Browse > Article
http://dx.doi.org/10.13089/JKIISC.2013.23.6.1277

A Research on the Cloud Computing Security Framework  

kim, Jung-Duk (Chung-ang University)
Lee, Seong-Il (Deloitte Anjin LLC)
Publication Information
Journal of the Korea Institute of Information Security & Cryptology / v.23, no.6, 2013 , pp. 1277-1286 More about this Journal
Abstract
Cloud computing's unique attributes such as elasticity, rapid provisioning and releasing, resource pooling, multi-tenancy, broad-network accessibility, and ubiquity bring many benefits to cloud adopters(company and organization), but also entails specific security risks associated with the type of adopted cloud and deployment mode. To minimize those types of risk, this paper proposed cloud computing security framework refered to strategic alliance model. The cloud computing security framework has main triangles that are cloud threat, security controls, cloud stakeholders and compose of three sides that are purposefulness, accountability, transparent responsibility. Main triangles define purpose of risk minimization, appointment of stakeholders, security activity for them and three sides of framework are principles of security control in the cloud computing, provide direction of deduction for seven service packages.
Keywords
Cloud Computing; Information Security; Risk Management; Governance; Framework;
Citations & Related Records
연도 인용수 순위
  • Reference
1 National Standard Coordinator Office, "Standard framework of cloud computing," Working Deliverables, Korea Agency for Technology & Standards, MINISTRY OF TRADE, INDUSTRY & ENERGY, Dec. 2012.
2 NIST Cloud Computing Standards Roadmap Working Group, "NIST Cloud Computing Standards Roadmap", NIST SP500-291 Version 2, July 2011.
3 ISO/IEC JTC1 SC27, "Information technology -- Security techniques -- Code of practice for information security controls for cloud computing services based on ISO/IEC 27002", ISO/IEC WD 27017, October 2013.
4 CSA, "Open Certification Framework," Working Deliverables, Cloud security alliance, August 2012.
5 Henderson, J. and N. Venkaraman, "Strategic Alignment: Leveraging IT for transforming organizations," IBM Systems Journal, V32 N1, 1993.
6 CSA, "The Notorious Nine Cloud Computing Top Threat in 2013," Working Deliverables, February 2013
7 NIST Cloud Computing Security Working Group, "NIST Cloud Computing Security Reference Architecture", NIST SP500-299, pp. 245-267, May 2013.
8 Cabrera, D., J. T. Mandel, J. P. Andras, & M. L. Nydam, "What is the crisis? Defining and prioritizing the world's most pressing problems," Front Ecol Environ, pp.469-475. 2008.