UMBC ebiquity

A Semantic Approach to Cloud Security and Compliance

Authors: Amit Hendre, and Karuna Pande Joshi

Book Title: 8th International Conference on Cloud Computing (CLOUD)

Date: June 27, 2015

Abstract: Cloud services are becoming an essential part of many organizations. Cloud providers have to adhere to security and privacy policies to ensure their users' data remains confidential and secure. Though there are some ongoing efforts on developing cloud security standards, most cloud providers are implementing a mish-mash of security and privacy controls. This has led to confusion among cloud consumers as to what security measures they should expect from the cloud services, and whether these measures would comply with their security and compliance requirements. We have conducted a comprehensive study to review the potential threats faced by cloud consumers and have determined the compliance models and security controls that should be in place to manage the risk. Based on this study, we have developed an ontology describing the cloud security controls, threats and compliances. We have also developed an application that classifies the security threats faced by cloud users and automatically determines the high level security and compliance policy controls that have to be activated for each threat. The application also displays existing cloud providers that support these security policies. Cloud consumers can use our system to formulate their security policies and find compliant providers even if they are not familiar with the underlying technology.

Type: InProceedings

Organization: IEEE CLOUD

Tags: cloud computing, cloud security, security compliance models, cloud security models

Google Scholar: search

Number of downloads: 378

 

Available for download as


size: 572114 bytes
 

Related Projects:

Active Projects

 Cloud Security and Privacy.
 Semantic Cloud Services Framework.