Lins, Sebastian, Schneider, Stephan and Sunyaev, Ali (2018). Trust is Good, Control is Better: Creating Secure Clouds by Continuous Auditing. IEEE Trans. Cloud Comput., 6 (3). S. 890 - 904. PISCATAWAY: IEEE-INST ELECTRICAL ELECTRONICS ENGINEERS INC. ISSN 2168-7161
Full text not available from this repository.Abstract
Cloud service certifications (CSC) attempt to assure a high level of security and compliance. However, considering that cloud services are part of an ever-changing environment, multi-year validity periods may put in doubt reliability of such certifications. We argue that continuous auditing (CA) of selected certification criteria is required to assure continuously reliable and secure cloud services, and thereby increase trustworthiness of certifications. CA of cloud services is still in its infancy, thus, we conducted a thorough literature review, interviews, and workshops with practitioners to conceptualize an architecture for continuous cloud service auditing. Our study shows that various criteria should be continuously audited. Yet, we reveal that most of existing methodologies are not applicable for third party auditing purposes. Therefore, we propose a conceptual CA architecture, and highlight important components and processes that have to be implemented. Finally, we discuss benefits and challenges that have to be tackled to diffuse the concept of continuous cloud service auditing. We contribute to knowledge and practice by providing applicable internal and third party auditing methodologies for auditors and providers, linked together in a conceptual architecture. Further on, we provide groundings for future research to implement CA in cloud service contexts.
| Item Type: | Journal Article | ||||||||||||||||
| Creators: |
|
||||||||||||||||
| URN: | urn:nbn:de:hbz:38-181115 | ||||||||||||||||
| DOI: | 10.1109/TCC.2016.2522411 | ||||||||||||||||
| Journal or Publication Title: | IEEE Trans. Cloud Comput. | ||||||||||||||||
| Volume: | 6 | ||||||||||||||||
| Number: | 3 | ||||||||||||||||
| Page Range: | S. 890 - 904 | ||||||||||||||||
| Date: | 2018 | ||||||||||||||||
| Publisher: | IEEE-INST ELECTRICAL ELECTRONICS ENGINEERS INC | ||||||||||||||||
| Place of Publication: | PISCATAWAY | ||||||||||||||||
| ISSN: | 2168-7161 | ||||||||||||||||
| Language: | English | ||||||||||||||||
| Faculty: | Unspecified | ||||||||||||||||
| Divisions: | Unspecified | ||||||||||||||||
| Subjects: | no entry | ||||||||||||||||
| Uncontrolled Keywords: |
|
||||||||||||||||
| Refereed: | Yes | ||||||||||||||||
| URI: | http://kups.ub.uni-koeln.de/id/eprint/18111 |
Downloads
Downloads per month over past year
Altmetric
Export
Actions (login required)
 |
View Item |