loading
Papers Papers/2022 Papers Papers/2022

Research.Publish.Connect.

Paper

Paper Unlock

Authors: Muhammad Imran Tariq 1 and Vito Santarcangelo 2

Affiliations: 1 Superior University, 36-L and Gulberg-III, Pakistan ; 2 Centro Studi S.r.l. and University of Catania, Italy

Keyword(s): Information Security, Cloud Computing, ISO 27001:2013, Security Assessment, Effectiveness of ISO 27001:2013 Controls.

Abstract: Cloud Computing provides a scalable, high availability and low cost services over the Internet. The advent of newer technologies introduces new risks and threats as well. Although the cloud has a very advanced structures and expansion of services, but security and privacy concerns have been creating obstacles for the enterprise to entirely shift to the cloud. Therefore, both service providers and clients should build an information security system and trust relationship with each other. In this research paper, we analysed most widely used international and industry standard (ISO/IEC 27001:2013) for information security to know its effectiveness for Cloud Organizations, each control importance factor for on-premises, IaaS, PaaS and SaaS, and identify the most suitable controls for the development of SLA based Information Security Metrics for each Cloud Service Model. We generically evaluated ibid standards control objectives without considering Cloud organization size, nature of work, enterprise size. To know effectiveness, relevance to Cloud Computing, factor of standard control objectives for the in-house or in a public cloud, we defined a quantitative metric. We come to the conclusion that ISO / IEC 27001:2013 compliance improves service providers and customer’s information security system and build a trust relationship but not fulfil all requirements and cover all relevant issues. (More)

CC BY-NC-ND 4.0

Sign In Guest: Register as new SciTePress user now for free.

Sign In SciTePress user: please login.

PDF ImageMy Papers

You are not signed in, therefore limits apply to your IP address 3.139.70.131

In the current month:
Recent papers: 100 available of 100 total
2+ years older papers: 200 available of 200 total

Paper citation in several formats:
Tariq, M. and Santarcangelo, V. (2016). Analysis of ISO 27001:2013 Controls Effectiveness for Cloud Computing. In Proceedings of the 2nd International Conference on Information Systems Security and Privacy - ICISSP; ISBN 978-989-758-167-0; ISSN 2184-4356, SciTePress, pages 201-208. DOI: 10.5220/0005648702010208

@conference{icissp16,
author={Muhammad Imran Tariq. and Vito Santarcangelo.},
title={Analysis of ISO 27001:2013 Controls Effectiveness for Cloud Computing},
booktitle={Proceedings of the 2nd International Conference on Information Systems Security and Privacy - ICISSP},
year={2016},
pages={201-208},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0005648702010208},
isbn={978-989-758-167-0},
issn={2184-4356},
}

TY - CONF

JO - Proceedings of the 2nd International Conference on Information Systems Security and Privacy - ICISSP
TI - Analysis of ISO 27001:2013 Controls Effectiveness for Cloud Computing
SN - 978-989-758-167-0
IS - 2184-4356
AU - Tariq, M.
AU - Santarcangelo, V.
PY - 2016
SP - 201
EP - 208
DO - 10.5220/0005648702010208
PB - SciTePress

- Science and Technology Publications, Lda.
RESOURCES

Proceedings

Papers

Authors

Ontology

CONTACTS

Science and Technology Publications, Lda
Avenida de S. Francisco Xavier, Lote 7 Cv. C,
2900-616 Setúbal, Portugal.

Phone: +351 265 520 185 (National fixed network call)
Fax: +351 265 520 186
Email: info@scitepress.org

EXTERNAL LINKS

PRIMORIS

INSTICC

SCITEVENTS

CROSSREF

PROCEEDINGS SUBMITTED FOR INDEXATION BY:

dblp

Ei Compendex

SCOPUS

Semantic Scholar

Google Scholar

Microsoft Academic