APPLYING U.S. MILITARY CYBERSECURITY POLICIES TO CLOUD ARCHITECTURES
Atadika, Michael K.
Burke, Karen L.
Rowe, Neil C.
MetadataShow full item record
The Department of Defense (DoD) has accelerated its adoption of cloud technologies, which come with inherent risks. This thesis investigated four important cybersecurity issues that the DoD must address: customer misconfigurations, data leaks, complications in security controls, and necessary changes to digital forensic incident-response tactics. We examined current U.S. policy documents and found a number of issues that need to be clarified for contracting with cloud service providers. Human misunderstandings largely drive cloud misconfigurations, which eventually become cloud data spills that require a digital forensic incident-response. To prevent misconfigurations, it is essential that DoD staff receive continual in-depth cloud training and that the DoD redefines the roles for virtualized cloud architectures. Fortunately, the selection of the cloud service model can highlight which cloud layers the DoD is responsible for, and therefore which security controls to implement. Federal cloud computing policy, DoD FedRAMP+, specifies the security controls needed based on the sensitivity of the data. However, once a cyber-incident is declared, digital forensics analysts confront a myriad of cloud-specific technological, legal, and boundary challenges. The security vulnerabilities must be considered during a transformational migration from on-premises architectures to cloud technologies. This thesis offers recommendations to address these vexing cybersecurity issues.
RightsCopyright is reserved by the copyright owner.
Showing items related by title, author, creator and subject.
Naval Postgraduate School Center for Homeland Defense and Security (CHDS) (Monterey, California. Naval Postgraduate SchoolCenter for Homeland Defense and Security, 2006-10);October 2006. Welcome to Volume 2, Issue Three of Homeland Security Affairs. This issue is dedicated to the memory of Lacy Suiter. I believe Lacy would be embarrassed by the idea of dedicating an issue of anything to him. ...
Naval Postgraduate School Center for Homeland Defense and Security (CHDS) (Monterey, California. Naval Postgraduate SchoolCenter for Homeland Defense and Security, 2007-09);September 2007. Six years after the attacks of 9/11, the practice and discipline of homeland defense and security have evolved and matured, moving into an era of self-evaluation. The essays and articles in Volume III, Issue ...
Naval Postgraduate School Center for Homeland Defense and Security (CHDS) (Monterey, California. Naval Postgraduate SchoolCenter for Homeland Defense and Security, 2006-07);July 2006. The July 2006 issue of Homeland Security Affairs offers articles about risk perception, domestic right wing extremist groups, social network analysis, and the impact of foreign policy on homeland security. It ...