Developing a Conceptual Framework for Cloud Security Assurance

Bob Duncan, David J. Pym, Mark Whittington

Research output: Chapter in Book/Report/Conference proceedingConference contribution

10 Citations (Scopus)
23 Downloads (Pure)

Abstract

Managing information security in the cloud is a challenge. Traditional checklist approaches to standards compliance may well provide compliance, but do not guarantee to provide security assurance. The complexity of cloud relationships must be acknowledged and explicitly managed by recognising the implications of self-interest of each party involved. We begin development of a conceptual modelling framework for cloud security assurance that can be used as a starting point for effective continuous security assurance, together with a high level of compliance.
Original languageEnglish
Title of host publication2013 IEEE 5th International Conference on Cloud Computing Technology and Science (CloudCom)
PublisherInstitute of Electrical and Electronics Engineers (IEEE)
Pages120-125
Number of pages6
Volume2
ISBN (Electronic)9780769550954
ISBN (Print)9781479915484
DOIs
Publication statusPublished - 5 Dec 2013
EventCloud Com 2013 - University of the West of England Exhibition and Conference Centre, Frenchay Campus, Coldharbour Lane, Bristol, Bristol, United Kingdom
Duration: 2 Dec 20135 Dec 2013
http://cipsijoomla.ux.uis.no/index.php

Conference

ConferenceCloud Com 2013
Abbreviated titleCloudCom 2013
CountryUnited Kingdom
CityBristol
Period2/12/135/12/13
Internet address

Fingerprint

guarantee

Keywords

  • cloud computing
  • security
  • assurance
  • framework
  • compliance

Cite this

Duncan, B., Pym, D. J., & Whittington, M. (2013). Developing a Conceptual Framework for Cloud Security Assurance. In 2013 IEEE 5th International Conference on Cloud Computing Technology and Science (CloudCom) (Vol. 2, pp. 120-125). Institute of Electrical and Electronics Engineers (IEEE). https://doi.org/10.1109/CloudCom.2013.144

Developing a Conceptual Framework for Cloud Security Assurance. / Duncan, Bob; Pym, David J.; Whittington, Mark.

2013 IEEE 5th International Conference on Cloud Computing Technology and Science (CloudCom). Vol. 2 Institute of Electrical and Electronics Engineers (IEEE), 2013. p. 120-125.

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Duncan, B, Pym, DJ & Whittington, M 2013, Developing a Conceptual Framework for Cloud Security Assurance. in 2013 IEEE 5th International Conference on Cloud Computing Technology and Science (CloudCom). vol. 2, Institute of Electrical and Electronics Engineers (IEEE), pp. 120-125, Cloud Com 2013, Bristol, United Kingdom, 2/12/13. https://doi.org/10.1109/CloudCom.2013.144
Duncan B, Pym DJ, Whittington M. Developing a Conceptual Framework for Cloud Security Assurance. In 2013 IEEE 5th International Conference on Cloud Computing Technology and Science (CloudCom). Vol. 2. Institute of Electrical and Electronics Engineers (IEEE). 2013. p. 120-125 https://doi.org/10.1109/CloudCom.2013.144
Duncan, Bob ; Pym, David J. ; Whittington, Mark. / Developing a Conceptual Framework for Cloud Security Assurance. 2013 IEEE 5th International Conference on Cloud Computing Technology and Science (CloudCom). Vol. 2 Institute of Electrical and Electronics Engineers (IEEE), 2013. pp. 120-125
@inproceedings{6466470a49b04ba99fcd1bb93432da9d,
title = "Developing a Conceptual Framework for Cloud Security Assurance",
abstract = "Managing information security in the cloud is a challenge. Traditional checklist approaches to standards compliance may well provide compliance, but do not guarantee to provide security assurance. The complexity of cloud relationships must be acknowledged and explicitly managed by recognising the implications of self-interest of each party involved. We begin development of a conceptual modelling framework for cloud security assurance that can be used as a starting point for effective continuous security assurance, together with a high level of compliance.",
keywords = "cloud computing, security, assurance, framework, compliance",
author = "Bob Duncan and Pym, {David J.} and Mark Whittington",
year = "2013",
month = "12",
day = "5",
doi = "10.1109/CloudCom.2013.144",
language = "English",
isbn = "9781479915484",
volume = "2",
pages = "120--125",
booktitle = "2013 IEEE 5th International Conference on Cloud Computing Technology and Science (CloudCom)",
publisher = "Institute of Electrical and Electronics Engineers (IEEE)",

}

TY - GEN

T1 - Developing a Conceptual Framework for Cloud Security Assurance

AU - Duncan, Bob

AU - Pym, David J.

AU - Whittington, Mark

PY - 2013/12/5

Y1 - 2013/12/5

N2 - Managing information security in the cloud is a challenge. Traditional checklist approaches to standards compliance may well provide compliance, but do not guarantee to provide security assurance. The complexity of cloud relationships must be acknowledged and explicitly managed by recognising the implications of self-interest of each party involved. We begin development of a conceptual modelling framework for cloud security assurance that can be used as a starting point for effective continuous security assurance, together with a high level of compliance.

AB - Managing information security in the cloud is a challenge. Traditional checklist approaches to standards compliance may well provide compliance, but do not guarantee to provide security assurance. The complexity of cloud relationships must be acknowledged and explicitly managed by recognising the implications of self-interest of each party involved. We begin development of a conceptual modelling framework for cloud security assurance that can be used as a starting point for effective continuous security assurance, together with a high level of compliance.

KW - cloud computing

KW - security

KW - assurance

KW - framework

KW - compliance

U2 - 10.1109/CloudCom.2013.144

DO - 10.1109/CloudCom.2013.144

M3 - Conference contribution

SN - 9781479915484

VL - 2

SP - 120

EP - 125

BT - 2013 IEEE 5th International Conference on Cloud Computing Technology and Science (CloudCom)

PB - Institute of Electrical and Electronics Engineers (IEEE)

ER -