Title :
Classifying cloud provider security conformance to cloud controls matrix
Author :
Pumvarapruek, Nuttapong ; Senivongse, T.
Author_Institution :
Dept. of Comput. Eng., Chulalongkorn Univ., Bangkok, Thailand
Abstract :
Security of cloud services is a major concern to cloud consumers when selecting cloud providers. Sufficient security information should be provided so that consumer trust in cloud services can be built, but in practice, security information is critical and may not be publicized. During the service selection process, cloud consumers therefore have to study published information on the cloud providers´ Web sites or the cloud providers registry in order to assess how secure the services are. To assist cloud consumers in service selection, this paper presents an initial attempt to apply text classification to classify published information on the providers´ Web pages to determine which security best practices and guidelines the providers have followed in providing their services. We take the security best practices and guidelines from the Cloud Controls Matrix (CCM) and the accompanying Consensus Assessments Initiative Questionnaire (CAIQ), and compile a set of security concepts before using it as a basis for classifying the providers´ Web pages. The classification result roughly signifies the security conformance level of the providers. We demonstrate this method and present an evaluation using the case of five public cloud providers.
Keywords :
Web sites; cloud computing; security of data; trusted computing; CAIQ; CCM; Web pages; Web sites; cloud consumers; cloud controls matrix; cloud provider security conformance; cloud providers registry; cloud services; consensus assessments initiative questionnaire; consumer trust; security conformance level; security information; service selection process; text classification; assessment; cloud computing; security; service selection; text classification;
Conference_Titel :
Computer Science and Software Engineering (JCSSE), 2014 11th International Joint Conference on
Conference_Location :
Chon Buri
Print_ISBN :
978-1-4799-5821-4
DOI :
10.1109/JCSSE.2014.6841879