A Data Security Framework for Cloud Computing Services

作     者：Luis-Eduardo Bautista-Villalpando Alain Abran 

作者机构：Department of Electronic SystemsAutonomous University of AguascalientesAguascalientes20131Mexico Department of Software Engineering and Information TechnologyETSUniversity of QuebecMontrealH3C 1K3Canada 

出 版 物：《Computer Systems Science & Engineering》 (计算机系统科学与工程（英文）)

年 卷 期：2021年第37卷第5期

页      面：203-218页

核心收录：

学科分类：08[工学] 0837[工学-安全科学与工程] 0835[工学-软件工程] 0701[理学-数学] 0812[工学-计算机科学与技术（可授工学、理学学位）] 

主　　题：Cloud computing services computer security data security data security requirements data risk data security measurement 

摘      要：Cyberattacks are difficult to prevent because the targeted companies and organizations are often relying on new and fundamentally insecure cloudbased technologies,such as the Internet of Things.With increasing industry adoption and migration of traditional computing services to the cloud,one of the main challenges in cybersecurity is to provide mechanisms to secure these technologies.This work proposes a Data Security Framework for cloud computing services(CCS)that evaluates and improves CCS data security from a software engineering perspective by evaluating the levels of security within the cloud computing paradigm using engineering methods and techniques applied to CCS.This framework is developed by means of a methodology based on a heuristic theory that incorporates knowledge generated by existing works as well as the experience of their implementation.The paper presents the design details of the framework,which consists of three stages:identification of data security requirements,management of data security risks and evaluation of data security performance in CCS.