A security evaluation framework for cloud security auditing

Syed Rizvi, Jungwoo Ryoo, John Kissell, William Aiken, Yuhong Liu

Research output: Contribution to journalArticlepeer-review

19 Scopus citations


Cloud computing is clearly one of today’s most enticing technologies due to its scalable, flexible, and cost-efficient access to infrastructure and application services. Despite these benefits, cloud service users (CSUs) have serious concerns about the data security and privacy. Currently, there are several cloud service providers (CSPs) offering a wide range of services to their customers with varying levels of security strengths. Due to the vast diversity in the available cloud services, from the customer’s perspective, it has become difficult to decide which CSP they should use and what should be the selection criteria. Presently, there is no framework that can allow CSUs to evaluate CSPs based on their ability to meet the customer’s security requirements. We propose a framework and a mechanism that evaluate the security strength of CSPs based on the customer’s security preferences. We have shown the applicability of our security evaluation framework using a case study.

Original languageEnglish (US)
Pages (from-to)5774-5796
Number of pages23
JournalJournal of Supercomputing
Issue number11
StatePublished - Nov 1 2018

All Science Journal Classification (ASJC) codes

  • Software
  • Theoretical Computer Science
  • Information Systems
  • Hardware and Architecture


Dive into the research topics of 'A security evaluation framework for cloud security auditing'. Together they form a unique fingerprint.

Cite this