Home > Research > Publications & Outputs > Leveraging the Potential of Cloud Security Serv...

Associated organisational unit

Links

Text available via DOI:

View graph of relations

Leveraging the Potential of Cloud Security Service-Level Agreements through Standards

Research output: Contribution to journalJournal article

Published
Close
<mark>Journal publication date</mark>1/05/2015
<mark>Journal</mark>IEEE Cloud Computing
Issue number3
Volume2
Number of pages9
Pages (from-to)32-40
Publication statusPublished
Original languageEnglish

Abstract

Despite the undisputed advantages of cloud computing, customers-in particular, small and medium enterprises (SMEs)-still need meaningful understanding of the security and risk-management changes that the cloud entails so they can assess whether this new computing paradigm meets their security requirements. This article presents a fresh view on this problem by surveying and analyzing, from the standardization and risk assessment perspective, the specification of security in cloud service-level agreements (secSLA) as a promising approach to empower customers in assessing and understanding cloud security. Apart from analyzing the proposed risk-based approach and surveying the relevant landscape, this article presents a real-world scenario to support the creation and adoption of secSLAs as enablers for negotiating, assessing, and monitoring the achieved security levels in cloud services.