Assurance of security and privacy requirements for cloud deployment models
Article
Islam, S., Ouedraogo, M., Kalloniatis, C., Mouratidis, H. and Gritzalis, S. 2015. Assurance of security and privacy requirements for cloud deployment models. IEEE Transactions on Cloud Computing. 6, pp. 387-400. https://doi.org/10.1109/TCC.2015.2511719
Authors | Islam, S., Ouedraogo, M., Kalloniatis, C., Mouratidis, H. and Gritzalis, S. |
---|---|
Abstract | Despite of the several benefits of migrating enterprise critical assets to the Cloud, there are challenges specifically related to security and privacy. It is important that Cloud Users understand their security and privacy needs, based on their specific context and select cloud model best fit to support these needs. The literature provides works that focus on discussing security and privacy issues for cloud systems but such works do not provide a detailed methodological approach to elicit security and privacy requirements neither methods to select cloud deployment models based on satisfaction of these requirements by Cloud Service Providers. This work advances the current state of the art towards this direction. In particular, we consider requirements engineering concepts to elicit and analyze security and privacy requirements and their associated mechanisms using a conceptual framework and a systematic process. The work introduces assurance as evidence for satisfying the security and privacy requirements in terms of completeness and reportable of security incident through audit. This allows perspective cloud users to define their assurance requirements so that appropriate cloud models can be selected for a given context. To demonstrate our work, we present results from a real case study based on the Greek National Gazette. |
Keywords | Cloud Deployment; Security; Privacy; Assurance; Migration |
Journal | IEEE Transactions on Cloud Computing |
Journal citation | 6, pp. 387-400 |
ISSN | 2168-7161 |
Year | 2015 |
Publisher | IEEE |
Accepted author manuscript | License File Access Level Anyone |
Digital Object Identifier (DOI) | https://doi.org/10.1109/TCC.2015.2511719 |
Publication dates | |
Online | 23 Dec 2015 |
Publication process dates | |
Deposited | 02 Feb 2017 |
Funder | Austrian Science Fund (FWF) |
Austrian Science Fund | |
Copyright holder | © 2015 IEEE. |
Copyright information | Personal use of this material is permitted. Permission from IEEE must be obtained for all other users, including reprinting/ republishing this material for advertising or promotional purposes, creating new collective works for resale or redistribution to servers or lists, or reuse of any copyrighted components of this work in other works. |
https://repository.uel.ac.uk/item/8536w
Download files
Accepted author manuscript
paper 1 - Assurance.pdf | ||
License: All rights reserved | ||
File access level: Anyone |
300
total views593
total downloads1
views this month1
downloads this month