Abstract
In 2011, Portland State University (PSU) transitioned its email and office applications suite to Google Apps. Google Apps for Education is a suite of Internet-cloud-based services provided by Google, which include email, calendar, document sharing, and access to these applications from Windows and Macintosh computers, as well as mobile devices (Google FAQ [Available Online] http://oit.pdx.edu/google-faq#4. Accessed 10 July 2012). PSU, like most higher education institutions, is now using cloud computing services for applications and data. As colleges and universities increase their business and academic use of cloud services, cybersecurity technologies and governance practices need to evolve. The current research proposes a technology road map for creating a more secure and stable computing environment for a higher education institution such as PSU.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Effective Cyber security Practices for Higher Education [online]. net.educause.edu/ir/library/powerpoint/SER0539A.pps. Accessed 21 July 2012
Wlasuk A. A higher education student database is an identity thief’s dream come true… [online]. http://www.securityweek.com/higher-education-perfect-security-storm. Accessed 21 July 2012
Nigam H. 2011s cybercrime explosion and your 3 cyber security resolutions for 2012 [Online]. http://blogs.discovery.com/criminal_report/2012/01/2011s-cybercrime-explosion-and-your-3-cybersecurity-resolutions-for-2012.html#4. Accessed 15 July 2012
Department of Homeland Security. Cyber security [Online]. http://www.dhs.gov/files/cybersecurity.shtm. Accessed 16 July 2012
NIST Definition of Cloud Computing [Online]. http://csrc.nist.gov/groups/SNS/cloud-computing/index.html. Accessed 17 July 2012
Garcia M, Bray O (1997) Fundamentals of technology road mapping. Strategic Business Development Department, Sandia National Laboratories, April 1997, pp 1–31
Phaal R, Farrukh CJP, Probert DR (2004) Technology roadmapping—a planning framework for evolution and revolution. Technol Forecast Soc Change 71(1):5–26
Crystalline Silicon Technology and Manufacturing (CTM) Group (2012) International Technology Roadmap for Photovoltaics (ITRPV) Results 2011. 3rd edn.
Fitzpatrick G, Wollman A (2010) NIST interoperability framework and action plans. Power and energy society general meeting, (IEEE 2010), MN, USA. 25–29 July 2010, pp 1–4
Daim T, Amer M, Brenden R (2012) Technology road mapping for wind energy: case of the Pacific Northwest. J Clean Prod 20:27–37
Lee S, Park Y (2005) Customization of technology roadmaps according to road mapping purposes: overall process and detailed modules. Technol Forecast Soc Chang 72:567–583
Rinne M (2004) Technology roadmaps: infrastructure for innovation. Technol Forecast Soc Change 71:67–80
Rayport JF, Hayward A (2009) Envisioning the cloud: the next computing paradigm. In: Marketspace point of view. http://www.egov.vic.gov.au/trends-and-issues/information-and-communications-technology/cloud-computing/envisioning-the-cloud-the-next-computing-paradigm.html. Accessed 20 March 2009, pp 1–57
Types of Cloud Computing [Online]. http://thecloudtutorial.com/cloudtypes.html. Accessed 20 July 2012
Britto M (2012) Cloud computing in higher education [Online]. http://www.librarystudentjournal.org/index.php/lsj/article/view/289/321#microsoft2010. Accessed 23 July 2012
DOD Cyberspace Glossary [Online]. http://www.pcmag.com/encyclopedia_term/0,1237,t=DOD+cyberspace+glossary&i=62535,00.asp. Accessed 14 July 2012
Identity Theft Resource Center. 2012 data breach stats – known vs. unknown totals [Online]. http://www.idtheftcenter.org/artman2/uploads/1/ITRC_Breach_Stats_-_Known_vs_Unknown_Summary_1H_20120630.pdf. Accessed 16 July 2012
Cloud Security Alliance (2010) Top threats to cloud security computing. https://cloudsecurityalliance.org/topthreats/csathreats.v1.0.pdf .v1.0, pp 1–14
Bisong A, Rahman S (2011) An overview of the security concerns in enterprise cloud computing. Int J Netw Secur Appl (IJNSA) 3(1):30–45
Shue C, Lagesse B (2011) Embracing the cloud for better cyber security. In: 8th IEEE international workshop on middleware and system support for pervasive computing, Seattle, WA,pp. 245–250
Khorshed M, Shawkat A, Saleh W (2011) Trust issues that create threats for cyber attacks in cloud computing. In: 2011 IEEE 17th international conference on parallel and distributed systems, Tainan Taiwan, pp 900–905
Liu S, Chen Y (2010) Retrospective detection of malware attacks by cloud computing. In: 2010 international conference on cyber-enabled distributed computing and knowledge discovery, CyberC, Huangshan, China, pp 511–517
Chen Z, Yoon J (2010) IT auditing to assure a secure cloud computing. In: 2010 IEEE 6th world congress on services, Miami, pp 253–259
