Skip to main content
SpringerLink
Log in

A Proposed Road Map for Cybersecurity in Cloud Computing at Portland State University

  • Chapter
  • First Online:
Planning and Roadmapping Technological Innovations

Part of the book series: Innovation, Technology, and Knowledge Management ((ITKM))

  • 2552 Accesses

Abstract

In 2011, Portland State University (PSU) transitioned its email and office applications suite to Google Apps. Google Apps for Education is a suite of Internet-cloud-based services provided by Google, which include email, calendar, document sharing, and access to these applications from Windows and Macintosh computers, as well as mobile devices (Google FAQ [Available Online] http://oit.pdx.edu/google-faq#4. Accessed 10 July 2012). PSU, like most higher education institutions, is now using cloud computing services for applications and data. As colleges and universities increase their business and academic use of cloud services, cybersecurity technologies and governance practices need to evolve. The current research proposes a technology road map for creating a more secure and stable computing environment for a higher education institution such as PSU.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 129.00
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 169.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info
Hardcover Book
USD 169.99
Price excludes VAT (USA)
  • Durable hardcover edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

  1. Effective Cyber security Practices for Higher Education [online]. net.educause.edu/ir/library/powerpoint/SER0539A.pps. Accessed 21 July 2012

  2. Wlasuk A. A higher education student database is an identity thief’s dream come true… [online]. http://www.securityweek.com/higher-education-perfect-security-storm. Accessed 21 July 2012

  3. Nigam H. 2011s cybercrime explosion and your 3 cyber security resolutions for 2012 [Online]. http://blogs.discovery.com/criminal_report/2012/01/2011s-cybercrime-explosion-and-your-3-cybersecurity-resolutions-for-2012.html#4. Accessed 15 July 2012

  4. Department of Homeland Security. Cyber security [Online]. http://www.dhs.gov/files/cybersecurity.shtm. Accessed 16 July 2012

  5. NIST Definition of Cloud Computing [Online]. http://csrc.nist.gov/groups/SNS/cloud-computing/index.html. Accessed 17 July 2012

  6. Garcia M, Bray O (1997) Fundamentals of technology road mapping. Strategic Business Development Department, Sandia National Laboratories, April 1997, pp 1–31

    Google Scholar 

  7. Phaal R, Farrukh CJP, Probert DR (2004) Technology roadmapping—a planning framework for evolution and revolution. Technol Forecast Soc Change 71(1):5–26

    Google Scholar 

  8. Crystalline Silicon Technology and Manufacturing (CTM) Group (2012) International Technology Roadmap for Photovoltaics (ITRPV) Results 2011. 3rd edn.

    Google Scholar 

  9. Fitzpatrick G, Wollman A (2010) NIST interoperability framework and action plans. Power and energy society general meeting, (IEEE 2010), MN, USA. 25–29 July 2010, pp 1–4

    Google Scholar 

  10. Daim T, Amer M, Brenden R (2012) Technology road mapping for wind energy: case of the Pacific Northwest. J Clean Prod 20:27–37

    Article  Google Scholar 

  11. Lee S, Park Y (2005) Customization of technology roadmaps according to road mapping purposes: overall process and detailed modules. Technol Forecast Soc Chang 72:567–583

    Article  Google Scholar 

  12. Rinne M (2004) Technology roadmaps: infrastructure for innovation. Technol Forecast Soc Change 71:67–80

    Article  Google Scholar 

  13. Rayport JF, Hayward A (2009) Envisioning the cloud: the next computing paradigm. In: Marketspace point of view. http://www.egov.vic.gov.au/trends-and-issues/information-and-communications-technology/cloud-computing/envisioning-the-cloud-the-next-computing-paradigm.html. Accessed 20 March 2009, pp 1–57

  14. Types of Cloud Computing [Online]. http://thecloudtutorial.com/cloudtypes.html. Accessed 20 July 2012

  15. Britto M (2012) Cloud computing in higher education [Online]. http://www.librarystudentjournal.org/index.php/lsj/article/view/289/321#microsoft2010. Accessed 23 July 2012

  16. DOD Cyberspace Glossary [Online]. http://www.pcmag.com/encyclopedia_term/0,1237,t=DOD+cyberspace+glossary&i=62535,00.asp. Accessed 14 July 2012

