TY - GEN
T1 - Security-centric evaluation framework for IT services
AU - Gupta, Smrati
AU - Ferrarons-Llagostera, Jaume
AU - Dominiak, Jacek
AU - Muntés-Mulero, Victor
AU - Matthews, Peter
AU - Rios, Erkuden
N1 - Publisher Copyright:
© Springer International Publishing AG 2017.
PY - 2017
Y1 - 2017
N2 - Tremendous growth and adoption of cloud based services within IT enterprises has generated important requirements for security provisioning. Users need to evaluate the security characteristics of different providers and their offered services. This generates an additional requirement for methods to compare cloud service providers on the basis of their capabilities to meet security requirements. This paper proposes a novel framework to assess and compare cloud services on the basis of their security offerings, leveraging existing best practices and standards to develop new relevant metrics. We provide comparison yardsticks related to security to evaluate cloud services such that the security robustness of cloud services can be computed using easy to evaluate deconstructed metrics. This paper provides a framework that can be leveraged to provide security enhancement plans both for users and providers.
AB - Tremendous growth and adoption of cloud based services within IT enterprises has generated important requirements for security provisioning. Users need to evaluate the security characteristics of different providers and their offered services. This generates an additional requirement for methods to compare cloud service providers on the basis of their capabilities to meet security requirements. This paper proposes a novel framework to assess and compare cloud services on the basis of their security offerings, leveraging existing best practices and standards to develop new relevant metrics. We provide comparison yardsticks related to security to evaluate cloud services such that the security robustness of cloud services can be computed using easy to evaluate deconstructed metrics. This paper provides a framework that can be leveraged to provide security enhancement plans both for users and providers.
KW - Certifications
KW - Cloud computing best practices
KW - Security controls
UR - http://www.scopus.com/inward/record.url?scp=85019182215&partnerID=8YFLogxK
U2 - 10.1007/978-3-319-57186-7_53
DO - 10.1007/978-3-319-57186-7_53
M3 - Conference contribution
AN - SCOPUS:85019182215
SN - 9783319571850
T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
SP - 736
EP - 747
BT - Green, Pervasive, and Cloud Computing - 12th International Conference, GPC 2017, Proceedings
A2 - Au, Man Ho Allen
A2 - Choo, Kim-Kwang Raymond
A2 - Li, Kuan-Ching
A2 - Castiglione, Arcangelo
A2 - Palmieri, Francesco
PB - Springer Verlag
T2 - 12th International Conference on Green, Pervasive and Cloud Computing, GPC 2017
Y2 - 11 May 2017 through 14 May 2017
ER -