Luna, J. and Suri, Neeraj and Iorga, M. and Karmel, A. (2015) Leveraging the Potential of Cloud Security Service-Level Agreements through Standards. IEEE Cloud Computing, 2 (3). pp. 32-40. ISSN 2325-6095
Full text not available from this repository.Abstract
Despite the undisputed advantages of cloud computing, customers-in particular, small and medium enterprises (SMEs)-still need meaningful understanding of the security and risk-management changes that the cloud entails so they can assess whether this new computing paradigm meets their security requirements. This article presents a fresh view on this problem by surveying and analyzing, from the standardization and risk assessment perspective, the specification of security in cloud service-level agreements (secSLA) as a promising approach to empower customers in assessing and understanding cloud security. Apart from analyzing the proposed risk-based approach and surveying the relevant landscape, this article presents a real-world scenario to support the creation and adoption of secSLAs as enablers for negotiating, assessing, and monitoring the achieved security levels in cloud services.