A security evaluation framework for cloud security auditing |
| |
Authors: | Syed Rizvi Jungwoo Ryoo John Kissell William Aiken Yuhong Liu |
| |
Affiliation: | 1.Department of Information Sciences and Technology,Pennsylvania State University,Altoona,USA;2.Department of Computer Engineering,Santa Clara University,Santa Clara,USA |
| |
Abstract: | Cloud computing is clearly one of today’s most enticing technologies due to its scalable, flexible, and cost-efficient access to infrastructure and application services. Despite these benefits, cloud service users (CSUs) have serious concerns about the data security and privacy. Currently, there are several cloud service providers (CSPs) offering a wide range of services to their customers with varying levels of security strengths. Due to the vast diversity in the available cloud services, from the customer’s perspective, it has become difficult to decide which CSP they should use and what should be the selection criteria. Presently, there is no framework that can allow CSUs to evaluate CSPs based on their ability to meet the customer’s security requirements. We propose a framework and a mechanism that evaluate the security strength of CSPs based on the customer’s security preferences. We have shown the applicability of our security evaluation framework using a case study. |
| |
Keywords: | |
本文献已被 SpringerLink 等数据库收录! |
|