Developing a Conceptual Framework for Cloud Security Assurance

Bob Duncan, David J. Pym, Mark Whittington

Research output: Chapter in Book/Report/Conference proceedingConference contribution

10 Citations (Scopus)
24 Downloads (Pure)

Abstract

Managing information security in the cloud is a challenge. Traditional checklist approaches to standards compliance may well provide compliance, but do not guarantee to provide security assurance. The complexity of cloud relationships must be acknowledged and explicitly managed by recognising the implications of self-interest of each party involved. We begin development of a conceptual modelling framework for cloud security assurance that can be used as a starting point for effective continuous security assurance, together with a high level of compliance.
Original languageEnglish
Title of host publication2013 IEEE 5th International Conference on Cloud Computing Technology and Science (CloudCom)
PublisherInstitute of Electrical and Electronics Engineers (IEEE)
Pages120-125
Number of pages6
Volume2
ISBN (Electronic)9780769550954
ISBN (Print)9781479915484
DOIs
Publication statusPublished - 5 Dec 2013
EventCloud Com 2013 - University of the West of England Exhibition and Conference Centre, Frenchay Campus, Coldharbour Lane, Bristol, Bristol, United Kingdom
Duration: 2 Dec 20135 Dec 2013
http://cipsijoomla.ux.uis.no/index.php

Conference

ConferenceCloud Com 2013
Abbreviated titleCloudCom 2013
CountryUnited Kingdom
CityBristol
Period2/12/135/12/13
Internet address

    Fingerprint

Keywords

  • cloud computing
  • security
  • assurance
  • framework
  • compliance

Cite this

Duncan, B., Pym, D. J., & Whittington, M. (2013). Developing a Conceptual Framework for Cloud Security Assurance. In 2013 IEEE 5th International Conference on Cloud Computing Technology and Science (CloudCom) (Vol. 2, pp. 120-125). Institute of Electrical and Electronics Engineers (IEEE). https://doi.org/10.1109/CloudCom.2013.144