Home > Research > Publications & Outputs > A Framework for Ranking Cloud Security Services

Links

Text available via DOI:

View graph of relations

A Framework for Ranking Cloud Security Services

Research output: Contribution in Book/Report/Proceedings - With ISBN/ISSNConference contribution/Paperpeer-review

Published

Standard

A Framework for Ranking Cloud Security Services. / Taha, A.; Trapero, R.; Luna, J. et al.
2017 IEEE International Conference on Services Computing (SCC). IEEE, 2017. p. 322-329.

Research output: Contribution in Book/Report/Proceedings - With ISBN/ISSNConference contribution/Paperpeer-review

Harvard

Taha, A, Trapero, R, Luna, J, Suri, N, X., L (ed.) & U., B (ed.) 2017, A Framework for Ranking Cloud Security Services. in 2017 IEEE International Conference on Services Computing (SCC). IEEE, pp. 322-329. https://doi.org/10.1109/SCC.2017.48

APA

Taha, A., Trapero, R., Luna, J., Suri, N., X., L. (Ed.), & U., B. (Ed.) (2017). A Framework for Ranking Cloud Security Services. In 2017 IEEE International Conference on Services Computing (SCC) (pp. 322-329). IEEE. https://doi.org/10.1109/SCC.2017.48

Vancouver

Taha A, Trapero R, Luna J, Suri N, X. L, (ed.), U. B, (ed.). A Framework for Ranking Cloud Security Services. In 2017 IEEE International Conference on Services Computing (SCC). IEEE. 2017. p. 322-329 doi: 10.1109/SCC.2017.48

Author

Taha, A. ; Trapero, R. ; Luna, J. et al. / A Framework for Ranking Cloud Security Services. 2017 IEEE International Conference on Services Computing (SCC). IEEE, 2017. pp. 322-329

Bibtex

@inproceedings{f5cce56002dd45d187e79f84443b120a,
title = "A Framework for Ranking Cloud Security Services",
abstract = "Although the use of Cloud services is proliferating, the notion of Cloud security remains ambiguous. This typically arises from two causes, namely (a) the limited awareness about security details by the average Cloud customer which results in the customers being unable to clearly express their security requirements, or (b) the lack of interfaces/tools that can meaningfully capture the customer requirements. In general, the Cloud customers are only able to provide qualitative requirements due to their inability to express precise security requirements. Nevertheless, Cloud customers still need to assess and benchmark various security services provided by different providers in order to select the most suitable Cloud provider that can satisfy their 'imprecise and uncertain' security requirements. This paper proposes a methodology for enhancing the security aspects of Cloud services by quantitatively comparing the customer security requirements with the security offered by Cloud providers. The novelty of our approach is based on the usage of a fuzzy logic schema to manage the uncertainty of those qualitative requirements. We validate our framework by applying it to real-world data that leverages the standardized Cloud service level agreements structure proposed in the ISO/IEC 19086 standard. {\textcopyright} 2017 IEEE.",
keywords = "Cloud security, Security quantification, Security service level agreements, Computation theory, Cryptography, Distributed database systems, Fuzzy logic, Sales, Web services, Cloud providers, Cloud securities, Cloud services, Customer requirements, Security aspects, Security requirements, Security services, Customer satisfaction",
author = "A. Taha and R. Trapero and J. Luna and Neeraj Suri and Liu X. and Bellur U.",
year = "2017",
month = jun,
day = "25",
doi = "10.1109/SCC.2017.48",
language = "English",
isbn = "9781538620069",
pages = "322--329",
booktitle = "2017 IEEE International Conference on Services Computing (SCC)",
publisher = "IEEE",

}

RIS

TY - GEN

T1 - A Framework for Ranking Cloud Security Services

AU - Taha, A.

AU - Trapero, R.

AU - Luna, J.

AU - Suri, Neeraj

A2 - X., Liu

A2 - U., Bellur

PY - 2017/6/25

Y1 - 2017/6/25

N2 - Although the use of Cloud services is proliferating, the notion of Cloud security remains ambiguous. This typically arises from two causes, namely (a) the limited awareness about security details by the average Cloud customer which results in the customers being unable to clearly express their security requirements, or (b) the lack of interfaces/tools that can meaningfully capture the customer requirements. In general, the Cloud customers are only able to provide qualitative requirements due to their inability to express precise security requirements. Nevertheless, Cloud customers still need to assess and benchmark various security services provided by different providers in order to select the most suitable Cloud provider that can satisfy their 'imprecise and uncertain' security requirements. This paper proposes a methodology for enhancing the security aspects of Cloud services by quantitatively comparing the customer security requirements with the security offered by Cloud providers. The novelty of our approach is based on the usage of a fuzzy logic schema to manage the uncertainty of those qualitative requirements. We validate our framework by applying it to real-world data that leverages the standardized Cloud service level agreements structure proposed in the ISO/IEC 19086 standard. © 2017 IEEE.

AB - Although the use of Cloud services is proliferating, the notion of Cloud security remains ambiguous. This typically arises from two causes, namely (a) the limited awareness about security details by the average Cloud customer which results in the customers being unable to clearly express their security requirements, or (b) the lack of interfaces/tools that can meaningfully capture the customer requirements. In general, the Cloud customers are only able to provide qualitative requirements due to their inability to express precise security requirements. Nevertheless, Cloud customers still need to assess and benchmark various security services provided by different providers in order to select the most suitable Cloud provider that can satisfy their 'imprecise and uncertain' security requirements. This paper proposes a methodology for enhancing the security aspects of Cloud services by quantitatively comparing the customer security requirements with the security offered by Cloud providers. The novelty of our approach is based on the usage of a fuzzy logic schema to manage the uncertainty of those qualitative requirements. We validate our framework by applying it to real-world data that leverages the standardized Cloud service level agreements structure proposed in the ISO/IEC 19086 standard. © 2017 IEEE.

KW - Cloud security

KW - Security quantification

KW - Security service level agreements

KW - Computation theory

KW - Cryptography

KW - Distributed database systems

KW - Fuzzy logic

KW - Sales

KW - Web services

KW - Cloud providers

KW - Cloud securities

KW - Cloud services

KW - Customer requirements

KW - Security aspects

KW - Security requirements

KW - Security services

KW - Customer satisfaction

U2 - 10.1109/SCC.2017.48

DO - 10.1109/SCC.2017.48

M3 - Conference contribution/Paper

SN - 9781538620069

SP - 322

EP - 329

BT - 2017 IEEE International Conference on Services Computing (SCC)

PB - IEEE

ER -