAIMER!
The techniques described in our articles may only
be used in private, local networks. The editors
hold no responsibility for misuse of the presented
techniques or consequent data loss.
50 Experts on Cloud
Antivirus in the Cloud: fad or future?
by Malcolm Tuck
Cloud Computing Standards: The Great Debate
by Justin Pirie
Cloud Security: Whose responsibility is it anyway?
by Rik Ferguson
4
05/2011
4
675328076.012.png 675328076.001.png 675328076.002.png 675328076.003.png 675328076.004.png 675328076.005.png 675328076.006.png
 
CONTENTS
ATTACK
10 IPv6 Secure Transition Network Architecture
by Michel Barbeau
can’t handle the large number of addresses created by that growth. The
long term solution has been the replacement of IPv4 by Internet Protocol
version 6 (IPv6), which has the capability to handle an astronomically
large address space. Because of the difficulty to switch from one Internet
protocol to another, IPv6 deployment has been marginal and several less
drastic solutions have been used to expand the address space of IPv4.
24 On Cyber Investigations – Case Study:
A Targeted E-banking Fraud Part 1
by Alisa Shevchenko
article presents a brief journey into the industry of cyber crime and the
methodology of cyber investigation, disclosed through a real world case
study. The author’s main objective is to highlight the general approach
and the particular techniques of a cyber investigation process. The
criminal case in question demonstrates a typical systematic approach to
massive targeted e-money fraud. Due to this reason the article will also
serve educational purposes to the professionals involved in cyber crime
research and investigations.
DEFENSE
30 Cloud Computing Legal Framework and Privacy
by Rebecca Wynn
you started to use AOL Webmail, MSN Hotmail, Yahoo, or Gmail you have
been using Cloud Computing. If you use Facebook, Twitter, online data
storage, Google Apps, many photo sites, etc. then you are using Cloud
Computing. Simply stated Cloud Computing is using others’ computer
systems, hardware, and software to do things on your system. The data is
yours but others take care of the server(s) and application(s).
40 Cloud Security: Is the Sky Falling Already?
by Gary S. Miliefsky
they have realized that there may not be a silver lining with their public or
private cloud. Just take a look at the competitive nature of streaming video
on demand, offered by NetFlix through the Cloud or Amazon or large cable TV
operators like Comcast and others. Some of these vendors seem to be sending
out TCP resets on their end-user customers to kill the smooth streaming of a
video, over their internet service, because it comes from another video service
provider. I’m sure there will be law suits flying soon, when users get upset
about their movies hanging, restarting or playing at a lower quality than they
expect. So there’s already a battle taking place in the Cloud.
www.hakin9.org/en
55
675328076.007.png 675328076.008.png
 

Plik z chomika:

Inne pliki z tego folderu:

Inne foldery tego chomika:

Zgłoś jeśli naruszono regulamin