SECURITY AND PRIVACY GOVERNANCE IN CLOUD COMPUTING VIA SLAs AND A POLICY ORCHESTRATION SERVICE

Marco Casassa Mont, Kieran McCorry, Nick Papanikolaou, Siani Pearson

Abstract

We present in this paper the novel concept of a policy orchestration service, which is designed to facilitate security and privacy governance in the enterprise, particularly for the case where various services are provided to the enterprise through external suppliers in the cloud. The orchestration service mediates between the enterprises’ internal decision support systems (which incorporate core security and privacy recommendations) and the cloud-based service providers, who are assumed to be bound by contractual service level agreements with the enterprise. The function of the orchestration service, which is intended to be accessed as a trusted service in the cloud, is to ensure that applicable security and privacy recommendations are actioned by service providers through adequate monitoring and enforcement mechanisms.

References

  1. Alavi, M., Leidner, D.E. 1999. Knowledge management systems: issues, challenges, and benefits. Communications of the AIS 1 (2).
  2. Gartner. 2011. Magic Quadrant for Enterprise Governance, Risk and Compliance Platforms.
  3. Ghodsypour, S.H., O'Brien, C. 1998. A decision support system for supplier selection using an integrated analytic hierarchy process and linear programming, International Journal of Production Economics, Volumes 56-57, 20 September 1998, Pages 199-212.
  4. ICO. 2009. Privacy Impact Assessment Handbook. Available online at http://www.ico.gov.uk/upload/ documents/pia_handbook_html_v2/files/PIAhandbook V2.pdf.
  5. Jackson, M., Twaddle, G. 1997. Business Process Implementation: Building Workflow Systems, Addison-Wesley.
  6. Padgham, L., Winikoff, M. 2004. Developing Intelligent Agent Systems: A Practical Guide. Wiley-Blackwell.
  7. Pearson, S., Rao, P., Sander, T., Parry, A., Paull, A., Patruni, S., Dandamudi-Ratnakar, V. and Sharma, P., 2009. Scalable, Accountable Privacy Management for Large Organizations, INSPEC 2009: 2nd International Workshop on Security and Privacy Distributed Computing, Enterprise Distributed Object Conference Workshops (EDOCW 2009), IEEE, pp. 168-175.
  8. Turban, E., Sharda, R., Delen, D. 2010. Decision Support and Business Intelligence Systems. Pearson.
Download


Paper Citation


in Harvard Style

Casassa Mont M., McCorry K., Papanikolaou N. and Pearson S. (2012). SECURITY AND PRIVACY GOVERNANCE IN CLOUD COMPUTING VIA SLAs AND A POLICY ORCHESTRATION SERVICE . In Proceedings of the 2nd International Conference on Cloud Computing and Services Science - Volume 1: CloudSecGov, (CLOSER 2012) ISBN 978-989-8565-05-1, pages 670-674. DOI: 10.5220/0003978406700674


in Bibtex Style

@conference{cloudsecgov12,
author={Marco Casassa Mont and Kieran McCorry and Nick Papanikolaou and Siani Pearson},
title={SECURITY AND PRIVACY GOVERNANCE IN CLOUD COMPUTING VIA SLAs AND A POLICY ORCHESTRATION SERVICE},
booktitle={Proceedings of the 2nd International Conference on Cloud Computing and Services Science - Volume 1: CloudSecGov, (CLOSER 2012)},
year={2012},
pages={670-674},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0003978406700674},
isbn={978-989-8565-05-1},
}


in EndNote Style

TY - CONF
JO - Proceedings of the 2nd International Conference on Cloud Computing and Services Science - Volume 1: CloudSecGov, (CLOSER 2012)
TI - SECURITY AND PRIVACY GOVERNANCE IN CLOUD COMPUTING VIA SLAs AND A POLICY ORCHESTRATION SERVICE
SN - 978-989-8565-05-1
AU - Casassa Mont M.
AU - McCorry K.
AU - Papanikolaou N.
AU - Pearson S.
PY - 2012
SP - 670
EP - 674
DO - 10.5220/0003978406700674