  17. Identity Theft Resource Center. 2012 data breach stats – known vs. unknown totals [Online]. http://www.idtheftcenter.org/artman2/uploads/1/ITRC_Breach_Stats_-_Known_vs_Unknown_Summary_1H_20120630.pdf. Accessed 16 July 2012

  18. Cloud Security Alliance (2010) Top threats to cloud security computing. https://cloudsecurityalliance.org/topthreats/csathreats.v1.0.pdf .v1.0, pp 1–14

  19. Bisong A, Rahman S (2011) An overview of the security concerns in enterprise cloud computing. Int J Netw Secur Appl (IJNSA) 3(1):30–45

    Google Scholar 

  20. Shue C, Lagesse B (2011) Embracing the cloud for better cyber security. In: 8th IEEE international workshop on middleware and system support for pervasive computing, Seattle, WA,pp. 245–250

    Google Scholar 

  21. Khorshed M, Shawkat A, Saleh W (2011) Trust issues that create threats for cyber attacks in cloud computing. In: 2011 IEEE 17th international conference on parallel and distributed systems, Tainan Taiwan, pp 900–905

    Google Scholar 

  22. Liu S, Chen Y (2010) Retrospective detection of malware attacks by cloud computing. In: 2010 international conference on cyber-enabled distributed computing and knowledge discovery, CyberC, Huangshan, China, pp 511–517

    Google Scholar 

  23. Chen Z, Yoon J (2010) IT auditing to assure a secure cloud computing. In: 2010 IEEE 6th world congress on services, Miami, pp 253–259

    Google Scholar 

  24. Chakraborty R, Ramireddy S, Raghu TS, Rao H (2010) The information assurance practices of cloud computing vendors IT Professional, July/August 2010 12(4):29–37

    Google Scholar 

  25. Portland State University History [Online]. http://pdx.edu/portland-state-university-history. Accessed 14 July 2012

  26. About OIT [Online]. http://www.pdx.edu/oit/about. Accessed 14 July 2012

  27. Google FAQ [Online]. http://oit.pdx.edu/google-faq#4. Accessed 10 July 2012

  28. Luker M, Petersen R (2003) “Preface”, computer and network security in higher education. In: Luker M, Petersen R (ed) EDUCAUSE, pp xv–xxii

    Google Scholar 

  29. Salomon K, Cassat P, Thibeau B (2003) IT security for higher education: a legal perspective. EDUCAUSE/Internet2 Computer and Network Security Task Force, pp 1–19

    Google Scholar 

  30. Pardington S PSU prepares for stark budget outlook [Online]. http://pdx.edu/news/psu-prepares-stark-budget-outlook. Accessed 26 July 2012

  31. Voll, Scott, e-mail interview, 17 July 2012

    Google Scholar 

  32. Nagel D. Education IT spending, fueled by telecom, to top $56 billion by 2012 [Online]. http://campustechnology.com/articles/2008/09/education-it-spending-fueled-by-telecom-to-top-56-billion-by-2012.aspx. Accessed 26 July 2012

  33. Serrano A. Cyber crime pays: a $114 billion Industry [Online]. http://www.thefiscaltimes.com/Articles/2011/09/14/Cyber-Crime-Pays-A-114-Billion-Industry.aspx#page1. Accessed 22 July 2012

  34. Definition of Firewall [Online]. http://www.pcmag.com/encyclopedia_term/0,2542,t%3Dfirewall&i%3D43218,00.asp. Accessed 22 July 2012

  35. Young G, Pescatore J (2011) Magic quadrant for enterprise network firewalls. Gartner research, pp 1–29

    Google Scholar 

  36. SifoWorks. Firewall for the next generation [Online]. http://www.o2security.com/library/SifoWorks%20White%20Paper%20(OD0700WPE01)%20EN%201.0.pdf. Accessed 22 July 2012

  37. SANS Institute. Understanding intrusion detection systems [Online]. http://www.sans.org/reading_room/whitepapers/detection/understanding-intrusion-detection-systems_337. Accessed 19 July 2012

  38. Tett M. Detection and prevention: 6 intrusion detection systems tested [Online]. http://www.zdnet.com/detection-and-prevention-6-intrusion-detection-systems-tested-1139156750/. Accessed 19 July 2012

