Hier finden Sie wissenschaftliche Publikationen aus den Fraunhofer-Instituten.

Risk management for outsourcing to the cloud. Security risks and safeguards as selection criteria for extern cloud services

: Viehmann, Johannes

Postprint urn:nbn:de:0011-n-3349908 (705 KByte PDF)
MD5 Fingerprint: ee02923665e567c5997f026047364839
© IEEE. Personal use of this material is permitted. However, permission to reprint/republish this material for advertising or promotional purposes or for creating new collective works for resale or redistribution to servers or lists, or to reuse any copyrighted component of this work in other works must be obtained from the IEEE.
Erstellt am: 29.9.2015

Institute of Electrical and Electronics Engineers -IEEE-:
IEEE International Symposium on Software Reliability Engineering workshops, ISSREW 2014 : Naples, Italy, 3 - 6 November 2014; Proceedings
Piscataway, NJ: IEEE, 2014
ISBN: 978-1-4799-7377-4 (Online)
ISBN: 978-1-4799-7378-1 (Print)
International Symposium on Software Reliability Engineering (ISSRE) <25, 2014, Naples>
International Workshop on Risk Assessment and Risk-Driven Testing (RISK) <2, 2014, Naples>
Konferenzbeitrag, Elektronische Publikation
Fraunhofer FOKUS ()
cloud; outsourcing; risk assessment; risk management; security

This short paper describes our ongoing research about security risk management for IT projects which might eventually take benefit from outsourcing to external Cloud services. Choosing appropriate, secure enough Cloud services from multiple offers might be difficult. Hence, we develop the Cloud Security Guide CSG to assist. It contains a specialized methodology for Cloud risk assessment supporting particularly the extraction of security relevant information from user contracts or terms and conditions of public Cloud services. Discovering that many providers fail to communicate their safeguards, we also decided to develop a provider's guide for risk management and for the communication of risk treatments.