Title :
Information Security Risk Management Framework for the Cloud Computing Environments
Author :
Zhang, Xuan ; Wuwong, Nattapong ; Li, Hao ; Zhang, Xuejie
Author_Institution :
Sch. of Software, Yunnan Univ., Kunming, China
fDate :
June 29 2010-July 1 2010
Abstract :
The security risks associated with each cloud delivery model vary and are dependent on a wide range of factors including the sensitivity of information assets, cloud architectures and security controls involved in a particular cloud environment. Over time, organizations tend to relax their security posture. To combat a relaxation of security, the cloud provider should perform regular security assessments. Risk management framework is one of security assessment tool to reduction of threats and vulnerabilities and mitigates security risks. The goal of this paper is to present information risk management framework for better understanding critical areas of focus in cloud computing environment, to identifying a threat and identifying vulnerability. This framework is covering all of cloud service models and cloud deployment models. Cloud provider can be applied this framework to organizations to do risk mitigation.
Keywords :
Internet; computer network security; risk analysis; cloud architectures; cloud computing environments; cloud delivery model; cloud deployment models; cloud provider; cloud service models; information assets; information security risk management; risk mitigation; security assessment tool; security controls; security risks; Book reviews; Cloud computing; Clouds; Monitoring; Risk management; Security; cloud computing; risk management framwork;
Conference_Titel :
Computer and Information Technology (CIT), 2010 IEEE 10th International Conference on
Conference_Location :
Bradford
Print_ISBN :
978-1-4244-7547-6
DOI :
10.1109/CIT.2010.501
