The title of this book is misleading; it is not a guide, but rather a collection of loosely related papers about cloud computing security. Some of the chapters have redundancies, each author has a different style, and most papers are survey style, all of which is not good organization for a guide. As an introduction to cloud security, this book is not appropriate. It is not appropriate as a textbook either, because of its lack of unification and completeness. Finally, it is not appropriate for business people trying to gain an understanding of the cloud because of its lack of structure and unified message.
The objective of the first part is to provide an introduction to, and perspective on, cloud computing security. There are chapters on cryptographic tools, secure migration, virtualization security, security of cloud storage, governance and risk, and a perspective for the future. The chapters in this part are rather disjointed and lack an introduction that could have explained how the topics fit together. Each chapter is independent of the others. Some of the chapters are verbose and do not provide clear perspectives on their subjects. The objective of this part is not reached; it is too technical for business people and too elementary for system architects and researchers. There is nothing on architecture, authorization, or firewalls, all important security aspects.
Part 2, which requires a much stronger background, is much better. These chapters are of interest to researchers, but will not be very useful to practitioners. This part includes five chapters on security certification, accountability, distributed denial of service (DDoS) protection, proofs of retrievability for data auditing, and architecture/security of vehicular clouds. The chapters on certification and accountability contain good descriptions of these two important topics. The chapter on DDoS protection is a good survey, but one wonders why only this attack is discussed in detail; several other attacks are also very important, like unauthorized access to data as well as a variety of problems due to network virtualization. The chapter on vehicular clouds seems out of place here; it is a very specialized application, still in the research stage, and the chapter says little about security.