A Comparative Review of Cloud Security Proposals with ISO/IEC 27002

被引：0

作者：

Rebollo, Oscar ^{[1
]}

Mellado, Daniel ^{[2
]}

Fernandez-Medina, Eduardo ^{[2
]}

机构：

[1] Minist Labour & Immigrat, Social Secur IT Management, Madrid, Spain

[2] Univ Castilla La Mancha, GSyA Res Grp, Dept Informat Technol & Syst, Ciudad Real, Spain

来源：

WOSIS 2011: SECURITY IN INFORMATION SYSTEMS | 2011年

关键词：

D O I：

暂无

中图分类号：

TP [自动化技术、计算机技术];

学科分类号：

0812 ;

摘要：

Information Security is considered one of the main reasons why users are reluctant to adopt the new generation of services offered by cloud computing providers. In order to minimize risks, some security proposals have been developed, with the purpose of facing a wide range of security concerns. This paper reviews these existing approaches and defines a security comparative framework, based on ISO/IEC 27002, suitable for the cloud environment. The analysis process of these alternatives shows a partial compliance with the defined requirements as each one is focused on different issues. As a consequence, more investigation is needed to achieve a comprehensive cloud security framework. The results of this paper highlight the gaps and weaknesses of each proposal, so that directions are settled for future work.

引用

页码：3 / 12

页数：10

共 50 条

[21] Analysis the priority of security requirement items for the process improvement by ISO/IEC 15504 and ISO/IEC 15408
Lee, Eun-Ser
Kim, Haeng-Kon
Hwang, Sun-Myoung
[J]. SERA 2007: 5TH ACIS INTERNATIONAL CONFERENCE ON SOFTWARE ENGINEERING RESEARCH, MANAGEMENT, AND APPLICATIONS, PROCEEDINGS, 2007, : 25 - +
[22] CHALLENGES GENERATED BY THE IMPLEMENTATION OF THE IT STANDARDS COBIT 4.1, ITIL V3 AND ISO/IEC 27002 IN ENTERPRISES
Nastase, Pavel
Nastase, Floarea
Ionescu, Corina
[J]. ECONOMIC COMPUTATION AND ECONOMIC CYBERNETICS STUDIES AND RESEARCH, 2009, 43 (03): : 5 - 20
[23] Development of Supporting Environment for IT System Security Evaluation Based on ISO/IEC 15408 and ISO/IEC 18045
Bao, Da
Sun, Wen
Goto, Yuichi
Cheng, Jingde
[J]. 2018 IEEE SMARTWORLD, UBIQUITOUS INTELLIGENCE & COMPUTING, ADVANCED & TRUSTED COMPUTING, SCALABLE COMPUTING & COMMUNICATIONS, CLOUD & BIG DATA COMPUTING, INTERNET OF PEOPLE AND SMART CITY INNOVATION (SMARTWORLD/SCALCOM/UIC/ATC/CBDCOM/IOP/SCI), 2018, : 204 - 209
[24] A Supporting Tool for IT System Security Specification Evaluation Based on ISO/IEC 15408 and ISO/IEC 18045
Bao, Da
Goto, Yuichi
Cheng, Jingde
[J]. TRENDS AND APPLICATIONS IN KNOWLEDGE DISCOVERY AND DATA MINING: PAKDD 2019 WORKSHOPS, 2019, 11607 : 3 - 14
[25] Business Model for the Security of a Large-Scale PACS, Compliance with ISO/27002:2013 Standard
Josefina Gutiérrez-Martínez
Marco Antonio Núñez-Gaona
Heriberto Aguirre-Meneses
[J]. Journal of Digital Imaging, 2015, 28 : 481 - 491
[26] Ontology-based information security compliance determination and control selection on the example of ISO 27002
Fenz, Stefan
Neubauer, Thomas
[J]. INFORMATION AND COMPUTER SECURITY, 2018, 26 (05) : 551 - 567
[27] Business Model for the Security of a Large-Scale PACS, Compliance with ISO/27002:2013 Standard
Gutierrez-Martinez, Josefina
Antonio Nunez-Gaona, Marco
Aguirre-Meneses, Heriberto
[J]. JOURNAL OF DIGITAL IMAGING, 2015, 28 (04) : 481 - 491
[28] ISO/IEC Competence Requirements for Information Security Professionals
Miloslayskaya, Natalia
Tolstoy, Alexander
[J]. INFORMATION SECURITY EDUCATION FOR A GLOBAL DIGITAL SOCIETY, WISE 10, 2017, 503 : 135 - 146
[29] 第三版ISO/IEC 27002信息安全控制标准变化解析
上官晓丽
叶晓俊
[J]. 信息技术与标准化, 2021, (11) : 8 - 17
[30] Improvement proposals on ISO/IEC 15775 test charts for copier and printer outputs
Itoh, T
[J]. IS&T'S NIP16: INTERNATIONAL CONFERENCE ON DIGITAL PRINTING TECHNOLOGIES, 2000, : 643 - 646

← 1 2 3 4 5 →