Chakraborty R, Ramireddy S, Raghu TS, Rao H (2010) The information assurance practices of cloud computing vendors IT Professional, July/August 2010 12(4):29–37
Portland State University History [Online]. http://pdx.edu/portland-state-university-history. Accessed 14 July 2012
About OIT [Online]. http://www.pdx.edu/oit/about. Accessed 14 July 2012
Google FAQ [Online]. http://oit.pdx.edu/google-faq#4. Accessed 10 July 2012
Luker M, Petersen R (2003) “Preface”, computer and network security in higher education. In: Luker M, Petersen R (ed) EDUCAUSE, pp xv–xxii
Salomon K, Cassat P, Thibeau B (2003) IT security for higher education: a legal perspective. EDUCAUSE/Internet2 Computer and Network Security Task Force, pp 1–19
Pardington S PSU prepares for stark budget outlook [Online]. http://pdx.edu/news/psu-prepares-stark-budget-outlook. Accessed 26 July 2012
Voll, Scott, e-mail interview, 17 July 2012
Nagel D. Education IT spending, fueled by telecom, to top $56 billion by 2012 [Online]. http://campustechnology.com/articles/2008/09/education-it-spending-fueled-by-telecom-to-top-56-billion-by-2012.aspx. Accessed 26 July 2012
Serrano A. Cyber crime pays: a $114 billion Industry [Online]. http://www.thefiscaltimes.com/Articles/2011/09/14/Cyber-Crime-Pays-A-114-Billion-Industry.aspx#page1. Accessed 22 July 2012
Definition of Firewall [Online]. http://www.pcmag.com/encyclopedia_term/0,2542,t%3Dfirewall&i%3D43218,00.asp. Accessed 22 July 2012
Young G, Pescatore J (2011) Magic quadrant for enterprise network firewalls. Gartner research, pp 1–29
SifoWorks. Firewall for the next generation [Online]. http://www.o2security.com/library/SifoWorks%20White%20Paper%20(OD0700WPE01)%20EN%201.0.pdf. Accessed 22 July 2012
SANS Institute. Understanding intrusion detection systems [Online]. http://www.sans.org/reading_room/whitepapers/detection/understanding-intrusion-detection-systems_337. Accessed 19 July 2012
Tett M. Detection and prevention: 6 intrusion detection systems tested [Online]. http://www.zdnet.com/detection-and-prevention-6-intrusion-detection-systems-tested-1139156750/. Accessed 19 July 2012
Security Token [Online]. http://www.aradiom.com/SolidPass/2fa-OTP-security-token.htm. Accessed 19 July 2012
The Hardware Token [Online]. http://www2.exostar.com/l/4632/2010-12-09/5GRF. Accessed 19 July 2012
Defining Enterprise Identity Management [Online]. http://hitachi-id.com/password-manager/docs/defining-enterprise-identity-management.html. Accessed 19 July 2012
What is Encryption? [Online]. http://www.hhs.gov/ocr/privacy/hipaa/faq/securityrule/2021.html. Accessed 19 July 2012
Scarfone K, Souppaya M, Sexton M (2007) Guide to storage encryption technologies for end user devices. National Institute of Standards and Technology, NIST Special Publication 800-111, Gaithersburg
Feiman J, MacDonald N (2012) Application security road map beyond 2012: breaking silos, increasing intelligence, enabling mass adoption. Gartner research, pp 1–9
Dimensional Research (2012) The impact of mobile devices on information security: a survey of IT professionals. http://www.checkpoint.com/downloads/products/check-point-mobile-security-survey-report.pdf. pp 1–7
Souppaya M, Scarfone K (2012) Guidelines for managing and securing mobile devices in the enterprise (Draft). National Institute of Standards and Technology, NIST Special Publication 800-124, Gaithersburg
Pew Internet and American Life Project 35% of American adults own a smartphone [Online]. http://pewresearch.org/pubs/2054/smartphone-ownership-demographics-iphone-blackberry-android. Accessed 22 July 2012
Goode Intelligence (2009) The mobile phone as an authentication device 2010–2014, pp 1–3
Langevin J, McCaul M, Charney S, Raduege H (2010) A human capital crisis in cyber security. Center for Strategic and International Studies, pp 1–53
Computer Science Programs [Online]. http://pdx.edu/computer-science/programs. Accessed 26 July 2012
Committee on National Security Systems (2010) National Information Assurance (IA) Glossary. CNSS instruction no. US Government, Washington DC. 4009, pp 1–103
Feiman J (2011) Application security testing of cloud services providers is a must. Gartner research, pp 1–8
Fischer International. Federated single sign-on for higher education [Online]. http://www.fischerinternational.com/press/collateral/IDMOverviewHigherEd.pdf. Accessed 23 July 2012
Fan L, Shi W, Tang S, Yan C, Fan D (2011) Optimizing web browser on many-core architectures. In: 12th international conference on parallel and distributed computing, applications and technologies, Gwangju, pp 173–178
