How Much Cloud Can You Handle?

被引:5
作者
Jaatun, Martin Gilje [1 ]
Tondel, Inger Anne [1 ]
机构
[1] SINTEF ICT, Dept Software Engn Safety & Secur, Trondheim, Norway
来源
PROCEEDINGS 10TH INTERNATIONAL CONFERENCE ON AVAILABILITY, RELIABILITY AND SECURITY ARES 2015 | 2015年
关键词
Incident response; Cloud computing; accountability; security; privacy;
D O I
10.1109/ARES.2015.38
中图分类号
TP [自动化技术、计算机技术];
学科分类号
0812 ;
摘要
Outsourcing computing and storage to the cloud does not eliminate the need for handling of information security incidents. However, the long provider chains and unclear responsibilities in the cloud make incident response difficult. In this paper we present results from interviews in critical infrastructure organisations that highlight incident handling needs that would apply to cloud customers, and suggest mechanisms that facilitate inter-provider collaboration in handling of incidents in the cloud, improving the accountability of the cloud service providers.
引用
收藏
页码:467 / 473
页数:7
相关论文
共 19 条
[1]   A survey of information security incident handling in the cloud [J].
Ab Rahman, Nurul Hidayah ;
Choo, Kim-Kwang Raymond .
COMPUTERS & SECURITY, 2015, 49 :45-69
[2]   Incident response teams - Challenges in supporting the organisational security function [J].
Ahmad, Atif ;
Hadgkiss, Justin ;
Ruighaver, A. B. .
COMPUTERS & SECURITY, 2012, 31 (05) :643-652
[3]  
[Anonymous], 2011, ISO IEC 27035 2011 I
[4]  
[Anonymous], 2011, SECURITY GUIDANCE CR
[5]  
Cichonski P, 2012, NATL I STANDARDS TEC
[6]  
de Souza C. R. B., 2011, CHIMIT 11, P3
[7]   From outsourcing to Cloud computing: evolution of IT services [J].
Dhar, Subhankar .
MANAGEMENT RESEARCH REVIEW, 2012, 35 (08) :664-675
[8]   Identifying a Shared Mental Model Among Incident Responders [J].
Floodeen, Robert ;
Haller, John ;
Tjaden, Brett .
2013 SEVENTH INTERNATIONAL CONFERENCE ON IT SECURITY INCIDENT MANAGEMENT AND IT FORENSICS (IMF 2013), 2013, :15-25
[9]   Towards Incident Handling in the Cloud: Challenges and Approaches [J].
Grobauer, Bernd ;
Schreck, Thomas .
PROCEEDINGS OF THE 2010 ACM WORKSHOP CLOUD COMPUTING SECURITY WORKSHOP (CCSW'10:), 2010, :77-85
[10]  
Jaatun M. G., 2012, P INT CROSS DOM C WO