• DocumentCode
    187409
  • Title

    Risk Management for Outsourcing to the Cloud: Security Risks and Safeguards as Selection Criteria for Extern Cloud Services

  • Author

    Viehmann, Johannes

  • Author_Institution
    Syst. Quality Center SQC, Fraunhofer Inst. for Open Commun. Syst. FOKUS, Berlin, Germany
  • fYear
    2014
  • fDate
    3-6 Nov. 2014
  • Firstpage
    293
  • Lastpage
    295
  • Abstract
    This short paper describes our ongoing research about security risk management for IT projects which might eventually take benefit from outsourcing to external Cloud services. Choosing appropriate, secure enough Cloud services from multiple offers might be difficult. Hence, we develop the Cloud Security Guide CSG to assist. It contains a specialized methodology for Cloud risk assessment supporting particularly the extraction of security relevant information from user contracts or terms and conditions of public Cloud services. Discovering that many providers fail to communicate their safeguards, we also decided to develop a provider´s guide for risk management and for the communication of risk treatments.
  • Keywords
    cloud computing; security of data; cloud risk assessment; cloud security guide; external Cloud services; outsourcing; risk management; security risk; Cloud computing; Contracts; Law; Outsourcing; Risk management; Security; Cloud; Outsourcing; Risk Assessment; Risk Management; Security;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Software Reliability Engineering Workshops (ISSREW), 2014 IEEE International Symposium on
  • Conference_Location
    Naples
  • Type

    conf

  • DOI
    10.1109/ISSREW.2014.80
  • Filename
    6983855
    • Link To Document
    https://search.isc.ac/dl/search/defaultta.aspx?DTC=49&DC=187409