Singh, End to End web integrity. Singh K, Wang H, Moshchuk A, Jackon C, Lee W (2012) Practical end-to-end web content integrity. In: World wide web conference 2012, Lyon, pp 659–668
Canalys (2012) Smart phones overtake client PCs in 2011 [Online]. http://www.canalys.com/newsroom/smart-phones-overtake-client-pcs-2011. Accessed 23 July 2012
Redman P, Girard J, Basso M (2012) Magic quadrant for mobile device management software. Gartner research, pp 1–34
Liu L, Moulic R, Shea D (2010) Cloud service portal for mobile device management. In: IEEE international conference on E-business engineering (ICEBE 2010), Shanghai, pp 474–478
Jobanputra N, Vijayendra K, Dinkar R, Gao J (2009) Emerging security technologies for mobile user accesses. San Jose State University, San Jose, pp 1–12
Naone E (2011) Homomorphic encryption [Online]. http://www.technologyreview.com/article/423683/homomorphic-encryption/. Accessed 23 July 2012
Gomathisankaran M, Tyagi A, Nauduri K (2011) HORNS: a homomorphic encryption scheme for cloud computing using residue number system. In: Information sciences and systems conference, Baltimore, MD, USA, pp 1–5
Naone E (2010) TR: cloud programming [Online]. http://www.technologyreview.com/article/418545/tr10-cloud-programming/. Accessed 24 July 2012
Stackpole B (2012) Governance meets cloud: top misconceptions [Online]. http://www.informationweek.com/cloud-computing/infrastructure/governance-meets-cloud-top-misconception/232901483. Accessed 24 July 2012
Katz R, Goldstein P, Yanosky R (2010) Cloud computing in higher education. http://net.educause.edu/section_params/conf/CCW10/highered.pdf
Internet Security Alliance (2008) The cyber security social contract policy recommendations for the Obama administration and 111th congress, pp 1–48
Wheatman V (2011) Identifying the real information security budget. Gartner research, pp 1–9
SANS Institute Mobile security policy templates [Online]. http://www.sans.org/security-resources/policies/mobile.php. Accessed 24 July 2012
Yang A (2001) Computer security and impact on computer science education. Indiana University of Pennsylvania, pp 1–14
Georgia Tech Information Security Center [Online]. http://www.gtisc.gatech.edu/history.html. Accessed 28 July 2012
UM and MIT Lincoln Lab Partner on Cyber security (2011) [Online]. http://www.eng.umd.edu/html/news/news_story.php?id=5957. Accessed 28 July 2012
MIT joins Northrop Grumman’s new cyber security research consortium (2009) [Online]. http://web.mit.edu/newsoffice/2009/csail-grumman.html. Accessed 28 July 2012
DHS Funds $40 Million Program for Cyber Security Research [Online]. http://infosecisland.com/blogview/11466-DHS-Funds-40-Million-Program-for-Cyber-Security-Research.html. Accessed 28 July 2012
Jackson W Cyber security research feels the love in 2013 budget request [Online]. http://defensesystems.com/articles/2012/02/14/cybersecurity-2013-federal-budget-request.aspx. Accessed 28 July 2012
Laster J Senate considers paying for cyber security scholarships [Online]. http://chronicle.com/blogs/wiredcampus/senate-considers-paying-for-cybersecurity-scholarships/21417. Accessed 28 July 2012
Indiana University (2011) [Online]. IU center awarded funding for cyber security. http://www.insideindianabusiness.com/newsitem.asp?id=49656. Accessed 28 July 2012
Georgetown University [Online]. Cyber security conference brings FCC chair, others to Georgetown. http://www.georgetown.edu/news/cybersecurity-conference-fcc-chair.html. Accessed 1 Aug 2012
Cloud Security Alliance. About cloud security alliance [Online]. https://cloudsecurityalliance.org/about/. Accessed 1 Aug 2012
National Board of Information Security Examiners. Welcome to U.S. cyber challenge [Online]. https://www.nbise.org/uscc/. Accessed 1 Aug 2012
Polytechnic Institute of New York University [Online]. About CSAW cyber security competition 2012. http://www.poly.edu/csaw2012/about. Accessed 1 Aug 2012
Fischer E (2012) Federal laws relating to cyber security: discussion of proposed revisions. Congressional Research Service, Washington, DC, pp 1–65
Woodford, Melissa, e-mail interview, 17 July 2012
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2014 Springer International Publishing Switzerland
About this chapter
Cite this chapter
Loanzon, E. (2014). A Proposed Road Map for Cybersecurity in Cloud Computing at Portland State University. In: Daim, T., Pizarro, M., Talla, R. (eds) Planning and Roadmapping Technological Innovations. Innovation, Technology, and Knowledge Management. Springer, Cham. https://doi.org/10.1007/978-3-319-02973-3_10
Download citation
DOI: https://doi.org/10.1007/978-3-319-02973-3_10
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-02972-6
Online ISBN: 978-3-319-02973-3
eBook Packages: Business and EconomicsBusiness and Management (R0)