Cloud computing offers benefits in terms of availability and cost, but it transfers the responsibility of information security management to the cloud service provider. Thus, the consumer looses control over the security of their information and services. This factor has prevented the migration to cloud computing in many businesses. This paper proposes a model where the cloud consumer can perform risk analysis on providers before and after contracting the service. The proposed model establishes the responsibilities of three actors: Consumer, Provider and Security Labs. The inclusion of the Security Labs provides more credibility to risk analysis making the results more consistent for the consumer.

An Architecture for Risk Analysis in Cloud

Dos Santos, Daniel Ricardo
2014

Abstract

Cloud computing offers benefits in terms of availability and cost, but it transfers the responsibility of information security management to the cloud service provider. Thus, the consumer looses control over the security of their information and services. This factor has prevented the migration to cloud computing in many businesses. This paper proposes a model where the cloud consumer can perform risk analysis on providers before and after contracting the service. The proposed model establishes the responsibilities of three actors: Consumer, Provider and Security Labs. The inclusion of the Security Labs provides more credibility to risk analysis making the results more consistent for the consumer.
File in questo prodotto:
Non ci sono file associati a questo prodotto.

I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.

Utilizza questo identificativo per citare o creare un link a questo documento: https://hdl.handle.net/11582/250445
 Attenzione

Attenzione! I dati visualizzati non sono stati sottoposti a validazione da parte dell'ateneo

Citazioni
  • ???jsp.display-item.citation.pmc??? ND
social impact