Building a Security Aware Cloud by Extending Internal Control to Cloud

Building a Security Aware Cloud by Extending Internal Control to Cloud

Faced with today's innovative blow-up of cloud technologies, we are forced to rebuild services in terms of cloud. In the rebuilding, considering a facet of cloud as social infrastructure, security is a critical problem. Most of insecurity against clouds can be summarized as insecurity of manage...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Hauptverfasser: Hiroyuki, S, Atsushi, K, Shigeaki, T
Format: Tagungsbericht
Sprache:eng ; jpn
Schlagworte:
cloud
Cloud computing
Contracts
IAM
Information security
internal control
key management
Organizations
security
Standards organizations
trust model
Online-Zugang:Volltext bestellen
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
Beschreibung
Zusammenfassung:Faced with today's innovative blow-up of cloud technologies, we are forced to rebuild services in terms of cloud. In the rebuilding, considering a facet of cloud as social infrastructure, security is a critical problem. Most of insecurity against clouds can be summarized as insecurity of management, which is classified into the multiple stakeholder problem, and the open space security problem. As a solution to these problems, we extend ISMS internal control to cloud by implementing trust base of security on IAM and key management. Because ISMS internal control is a source of trust, its extension to cloud can be an essential solution of security. Moreover, by controlling levels of quality of service and security by contract, we can optimize cost on service and security delegated to a cloud.
ISSN:1541-0056
2640-7485
DOI:10.1109/ISADS.2011.48