Title :
Cloud security metrics
Author_Institution :
Sch. of Syst. & Enterprises, Stevens Inst. of Technol., Hoboken, NJ, USA
Abstract :
Cloud security had not yet distinguished itself as a field separate from information assurance. Its security metrics are currently synonymous with what a security professional would refer to as a third-party or vendor security audit. Where cloud services are viewed in a systems-of-systems context, any comprehensive security validation approach should rely on the ability of a cloud service to meet customer security requirements; that is, to provide the basis by which customers may assess the efficacy of their own security controls which may be dependent on those in the cloud. This requires a systems-level approach to security validation that is extensible to systems-of-systems environments. This paper describes such an approach.
Keywords :
cloud computing; customer services; security of data; systems engineering; cloud security metrics; customer security requirement; information assurance; security validation; system level approach; systems of system context; third-party security audit; vendor security audit; Computer architecture; ISO standards; Measurement; Security; Systems engineering and theory; Telecommunications; cloud computing; computer security; metrics; security; systems engineering; validation; verification;
Conference_Titel :
System of Systems Engineering (SoSE), 2011 6th International Conference on
Conference_Location :
Albuquerque, NM
Print_ISBN :
978-1-61284-783-2
DOI :
10.1109/SYSOSE.2011.5966621
