A security evaluation framework for cloud security auditing

Syed S. Rizvi, Jungwoo Ryoo, John Kissell, William Aiken, Yuhong Liu

Research output: Contribution to journalArticle

4 Citations (Scopus)

Abstract

Cloud computing is clearly one of today’s most enticing technologies due to its scalable, flexible, and cost-efficient access to infrastructure and application services. Despite these benefits, cloud service users (CSUs) have serious concerns about the data security and privacy. Currently, there are several cloud service providers (CSPs) offering a wide range of services to their customers with varying levels of security strengths. Due to the vast diversity in the available cloud services, from the customer’s perspective, it has become difficult to decide which CSP they should use and what should be the selection criteria. Presently, there is no framework that can allow CSUs to evaluate CSPs based on their ability to meet the customer’s security requirements. We propose a framework and a mechanism that evaluate the security strength of CSPs based on the customer’s security preferences. We have shown the applicability of our security evaluation framework using a case study.

Original languageEnglish (US)
Pages (from-to)5774-5796
Number of pages23
JournalJournal of Supercomputing
Volume74
Issue number11
DOIs
StatePublished - Nov 1 2018

Fingerprint

Auditing
Data privacy
Security of data
Cloud computing
Evaluation
Costs
Customers
Framework
Data Security
Evaluate
Cloud Computing
Privacy
Infrastructure

All Science Journal Classification (ASJC) codes

  • Software
  • Theoretical Computer Science
  • Information Systems
  • Hardware and Architecture

Cite this

Rizvi, Syed S. ; Ryoo, Jungwoo ; Kissell, John ; Aiken, William ; Liu, Yuhong. / A security evaluation framework for cloud security auditing. In: Journal of Supercomputing. 2018 ; Vol. 74, No. 11. pp. 5774-5796.
@article{ef8819d2ead04a868f44f17a994c62ee,
title = "A security evaluation framework for cloud security auditing",
abstract = "Cloud computing is clearly one of today’s most enticing technologies due to its scalable, flexible, and cost-efficient access to infrastructure and application services. Despite these benefits, cloud service users (CSUs) have serious concerns about the data security and privacy. Currently, there are several cloud service providers (CSPs) offering a wide range of services to their customers with varying levels of security strengths. Due to the vast diversity in the available cloud services, from the customer’s perspective, it has become difficult to decide which CSP they should use and what should be the selection criteria. Presently, there is no framework that can allow CSUs to evaluate CSPs based on their ability to meet the customer’s security requirements. We propose a framework and a mechanism that evaluate the security strength of CSPs based on the customer’s security preferences. We have shown the applicability of our security evaluation framework using a case study.",
author = "Rizvi, {Syed S.} and Jungwoo Ryoo and John Kissell and William Aiken and Yuhong Liu",
year = "2018",
month = "11",
day = "1",
doi = "10.1007/s11227-017-2055-1",
language = "English (US)",
volume = "74",
pages = "5774--5796",
journal = "Journal of Supercomputing",
issn = "0920-8542",
publisher = "Springer Netherlands",
number = "11",

}

A security evaluation framework for cloud security auditing. / Rizvi, Syed S.; Ryoo, Jungwoo; Kissell, John; Aiken, William; Liu, Yuhong.

In: Journal of Supercomputing, Vol. 74, No. 11, 01.11.2018, p. 5774-5796.

Research output: Contribution to journalArticle

TY - JOUR

T1 - A security evaluation framework for cloud security auditing

AU - Rizvi, Syed S.

AU - Ryoo, Jungwoo

AU - Kissell, John

AU - Aiken, William

AU - Liu, Yuhong

PY - 2018/11/1

Y1 - 2018/11/1

N2 - Cloud computing is clearly one of today’s most enticing technologies due to its scalable, flexible, and cost-efficient access to infrastructure and application services. Despite these benefits, cloud service users (CSUs) have serious concerns about the data security and privacy. Currently, there are several cloud service providers (CSPs) offering a wide range of services to their customers with varying levels of security strengths. Due to the vast diversity in the available cloud services, from the customer’s perspective, it has become difficult to decide which CSP they should use and what should be the selection criteria. Presently, there is no framework that can allow CSUs to evaluate CSPs based on their ability to meet the customer’s security requirements. We propose a framework and a mechanism that evaluate the security strength of CSPs based on the customer’s security preferences. We have shown the applicability of our security evaluation framework using a case study.

AB - Cloud computing is clearly one of today’s most enticing technologies due to its scalable, flexible, and cost-efficient access to infrastructure and application services. Despite these benefits, cloud service users (CSUs) have serious concerns about the data security and privacy. Currently, there are several cloud service providers (CSPs) offering a wide range of services to their customers with varying levels of security strengths. Due to the vast diversity in the available cloud services, from the customer’s perspective, it has become difficult to decide which CSP they should use and what should be the selection criteria. Presently, there is no framework that can allow CSUs to evaluate CSPs based on their ability to meet the customer’s security requirements. We propose a framework and a mechanism that evaluate the security strength of CSPs based on the customer’s security preferences. We have shown the applicability of our security evaluation framework using a case study.

UR - http://www.scopus.com/inward/record.url?scp=85018459016&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=85018459016&partnerID=8YFLogxK

U2 - 10.1007/s11227-017-2055-1

DO - 10.1007/s11227-017-2055-1

M3 - Article

AN - SCOPUS:85018459016

VL - 74

SP - 5774

EP - 5796

JO - Journal of Supercomputing

JF - Journal of Supercomputing

SN - 0920-8542

IS - 11

ER -