Evidence Collection in Cloud Provider Chains

Thomas Rübsamen; Christoph Reich; Nathan Clarke; Martin Knahl

Research.Publish.Connect.

*Please fill out at least one Field. *Value must be an number!

Title:
ISBN:
Year:
Acronym:
Subject:

Advanced Search Proceedings Search

If you're looking for an exact phrase use quotation marks on text fields.

*Please fill out at least one Field.

Title:
Author:
Affiliation:
Subject:

Advanced Search Papers Search

If you're looking for an exact phrase use quotation marks on text fields.

*Please fill out at least one Field.

Name:
Affiliation:
Country:
Conference:
Subject:

Advanced Search Authors Search

If you're looking for an exact phrase use quotation marks on text fields.

*Please fill out at least one Field.

Name:
Country:
Subject:

Advanced Search Affiliations Search

If you're looking for an exact phrase use quotation marks on text fields.

Proceedings

Proceedings Search *Please fill out at least one Field. *Value must be an number!

Title:
ISBN:
Year:
Acronym:
Subject:

Advanced Search Proceedings Search

If you're looking for an exact phrase use quotation marks on text fields.

Papers

Papers Search *Please fill out at least one Field.

Title:
Author:
Affiliation:
Subject:

Advanced Search Papers Search

If you're looking for an exact phrase use quotation marks on text fields.

Authors

Authors Search *Please fill out at least one Field.

Name:
Affiliation:
Country:
Conference:
Subject:

Advanced Search Authors Search

If you're looking for an exact phrase use quotation marks on text fields.

Advanced Search

Paper

Evidence Collection in Cloud Provider Chains

Topics: Cloud Applications Performance and Monitoring; Federated Cloud; Privacy, Security and Trust; Security, Privacy, and Compliance Management

In Proceedings of the 6th International Conference on Cloud Computing and Services Science - Volume 1: CLOSER, 59-70, 2016 , Rome, Italy

Authors: Thomas Rübsamen ¹ ; Christoph Reich ¹ ; Nathan Clarke ² and Martin Knahl ¹

Affiliations: ¹ Furtwangen University, Germany ; ² Plymouth University, United Kingdom

Keyword(s): Cloud Computing, Audit, Federated Cloud, Security, Digital Evidence.

Related Ontology Subjects/Areas/Topics: Cloud Applications Performance and Monitoring ; Cloud Computing ; Cloud Computing Enabling Technology ; Federated Cloud ; Platforms and Applications ; Security, Privacy, and Compliance Management ; Services Science

Abstract: With the increasing importance of cloud computing, compliance concerns get into the focus of businesses more often. Furthermore, businesses still consider security and privacy related issues to be the most prominent inhibitors for an even more widespread adoption of cloud computing services. Several frameworks try to address these concerns by building comprehensive guidelines for security controls for the use of cloud services. However, assurance of the correct and effective implementation of such controls is required by businesses to attenuate the loss of control that is inherently associated with using cloud services. Giving this kind of assurance is traditionally the task of audits and certification. Cloud auditing becomes increasingly challenging for the auditor the more complex the cloud service provision chain becomes. There are many examples for Software as a Service (SaaS) providers that do not own dedicated hardware anymore for operating their services, but rely solely on ot her cloud providers of the lower layers, such as platform as a service (PaaS) or infrastructure as a service (IaaS) providers. The collection of data (evidence) for the assessment of policy compliance during a technical audit is aggravated the more complex the combination of cloud providers becomes. Nevertheless, the collection at all participating providers is required to assess policy compliance in the whole chain. The main contribution of this paper is an analysis of potential ways of collecting evidence in an automated way across cloud provider boundaries to facilitate cloud audits. Furthermore, a way of integrating the most suitable approaches in the system for automated evidence collection and auditing is proposed. (More)

CC BY-NC-ND 4.0

Guest: Register as new SciTePress user now for free.

SciTePress user: please login.

My Papers

You are not signed in, therefore limits apply to your IP address 18.188.140.232

In the current month:

Recent papers: 100 available of 100 total

2⁺ years older papers: 200 available of 200 total

Paper citation in several formats:

Rübsamen, T.; Reich, C.; Clarke, N. and Knahl, M. (2016). Evidence Collection in Cloud Provider Chains. In Proceedings of the 6th International Conference on Cloud Computing and Services Science - Volume 1: CLOSER; ISBN 978-989-758-182-3; ISSN 2184-5042, SciTePress, pages 59-70. DOI: 10.5220/0005788700590070

@conference{closer16,
author={Thomas Rübsamen. and Christoph Reich. and Nathan Clarke. and Martin Knahl.},
title={Evidence Collection in Cloud Provider Chains},
booktitle={Proceedings of the 6th International Conference on Cloud Computing and Services Science - Volume 1: CLOSER},
year={2016},
pages={59-70},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0005788700590070},
isbn={978-989-758-182-3},
issn={2184-5042},
}

TY - CONF

JO - Proceedings of the 6th International Conference on Cloud Computing and Services Science - Volume 1: CLOSER
TI - Evidence Collection in Cloud Provider Chains
SN - 978-989-758-182-3
IS - 2184-5042
AU - Rübsamen, T.
AU - Reich, C.
AU - Clarke, N.
AU - Knahl, M.
PY - 2016
SP - 59
EP - 70
DO - 10.5220/0005788700590070
PB - SciTePress