Control Framework for Secure Cloud Computing

作     者：Harshit Srivastava Sathish Alampalayam Kumar 

作者机构：Information Technology Maharaja Agrasen Institute of Technology New Delhi India Computer Science and Information Systems Coastal Carolina University Conway USA 

出 版 物：《Journal of Information Security》 (信息安全（英文）)

年 卷 期：2015年第6卷第1期

页      面：12-23页

学科分类：08[工学] 0812[工学-计算机科学与技术（可授工学、理学学位）] 

主　　题：Cloud Computing Security Privacy Organization Control Governance Framework Cloud Provider 

摘      要：Cloud computing is touted as the next big thing in the Information Technology (IT) industry, which is going to impact the businesses of any size and yet the security issue continues to pose a big threat on it. The security and privacy issues persisting in cloud computing have proved to be an obstacle for its widespread adoption. In this paper, we look at these issues from a business perspective and how they are damaging the reputation of big companies. There is a literature review on the existing issues in cloud computing and how they are being tackled by the Cloud Service Providers (CSP). We propose a governing body framework which aims at solving these issues by establishing relationship amongst the CSPs in which the data about possible threats can be generated based on the previous attacks on other CSPs. The Governing Body will be responsible for Data Center control, Policy control, legal control, user awareness, performance evaluation, solution architecture and providing motivation for the entities involved.