TY - JOUR
T1 - A security evaluation framework for cloud security auditing
AU - Rizvi, Syed
AU - Ryoo, Jungwoo
AU - Kissell, John
AU - Aiken, William
AU - Liu, Yuhong
N1 - Publisher Copyright:
© 2017, Springer Science+Business Media New York.
PY - 2018/11/1
Y1 - 2018/11/1
N2 - Cloud computing is clearly one of today’s most enticing technologies due to its scalable, flexible, and cost-efficient access to infrastructure and application services. Despite these benefits, cloud service users (CSUs) have serious concerns about the data security and privacy. Currently, there are several cloud service providers (CSPs) offering a wide range of services to their customers with varying levels of security strengths. Due to the vast diversity in the available cloud services, from the customer’s perspective, it has become difficult to decide which CSP they should use and what should be the selection criteria. Presently, there is no framework that can allow CSUs to evaluate CSPs based on their ability to meet the customer’s security requirements. We propose a framework and a mechanism that evaluate the security strength of CSPs based on the customer’s security preferences. We have shown the applicability of our security evaluation framework using a case study.
AB - Cloud computing is clearly one of today’s most enticing technologies due to its scalable, flexible, and cost-efficient access to infrastructure and application services. Despite these benefits, cloud service users (CSUs) have serious concerns about the data security and privacy. Currently, there are several cloud service providers (CSPs) offering a wide range of services to their customers with varying levels of security strengths. Due to the vast diversity in the available cloud services, from the customer’s perspective, it has become difficult to decide which CSP they should use and what should be the selection criteria. Presently, there is no framework that can allow CSUs to evaluate CSPs based on their ability to meet the customer’s security requirements. We propose a framework and a mechanism that evaluate the security strength of CSPs based on the customer’s security preferences. We have shown the applicability of our security evaluation framework using a case study.
UR - http://www.scopus.com/inward/record.url?scp=85018459016&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=85018459016&partnerID=8YFLogxK
U2 - 10.1007/s11227-017-2055-1
DO - 10.1007/s11227-017-2055-1
M3 - Article
AN - SCOPUS:85018459016
SN - 0920-8542
VL - 74
SP - 5774
EP - 5796
JO - Journal of Supercomputing
JF - Journal of Supercomputing
IS - 11
ER -