loading
Papers

Research.Publish.Connect.

Paper

Paper Unlock

Authors: Jesus Luna Garcia ; Hamza Ghani ; Tsvetoslava Vateva and Neeraj Suri

Affiliation: Technische Universität Darmstadt, Germany

ISBN: 978-989-8565-24-2

Keyword(s): Cloud security, security assessment, security benchmarks, Security Level Agreements, security metrics

Related Ontology Subjects/Areas/Topics: Data and Application Security and Privacy ; Formal Methods for Security ; Information and Systems Security ; Information Assurance ; Information Systems Auditing ; Management of Computing Security ; Risk Assessment ; Secure Cloud Computing ; Security in Distributed Systems ; Security in Information Systems ; Security Metrics and Measurement

Abstract: The users of Cloud Service Providers (CSP) often motivate their choice of providers based on criteria such as the offered service level agreements (SLA) and costs, and also recently based on security aspects (i.e., due to regulatory compliance). Unfortunately, it is quite uncommon for a CSP to specify the security levels associated with their services, hence impeding users from making security relevant informed decisions. Consequently, while the many economic and technological advantages of Cloud computing are apparent, the migration of key sector applications has been limited, in part, due to the lack of security assurance on the CSP. In order to achieve this assurance and create trustworthy Cloud ecosystems, it is desirable to develop metrics and techniques to compare, aggregate, negotiate and predict the trade-offs (features, problems and the economics) of security. This paper contributes with a quantitative security assessment case study using the CSP information found on the Clou d Security Alliance’s Security, Trust & Assurance Registry (CSA STAR). Our security assessment rests on the notion of Cloud Security Level Agreements — SecLA — and, a novel set of security metrics used to quantitatively compare SecLAs. (More)

PDF ImageFull Text

Download
CC BY-NC-ND 4.0

Sign In Guest: Register as new SciTePress user now for free.

Sign In SciTePress user: please login.

PDF ImageMy Papers

You are not signed in, therefore limits apply to your IP address 18.205.176.85

In the current month:
Recent papers: 100 available of 100 total
2+ years older papers: 200 available of 200 total

Paper citation in several formats:
Luna Garcia, J.; Ghani, H.; Vateva, T. and Suri, N. (2012). Quantitative Assessment of Cloud Security Level Agreements - A Case Study.In Proceedings of the International Conference on Security and Cryptography - Volume 1: SECRYPT, (ICETE 2012) ISBN 978-989-8565-24-2, pages 64-73. DOI: 10.5220/0004019900640073

@conference{secrypt12,
author={Jesus Luna Garcia. and Hamza Ghani. and Tsvetoslava Vateva. and Neeraj Suri.},
title={Quantitative Assessment of Cloud Security Level Agreements - A Case Study},
booktitle={Proceedings of the International Conference on Security and Cryptography - Volume 1: SECRYPT, (ICETE 2012)},
year={2012},
pages={64-73},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0004019900640073},
isbn={978-989-8565-24-2},
}

TY - CONF

JO - Proceedings of the International Conference on Security and Cryptography - Volume 1: SECRYPT, (ICETE 2012)
TI - Quantitative Assessment of Cloud Security Level Agreements - A Case Study
SN - 978-989-8565-24-2
AU - Luna Garcia, J.
AU - Ghani, H.
AU - Vateva, T.
AU - Suri, N.
PY - 2012
SP - 64
EP - 73
DO - 10.5220/0004019900640073

Login or register to post comments.

Comments on this Paper: Be the first to review this paper.