Security-centric evaluation framework for IT services

Smrati Gupta, Jaume Ferrarons-Llagostera, Jacek Dominiak, Victor Muntés-Mulero, Peter Matthews, Erkuden Rios

Research output: Chapter in Book/Report/Conference proceedingConference contributionpeer-review

Abstract

Tremendous growth and adoption of cloud based services within IT enterprises has generated important requirements for security provisioning. Users need to evaluate the security characteristics of different providers and their offered services. This generates an additional requirement for methods to compare cloud service providers on the basis of their capabilities to meet security requirements. This paper proposes a novel framework to assess and compare cloud services on the basis of their security offerings, leveraging existing best practices and standards to develop new relevant metrics. We provide comparison yardsticks related to security to evaluate cloud services such that the security robustness of cloud services can be computed using easy to evaluate deconstructed metrics. This paper provides a framework that can be leveraged to provide security enhancement plans both for users and providers.

Original languageEnglish
Title of host publicationGreen, Pervasive, and Cloud Computing - 12th International Conference, GPC 2017, Proceedings
EditorsMan Ho Allen Au, Kim-Kwang Raymond Choo, Kuan-Ching Li, Arcangelo Castiglione, Francesco Palmieri
PublisherSpringer Verlag
Pages736-747
Number of pages12
ISBN (Print)9783319571850
DOIs
Publication statusPublished - 2017
Event12th International Conference on Green, Pervasive and Cloud Computing, GPC 2017 - Cetara, Italy
Duration: 11 May 201714 May 2017

Publication series

NameLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume10232 LNCS
ISSN (Print)0302-9743
ISSN (Electronic)1611-3349

Conference

Conference12th International Conference on Green, Pervasive and Cloud Computing, GPC 2017
Country/TerritoryItaly
CityCetara
Period11/05/1714/05/17

Keywords

  • Certifications
  • Cloud computing best practices
  • Security controls

Fingerprint

Dive into the research topics of 'Security-centric evaluation framework for IT services'. Together they form a unique fingerprint.

Cite this