A risk management framework for cloud computing

Author

Feng Xie ; Yong Peng ; Wei Zhao ; Dongqing Chen ; Xiaoran Wang ; Xingmei Huo

Author_Institution

China Inf. Technol. Security Evaluation Center, Beijing, China

fYear

2012

fDate

Oct. 30 2012-Nov. 1 2012

Firstpage

476

Lastpage

480

Abstract

Although cloud computing has the advantages of cost-saving, efficiency and scalability, it also brings about many security issues. Because almost all software, hardware, and application data are deployed and stored in the cloud platforms, there is often the distrust between users and cloud suppliers. To resolve the problem, this paper proposes a risk management framework on the basis of the previous work. The framework consists of five components: user requirement self-assessment, cloud service providers desktop assessment, risk assessment, third-party agencies review, and continuous monitoring. By means of the framework, the cloud service suppliers can better understand the user´s requirements, and the trust between the users and the suppliers is more easily acquired.

Keywords

cloud computing; risk analysis; security of data; cloud computing; cloud service providers desktop assessment; cloud service suppliers; continuous monitoring; cost-saving; risk assessment; risk management framework; security issues; third-party agencies review; user requirement self-assessment; user requirements; Authorization; Cloud computing; Computational modeling; Monitoring; Risk management; Cloud computing security; Risk management framework; Security assessment; Trust;

fLanguage

English

Publisher

ieee

Conference_Titel

Cloud Computing and Intelligent Systems (CCIS), 2012 IEEE 2nd International Conference on

Conference_Location

Hangzhou

Print_ISBN

978-1-4673-1855-6

Type

conf

DOI

10.1109/CCIS.2012.6664451

Filename

6664451