  39. Security Token [Online]. http://www.aradiom.com/SolidPass/2fa-OTP-security-token.htm. Accessed 19 July 2012

  40. The Hardware Token [Online]. http://www2.exostar.com/l/4632/2010-12-09/5GRF. Accessed 19 July 2012

  41. Defining Enterprise Identity Management [Online]. http://hitachi-id.com/password-manager/docs/defining-enterprise-identity-management.html. Accessed 19 July 2012

  42. What is Encryption? [Online]. http://www.hhs.gov/ocr/privacy/hipaa/faq/securityrule/2021.html. Accessed 19 July 2012

  43. Scarfone K, Souppaya M, Sexton M (2007) Guide to storage encryption technologies for end user devices. National Institute of Standards and Technology, NIST Special Publication 800-111, Gaithersburg

    Google Scholar 

  44. Feiman J, MacDonald N (2012) Application security road map beyond 2012: breaking silos, increasing intelligence, enabling mass adoption. Gartner research, pp 1–9

    Google Scholar 

  45. Dimensional Research (2012) The impact of mobile devices on information security: a survey of IT professionals. http://www.checkpoint.com/downloads/products/check-point-mobile-security-survey-report.pdf. pp 1–7

  46. Souppaya M, Scarfone K (2012) Guidelines for managing and securing mobile devices in the enterprise (Draft). National Institute of Standards and Technology, NIST Special Publication 800-124, Gaithersburg

    Google Scholar 

  47. Pew Internet and American Life Project 35% of American adults own a smartphone [Online]. http://pewresearch.org/pubs/2054/smartphone-ownership-demographics-iphone-blackberry-android. Accessed 22 July 2012

  48. Goode Intelligence (2009) The mobile phone as an authentication device 2010–2014, pp 1–3

    Google Scholar 

  49. Langevin J, McCaul M, Charney S, Raduege H (2010) A human capital crisis in cyber security. Center for Strategic and International Studies, pp 1–53

    Google Scholar 

  50. Computer Science Programs [Online]. http://pdx.edu/computer-science/programs. Accessed 26 July 2012

  51. Committee on National Security Systems (2010) National Information Assurance (IA) Glossary. CNSS instruction no. US Government, Washington DC. 4009, pp 1–103

    Google Scholar 

  52. Feiman J (2011) Application security testing of cloud services providers is a must. Gartner research, pp 1–8

    Google Scholar 

  53. Fischer International. Federated single sign-on for higher education [Online]. http://www.fischerinternational.com/press/collateral/IDMOverviewHigherEd.pdf. Accessed 23 July 2012

  54. Fan L, Shi W, Tang S, Yan C, Fan D (2011) Optimizing web browser on many-core architectures. In: 12th international conference on parallel and distributed computing, applications and technologies, Gwangju, pp 173–178

    Google Scholar 

  55. Singh, End to End web integrity. Singh K, Wang H, Moshchuk A, Jackon C, Lee W (2012) Practical end-to-end web content integrity. In: World wide web conference 2012, Lyon, pp 659–668

    Google Scholar 

  56. Canalys (2012) Smart phones overtake client PCs in 2011 [Online]. http://www.canalys.com/newsroom/smart-phones-overtake-client-pcs-2011. Accessed 23 July 2012

  57. Redman P, Girard J, Basso M (2012) Magic quadrant for mobile device management software. Gartner research, pp 1–34

    Google Scholar 

  58. Liu L, Moulic R, Shea D (2010) Cloud service portal for mobile device management. In: IEEE international conference on E-business engineering (ICEBE 2010), Shanghai, pp 474–478

    Google Scholar 

  59. Jobanputra N, Vijayendra K, Dinkar R, Gao J (2009) Emerging security technologies for mobile user accesses. San Jose State University, San Jose, pp 1–12

    Google Scholar 

  60. Naone E (2011) Homomorphic encryption [Online]. http://www.technologyreview.com/article/423683/homomorphic-encryption/. Accessed 23 July 2012

  61. Gomathisankaran M, Tyagi A, Nauduri K (2011) HORNS: a homomorphic encryption scheme for cloud computing using residue number system. In: Information sciences and systems conference, Baltimore, MD, USA, pp 1–5

    Google Scholar 

  62. Naone E (2010) TR: cloud programming [Online]. http://www.technologyreview.com/article/418545/tr10-cloud-programming/. Accessed 24 July 2012

