Addressing Data Security in the Cloud
Commenced in January 2007
Frequency: Monthly
Edition: International
Paper Count: 33117
Addressing Data Security in the Cloud

Authors: Marinela Mircea

Abstract:

The development of information and communication technology, the increased use of the internet, as well as the effects of the recession within the last years, have lead to the increased use of cloud computing based solutions, also called on-demand solutions. These solutions offer a large number of benefits to organizations as well as challenges and risks, mainly determined by data visualization in different geographic locations on the internet. As far as the specific risks of cloud environment are concerned, data security is still considered a peak barrier in adopting cloud computing. The present study offers an approach upon ensuring the security of cloud data, oriented towards the whole data life cycle. The final part of the study focuses on the assessment of data security in the cloud, this representing the bases in determining the potential losses and the premise for subsequent improvements and continuous learning.

Keywords: cloud computing, data life cycle, data security, security assessment.

Digital Object Identifier (DOI): doi.org/10.5281/zenodo.1081379

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 2162

References:


[1] M. Mircea, B. Ghilic-Micu, and M. Stoica, "Combining Business Intelligence with Cloud Computing to Delivery Agility in Actual Economy," Journal of Economic Computation and Economic Cybernetics Studies, vol. 45 (1), pp. 39-54, 2011.
[2] I-Newswire, "BI Trends 2012 From Hype to Breakthrough", http://www.onenewspage.com/n/Press+Releases/74mxa6hsy/BI-Trends- 2012-From-Hype-to-Breakthrough.htm
[3] D. Teneyuca, "Internet cloud security: The illusion of inclusion," Information security tehnical report, pp. 1-6, Sept. 2011.
[4] D. Catteddu, and G. Hogben, "Cloud computing: benefits, risks and recommendations for information security," European Network and Information Security Agency, 2009.
[5] S. Subashini, and V. Kavitha, "A survey on security issues in service delivery models of cloud computing," Journal of Network and Computer Applications, vol. 34, pp.1-11, July 2011.
[6] P. Goldstein, "Alternative IT sourcing strategies: From the campus to the cloud," EDUCAUSE Center for Applied Research, 2009.
[7] Jitterbit Inc., "Five Integration Tips to Cloud Computing Success," pp. 1-3, 2009.
[8] S. Kanhere, and V. Kanhere, "IS Audit and Security Professionals: An Emerging Role in a Changing World Order," ISACA Journal, vol. 5, pp. 50-53, 2009.
[9] B. Ghilic-Micu, M. Mircea, and M. Stoica, "The Audit of Business Intelligence Solutions," Informatica Economica, vol. 14 (1), pp. 66-77, 2010.
[10] P. Wilson, "Positive perspectives on cloud security," Information security tehnical report, pp. 1-5, Sept. 2011.
[11] D. Zissis, and D. Lekkas, "Addressing cloud computing security issues," Future Generation Computer Systems, vol. 28, pp. 583-592, March 2012.
[12] M. Mircea, and A.I. Andreescu, "Using Cloud Computing in Higher Education: A Strategy to Improve Agility in the Current Financial Crisis," Communications of the IBIMA, pp.1-14, 2011.
[13] Cloud Security Alliance, "Security Guidance for Critical Areas of Focus in Cloud Computing V2.1," 2009. https://cloudsecurityalliance.org/csaguide.pdf
[14] J. Rich, "Cloud Data Security: Store (Rough Cut)," 2009. https://securosis.com
[15] A. Acquisti, S.W. Smith, and A. Sadeghi A, "Trust and Trustworthy Computing" In: Third International Conference, TRUST 2010 Berlin, Germany. New York: Springer Heidelberg, 2010.
[16] H. Bidgoli, "Security Issues and Measures: Protecting Electronic Commerce Resources," Electronic Commerce, pp. 363-398, 2002.
[17] S. Jordan, and A. Bruno, "CCDA 640-864 Official Cert Guide, 4th Edition," Indianapolis: Cisco Press. 2011.
[18] Cloud Security Alliance, "CSA Guide V2" http://cloudsecurityalliance.org/
[19] European Network and Information Security Agency, "Cloud Computing Information Assurance Framework".
[20] Business assurance for the 21st century. Common Assurance. 2011 http://commonassurance. com/resources/Business_Assurance_for_the_21st_Centuryfinal. pdf.
[21] B. Kaliski, and W. Pauley, "Toward Risk Assessment as a Service in Cloud Environments," pp. 1-7, 2012. http://www.usenix.org/event/hotcloud10/tech/full_papers/Kaliski.pdf
[22] Cloud Audit, "The Automated Audit, Assertion, Assessment, and Assurance API". http://www.cloudaudit.org/
[23] Open Cloud Computing Interface. OCCI Working Group. http://www.occiwg.org/doku.php
[24] T. Mellor, "Maintaining Security Governance in the Cloud - The Role of the Security Specialist" http://ezinearticles.com/?Maintaining-Security- Governance-in-the-Cloud---The-Role-of-the-Security- Specialist&id=5421468
[25] R. Bernard, "Information Lifecycle Security Risk Assessment: A tool for closing security gaps," Computers & security, vol. 26, pp. 26-30, 2007.
[26] P.G. Dorey, and A. Leite, "Commentary: Cloud computing. A security problem or solution?" Information security tehnical report, pp. 1-8, Sept. 2011.
[27] R. Bojanc, and B. Jerman-Blaži─ì, "Towards a standard approach for quantifying an ICT security investment," Computer Standards & Interfaces, vol. 30, pp. 216-222, May 2008.
[28] S. Fua, and Y. Xiao, "An Effective Process of Information Security Risk Assessment," Energy Procedia, vol. 11, pp. 1050-1057, December 2011.
[29] L. Hayden, "IT Security Metrics: A practical framework for measuring security & protecting data", 2010.
[30] J. Zhao, and S. Zhao, "Opportunities and threats: A security assessment of state e-government websites," Government Information Quarterly, vol. 27, pp. 49-56, January 2010.
[31] M. Ciampa, "Security guide to network security fundamentals" 3rd ed. Boston: Course Technology, Cengage Learning. 2009.
[32] I. Winkler, "What is a security audit?" Tech Target. http://searchcio.techtarget.com/sDefinition/0,,sid182_gci955099,00.html
[33] L. Zhuoa, and Z. Wang, "Research and Implementation of Log-based Network Security Audit System," Energy Procedia, vol. 11, pp. 2021- 2026, December 2011.