A Comparative Review of Cloud Security Proposals with ISO/IEC 27002
Information Security is considered one of the main reasons why users are reluctant to adopt the new generation of services offered by cloud computing providers. In order to minimize risks, some security proposals have been developed, with the purpose of facing a wide range of security concerns. This paper reviews these existing approaches and defines a security comparative framework, based on ISO/IEC 27002, suitable for the cloud environment. The analysis process of these alternatives shows a partial compliance with the defined requirements as each one is focused on different issues. As a consequence, more investigation is needed to achieve a comprehensive cloud security framework. The results of this paper highlight the gaps and weaknesses of each proposal, so that directions are settled for future work.
Oscar Rebollo Daniel Mellado Eduardo Fernández-Medina
Social Security IT Management, Ministry of Labour and Immigration, Madrid, Spain GSyA Research Group, Department of Information Technologies and Systems University of Castilla-La Ma
国际会议
13th International Conference on Enterprise Information System(第13届企业信息系统国际会议 ICEIS 2011)
北京
英文
1406-1415
2011-06-08(万方平台首次上网日期,不代表论文的发表时间)