  63. Stackpole B (2012) Governance meets cloud: top misconceptions [Online]. http://www.informationweek.com/cloud-computing/infrastructure/governance-meets-cloud-top-misconception/232901483. Accessed 24 July 2012

  64. Katz R, Goldstein P, Yanosky R (2010) Cloud computing in higher education. http://net.educause.edu/section_params/conf/CCW10/highered.pdf

  65. Internet Security Alliance (2008) The cyber security social contract policy recommendations for the Obama administration and 111th congress, pp 1–48

    Google Scholar 

  66. Wheatman V (2011) Identifying the real information security budget. Gartner research, pp 1–9

    Google Scholar 

  67. SANS Institute Mobile security policy templates [Online]. http://www.sans.org/security-resources/policies/mobile.php. Accessed 24 July 2012

  68. Yang A (2001) Computer security and impact on computer science education. Indiana University of Pennsylvania, pp 1–14

    Google Scholar 

  69. Georgia Tech Information Security Center [Online]. http://www.gtisc.gatech.edu/history.html. Accessed 28 July 2012

  70. UM and MIT Lincoln Lab Partner on Cyber security (2011) [Online]. http://www.eng.umd.edu/html/news/news_story.php?id=5957. Accessed 28 July 2012

  71. MIT joins Northrop Grumman’s new cyber security research consortium (2009) [Online]. http://web.mit.edu/newsoffice/2009/csail-grumman.html. Accessed 28 July 2012

  72. DHS Funds $40 Million Program for Cyber Security Research [Online]. http://infosecisland.com/blogview/11466-DHS-Funds-40-Million-Program-for-Cyber-Security-Research.html. Accessed 28 July 2012

  73. Jackson W Cyber security research feels the love in 2013 budget request [Online]. http://defensesystems.com/articles/2012/02/14/cybersecurity-2013-federal-budget-request.aspx. Accessed 28 July 2012

  74. Laster J Senate considers paying for cyber security scholarships [Online]. http://chronicle.com/blogs/wiredcampus/senate-considers-paying-for-cybersecurity-scholarships/21417. Accessed 28 July 2012

  75. Indiana University (2011) [Online]. IU center awarded funding for cyber security. http://www.insideindianabusiness.com/newsitem.asp?id=49656. Accessed 28 July 2012

  76. Georgetown University [Online]. Cyber security conference brings FCC chair, others to Georgetown. http://www.georgetown.edu/news/cybersecurity-conference-fcc-chair.html. Accessed 1 Aug 2012

  77. Cloud Security Alliance. About cloud security alliance [Online]. https://cloudsecurityalliance.org/about/. Accessed 1 Aug 2012

  78. National Board of Information Security Examiners. Welcome to U.S. cyber challenge [Online]. https://www.nbise.org/uscc/. Accessed 1 Aug 2012

  79. Polytechnic Institute of New York University [Online]. About CSAW cyber security competition 2012. http://www.poly.edu/csaw2012/about. Accessed 1 Aug 2012

  80. Fischer E (2012) Federal laws relating to cyber security: discussion of proposed revisions. Congressional Research Service, Washington, DC, pp 1–65

    Google Scholar 

  81. Woodford, Melissa, e-mail interview, 17 July 2012

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. SAIF Corporation, Salem, OR, USA

    Emy Loanzon

Authors
  1. Emy Loanzon
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Emy Loanzon .

Editor information

Editors and Affiliations

  1. Engineering and Technology Management, Portland State University, Portland, Oregon, USA

    Tugrul U. Daim

  2. Daimler Trucks North America, Happy Valley, Oregon, USA

    Melinda Pizarro

  3. GE Healthcare, Hillsboro, Oregon, USA

    Rajasree Talla

Rights and permissions

Reprints and permissions

Copyright information

© 2014 Springer International Publishing Switzerland

About this chapter

Cite this chapter

Loanzon, E. (2014). A Proposed Road Map for Cybersecurity in Cloud Computing at Portland State University. In: Daim, T., Pizarro, M., Talla, R. (eds) Planning and Roadmapping Technological Innovations. Innovation, Technology, and Knowledge Management. Springer, Cham. https://doi.org/10.1007/978-3-319-02973-3_10

Download citation

Publish with us

Policies and ethics

Search

Navigation