Title :
Risk Management for Outsourcing to the Cloud: Security Risks and Safeguards as Selection Criteria for Extern Cloud Services
Author :
Viehmann, Johannes
Author_Institution :
Syst. Quality Center SQC, Fraunhofer Inst. for Open Commun. Syst. FOKUS, Berlin, Germany
Abstract :
This short paper describes our ongoing research about security risk management for IT projects which might eventually take benefit from outsourcing to external Cloud services. Choosing appropriate, secure enough Cloud services from multiple offers might be difficult. Hence, we develop the Cloud Security Guide CSG to assist. It contains a specialized methodology for Cloud risk assessment supporting particularly the extraction of security relevant information from user contracts or terms and conditions of public Cloud services. Discovering that many providers fail to communicate their safeguards, we also decided to develop a provider´s guide for risk management and for the communication of risk treatments.
Keywords :
cloud computing; security of data; cloud risk assessment; cloud security guide; external Cloud services; outsourcing; risk management; security risk; Cloud computing; Contracts; Law; Outsourcing; Risk management; Security; Cloud; Outsourcing; Risk Assessment; Risk Management; Security;
Conference_Titel :
Software Reliability Engineering Workshops (ISSREW), 2014 IEEE International Symposium on
Conference_Location :
Naples
DOI :
10.1109/ISSREW.2014.80
