• English
  • Deutsch
  • Log In
    Password Login
    Research Outputs
    Fundings & Projects
    Researchers
    Institutes
    Statistics
Repository logo
Fraunhofer-Gesellschaft
  1. Home
  2. Fraunhofer-Gesellschaft
  3. Konferenzschrift
  4. Security and compliance in clouds
 
  • Details
  • Full
Options
2011
Conference Paper
Title

Security and compliance in clouds

Abstract
The use of cloud computing services is an attractive opportunity for companies to improve IT Services and to achieve almost unlimited scalability of the IT infrastructure, and all of this at a significantly reduced cost than this is possible with internal resources. However, the use of a cloud service requires a company to trust the vendor to deal with the company's secret data. In order to check the compliance demands for the required security level, the business processes of the cloud vendor have to be inspected thoroughly. This is a time consuming and expensive task which has to be repeated continuously. Furthermore, company data is increasingly subject to compliance checks for legal regulations that differ in each geographical location, for instance the Sarbanes-Oxley Act (SOX) or the HIPPAA Act in the health domain in the U.S., or Basel II, Solvency II in Europe. We report on ongoing research about an automated compliance analysis method specifically for the analysis of the business processes of a cloud service provider. Nowadays, customers of cloud services can only inquire the existence of single security features like a firewall. The review of the entire security concept on a process level is seldom possible.
Author(s)
Beckers, K.
Jürjens, J.
Mainwork
ISSE 2010. Securing electronic business processes  
Conference
Information Security Solutions Europe Conference (ISSE) 2010  
File(s)
Download (607.5 KB)
Rights
Use according to copyright law
DOI
10.24406/publica-fhg-370963
Language
English
Fraunhofer-Institut für Software- und Systemtechnik ISST  
  • Cookie settings
  • Imprint
  • Privacy policy
  • Api
  • Contact
© 2024