A framework to support selection of cloud providers based on security and privacy requirements
Mouratidis, Haralambos, Islam, S., Kalloniatis, Christos and Gritzalis, Stefanos 2013. A framework to support selection of cloud providers based on security and privacy requirements. Journal of Systems and Software. 86 (9), pp. 2276-2293.
|Authors||Mouratidis, Haralambos, Islam, S., Kalloniatis, Christos and Gritzalis, Stefanos|
Cloud computing is an evolving paradigm that is radically changing the way humans store, share and access their digital files. Despite the many benefits, such as the introduction of a rapid elastic resource pool, and on-demand service, the paradigm also creates challenges for both users and providers. In particular, there are issues related to security and privacy, such as unauthorised access, loss of privacy, data replication and regulatory violation that require adequate attention. Nevertheless, and despite the recent research interest in developing software engineering techniques to support systems based on the cloud, the literature fails to provide a systematic and structured approach that enables software engineers to identify security and privacy requirements and select a suitable cloud service provider based on such requirements. This paper presents a novel framework that fills this gap. Our framework incorporates a modelling language and it provides a structured process that supports elicitation of security and privacy requirements and the selection of a cloud provider based on the satisfiability of the service provider to the relevant security and privacy requirements. To illustrate our work, we present results from a real case study.
|Keywords||Secure software engineering; Privacy; Cloud computing|
|Journal||Journal of Systems and Software|
|Journal citation||86 (9), pp. 2276-2293|
|Accepted author manuscript|
|Web address (URL)||http://dx.doi.org/10.1016/j.jss.2013.03.011|
|26 Mar 2013|
|Publication process dates|
|Deposited||02 Feb 2017|
|Accepted||01 Mar 2013|
|Copyright information||© 2013 Elsevier|
1views this month
10downloads this month