Risk Management for Outsourcing to the Cloud Security Risks and Safeguards as Selection Criteria for Extern Cloud Services

被引:1
|
作者
Viehmann, Johannes [1 ]
机构
[1] Fraunhofer Inst Open Commun Syst FOKUS, SQC, Berlin, Germany
来源
2014 IEEE INTERNATIONAL SYMPOSIUM ON SOFTWARE RELIABILITY ENGINEERING WORKSHOPS (ISSREW) | 2014年
关键词
Risk Management; Risk Assessment; Outsourcing; Cloud; Security;
D O I
10.1109/ISSREW.2014.80
中图分类号
TP31 [计算机软件];
学科分类号
081202 ; 0835 ;
摘要
This short paper describes our ongoing research about security risk management for IT projects which might eventually take benefit from outsourcing to external Cloud services. Choosing appropriate, secure enough Cloud services from multiple offers might be difficult. Hence, we develop the Cloud Security Guide CSG to assist. It contains a specialized methodology for Cloud risk assessment supporting particularly the extraction of security relevant information from user contracts or terms and conditions of public Cloud services. Discovering that many providers fail to communicate their safeguards, we also decided to develop a provider's guide for risk management and for the communication of risk treatments.
引用
收藏
页码:293 / 295
页数:3
相关论文
共 50 条
  • [1] Security Risks and their Management in Cloud Computing
    Khan, Afnan Ullah
    Oriol, Manuel
    Kiran, Mariam
    Jiang, Ming
    Djemame, Karim
    [J]. 2012 IEEE 4TH INTERNATIONAL CONFERENCE ON CLOUD COMPUTING TECHNOLOGY AND SCIENCE (CLOUDCOM), 2012,
  • [2] Business process outsourcing to the cloud: Balancing costs with security risks
    Nacer, Amina Ahmed
    Godart, Claude
    Rosinosky, Guillaume
    Tari, Abdelkamel
    Youcef, Samir
    [J]. COMPUTERS IN INDUSTRY, 2019, 104 (59-74) : 59 - 74
  • [3] IT Security Risk Management: Perceived IT Security Risks in the Context of Cloud Computing.
    Vinaja, Roberto
    [J]. JOURNAL OF GLOBAL INFORMATION TECHNOLOGY MANAGEMENT, 2013, 16 (03) : 82 - 84
  • [4] SECURITY AND RISK MANAGEMENT WHEN USING CLOUD COMPUTING IT SERVICES
    Sepulveda O, Erick
    Salcedo, Octavio J.
    Gomez Vargas, Ernesto
    [J]. REDES DE INGENIERIA-ROMPIENDO LAS BARRERAS DEL CONOCIMIENTO, 2010, 1 (02): : 10 - 21
  • [5] Outsourcing Mobile Security in the Cloud
    Hurel, Gaeetan
    Badonnel, Remi
    Lahmadi, Abdelkader
    Festor, Olivier
    [J]. MONITORING AND SECURING VIRTUALIZED NETWORKS AND SERVICES, 2014, 8508 : 69 - 73
  • [6] A Security Assessment Framework and Selection Method for Outsourcing Cloud Service
    Liu, Xiaochen
    Xia, Chunhe
    Cao, Jiajin
    Gao, Jinghua
    Wei, Zhao
    [J]. INTERNATIONAL JOURNAL OF SECURITY AND ITS APPLICATIONS, 2014, 8 (06): : 375 - 388
  • [7] Governance and Management of Organizations with Cloud Supported Services Recommendations for Risks of Information Security
    Silva, Elcelina
    Soares, Bruno Horta
    [J]. 2018 13TH IBERIAN CONFERENCE ON INFORMATION SYSTEMS AND TECHNOLOGIES (CISTI), 2018,
  • [8] Critical Services in the Cloud: Understanding Security and Resilience Risks
    Hecht, Thomas
    Smith, Paul
    Schoeller, Marcus
    [J]. 2014 6TH INTERNATIONAL WORKSHOP ON RELIABLE NETWORKS DESIGN AND MODELING (RNDM), 2014, : 131 - 137
  • [9] Evaluation and Selection of Cloud Security Services based on Multi-Criteria Analysis MCA
    Halabi, Talal
    Bellaiche, Martine
    [J]. 2017 INTERNATIONAL CONFERENCE ON COMPUTING, NETWORKING AND COMMUNICATIONS (ICNC), 2016, : 706 - 710
  • [10] Cloud Management and Governance: Adapting IT Outsourcing to External Provision of Cloud-Based IT Services
    Valencia Garcia, Victoriano
    Fernandez Vicente, Eugenio J.
    Usero Aragones, Luis
    [J]. INTERNATIONAL JOURNAL OF ADVANCED COMPUTER SCIENCE AND APPLICATIONS, 2015, 6 (10) : 86 - 93
12345