Home > Research > Publications & Outputs > Leveraging the Potential of Cloud Security Serv...

Research

Associated organisational units

Links

Text available via DOI:

Keywords

View graph of relations

Leveraging the Potential of Cloud Security Service-Level Agreements through Standards

Research output: Contribution to Journal/MagazineJournal articlepeer-review

Published

Standard

Leveraging the Potential of Cloud Security Service-Level Agreements through Standards. / Luna, J.; Suri, Neeraj; Iorga, M. et al.
In: IEEE Cloud Computing, Vol. 2, No. 3, 01.05.2015, p. 32-40.

Research output: Contribution to Journal/MagazineJournal articlepeer-review

Harvard

Luna, J, Suri, N, Iorga, M & Karmel, A 2015, 'Leveraging the Potential of Cloud Security Service-Level Agreements through Standards', IEEE Cloud Computing, vol. 2, no. 3, pp. 32-40. https://doi.org/10.1109/MCC.2015.52

APA

Luna, J., Suri, N., Iorga, M., & Karmel, A. (2015). Leveraging the Potential of Cloud Security Service-Level Agreements through Standards. IEEE Cloud Computing, 2(3), 32-40. https://doi.org/10.1109/MCC.2015.52

Vancouver

Luna J, Suri N, Iorga M, Karmel A. Leveraging the Potential of Cloud Security Service-Level Agreements through Standards. IEEE Cloud Computing. 2015 May 1;2(3):32-40. doi: 10.1109/MCC.2015.52

Author

Luna, J. ; Suri, Neeraj ; Iorga, M. et al. / Leveraging the Potential of Cloud Security Service-Level Agreements through Standards. In: IEEE Cloud Computing. 2015 ; Vol. 2, No. 3. pp. 32-40.

Bibtex

@article{9a6fc7f1b75a4b969d5d8163757048b0,
title = "Leveraging the Potential of Cloud Security Service-Level Agreements through Standards",
abstract = "Despite the undisputed advantages of cloud computing, customers-in particular, small and medium enterprises (SMEs)-still need meaningful understanding of the security and risk-management changes that the cloud entails so they can assess whether this new computing paradigm meets their security requirements. This article presents a fresh view on this problem by surveying and analyzing, from the standardization and risk assessment perspective, the specification of security in cloud service-level agreements (secSLA) as a promising approach to empower customers in assessing and understanding cloud security. Apart from analyzing the proposed risk-based approach and surveying the relevant landscape, this article presents a real-world scenario to support the creation and adoption of secSLAs as enablers for negotiating, assessing, and monitoring the achieved security levels in cloud services. ",
keywords = "cloud, metrics, risk management, security assessment, SLA, standards, Clouds, Distributed database systems, Outsourcing, Risk management, Risk perception, Standards, Surveying, Surveys, Computing paradigm, Real-world scenario, Risk based approaches, Security assessment, Security requirements, Small and medium enterprise, Risk assessment",
author = "J. Luna and Neeraj Suri and M. Iorga and A. Karmel",
year = "2015",
month = may,
day = "1",
doi = "10.1109/MCC.2015.52",
language = "English",
volume = "2",
pages = "32--40",
journal = "IEEE Cloud Computing",
issn = "2325-6095",
publisher = "IEEE",
number = "3",

}

RIS

TY - JOUR

T1 - Leveraging the Potential of Cloud Security Service-Level Agreements through Standards

AU - Luna, J.

AU - Suri, Neeraj

AU - Iorga, M.

AU - Karmel, A.

PY - 2015/5/1

Y1 - 2015/5/1

N2 - Despite the undisputed advantages of cloud computing, customers-in particular, small and medium enterprises (SMEs)-still need meaningful understanding of the security and risk-management changes that the cloud entails so they can assess whether this new computing paradigm meets their security requirements. This article presents a fresh view on this problem by surveying and analyzing, from the standardization and risk assessment perspective, the specification of security in cloud service-level agreements (secSLA) as a promising approach to empower customers in assessing and understanding cloud security. Apart from analyzing the proposed risk-based approach and surveying the relevant landscape, this article presents a real-world scenario to support the creation and adoption of secSLAs as enablers for negotiating, assessing, and monitoring the achieved security levels in cloud services.

AB - Despite the undisputed advantages of cloud computing, customers-in particular, small and medium enterprises (SMEs)-still need meaningful understanding of the security and risk-management changes that the cloud entails so they can assess whether this new computing paradigm meets their security requirements. This article presents a fresh view on this problem by surveying and analyzing, from the standardization and risk assessment perspective, the specification of security in cloud service-level agreements (secSLA) as a promising approach to empower customers in assessing and understanding cloud security. Apart from analyzing the proposed risk-based approach and surveying the relevant landscape, this article presents a real-world scenario to support the creation and adoption of secSLAs as enablers for negotiating, assessing, and monitoring the achieved security levels in cloud services.

KW - cloud

KW - metrics

KW - risk management

KW - security assessment

KW - SLA

KW - standards

KW - Clouds

KW - Distributed database systems

KW - Outsourcing

KW - Risk management

KW - Risk perception

KW - Standards

KW - Surveying

KW - Surveys

KW - Computing paradigm

KW - Real-world scenario

KW - Risk based approaches

KW - Security assessment

KW - Security requirements

KW - Small and medium enterprise

KW - Risk assessment

U2 - 10.1109/MCC.2015.52

DO - 10.1109/MCC.2015.52

M3 - Journal article

VL - 2

SP - 32

EP - 40

JO - IEEE Cloud Computing

JF - IEEE Cloud Computing

SN - 2325-6095

IS - 3

ER -