Cloud Security Audit for Migration and Continuous Monitoring
Ismail, Umar Mukhtar, Islam, S. and Mouratidis, Haralambos 2015. Cloud Security Audit for Migration and Continuous Monitoring. in: 2015 IEEE Trustcom/BigDataSE/ISPA IEEE.
|Ismail, Umar Mukhtar, Islam, S. and Mouratidis, Haralambos
Security assurance in cloud computing is one of the main barriers for wider cloud adoption. Potential cloud computing consumers like to know whether the controls in cloud environments can adequately protect critical assets migrated into the cloud. We present a cloud security audit approach to enable users' evaluate cloud service provider offerings before migration, as well as monitoring of events after migration. Our approach entails a set of concepts such as actor, goals, monitoring, conditions, evidence and assurance to support security audit activities. These concepts are considered as a language for describing the properties necessary for cloud security audit both before and after migration. Finally, a real cloud migration use case is given to demonstrate the applicability of the security audit approach.
|Cloud computing; security; audit; conditions; evidence
|2015 IEEE Trustcom/BigDataSE/ISPA
|03 Dec 2015
|Publication process dates
|09 Mar 2017
|14th IEEE International Conference on Trust, Security and Privacy in Computing and Communications (IEEE TrustCom-15)
|Digital Object Identifier (DOI)
|Web address (URL)
© 2015 IEEE. Personal use of this material is permitted. Permission from IEEE must be obtained for all other users, including reprinting/ republishing this material for advertising or promotional purposes, creating new collective works for resale or redistribution to servers or lists, or reuse of any copyrighted components of this work in other works.
|Accepted author manuscript
0views this month
1downloads this month