IEEE.org| IEEE Xplore Digital Library| IEEE Standards| IEEE Spectrum| More Sites

Cart (Loading....) | Create Account

Close category search window
Author Searchbeta |  Advanced Search  |  Preferences |  Search Tips  |  More Search Options  
 
Browse Conference Publications > Cloud Computing Technology an ... Help

An assessment of security requirements compliance of cloud providers

Full Text Sign-In or Purchase

Sign In

Cookies must be enabled to login.After enabling cookies , please use refresh or reload or ctrl+f5 on the browser for the login options.

Formats Non-Member Member
$31 $13
Learn how you can qualify for the best price for this item!
Become an IEEE Member or Subscribe to
IEEE Xplore for exclusive pricing! close button
puzzle piece

IEEE membership options for an individual and IEEE Xplore subscriptions for an organization offer the most affordable access to essential journal articles, conference papers, standards, eBooks, and eLearning courses.

Learn more about:

IEEE membership

IEEE Xplore subscriptions

2 Author(s)
Bhensook, N. ; Dept. of Comput. Eng., Chulalongkorn Univ. Bangkok, Bangkok, Thailand ; Senivongse, T.

Cloud provider assessment is important for cloud consumers to determine, when outsourcing computing work, which providers can serve their business and system requirements. This paper presents an initial attempt to assess security requirements compliance of cloud providers by following the Goal Question Metric approach and defining a weighted scoring model for the assessment. The security goals and questions that address the goals are taken from Cloud Security Alliance's Cloud Controls Matrix and Consensus Assessments Initiative Questionnaire. We then transform such questions into more detailed ones and define metrics that help provide quantitative answers to the transformed questions based on evidence of security compliance provided by the cloud providers. The scoring is weighted by quality of evidence, i.e. its compliance with the associated questions and its completeness. We propose a scoring system architecture which utilizes CloudAudit and assess Amazon Web Services as an example.

Published in:
Cloud Computing Technology and Science (CloudCom), 2012 IEEE 4th International Conference on

Date of Conference: 3-6 Dec. 2012

Page(s):
520 - 525
E-ISBN :
978-1-4673-4509-5
Print ISBN:
978-1-4673-4511-8
INSPEC Accession Number:
13286477
Conference Location :
Taipei
Digital Object Identifier :
10.1109/CloudCom.2012.6427484
Product Type:
Conference Publications

IEEE Account

Purchase Details

Profile Information

Need Help?


IEEE Advancing Technology for Humanity About IEEE Xplore | Contact | Help | Terms of Use | Nondiscrimination Policy | Site Map | Privacy & Opting Out of Cookies

A not-for-profit organization, IEEE is the world's largest professional association for the advancement of technology.
© Copyright 2013 IEEE - All rights reserved. Use of this web site signifies your agreement to the terms and conditions.