Cloud computing provides a wide range of services to organisations in a flexible and cost efficient manner. Nevertheless, inherent cloud security issues make organisations hesitant towards the migration of their services to cloud. In parallel, the cloud service-oriented nature requires a specific and more demanding description of the business functional requirements intended for migration. Organisations need to transform their functional requirements based on a specific language, taking into account the respective non-functional requirements of the migrating services. Thus, the need for an approach that will holistically capture organisations' security and privacy requirements and transform them to cloud service requirements is immense. To this end, this paper presents an approach that takes as input abstract security and privacy requirements and produces through a semi-automatic process various alternative implementation options for cloud services. To achieve that a series of model transformations are utilised in order to create a mapping between the organisational and the operational level of the system's analysis.
|Title of host publication||50th Hawaii International Conference on System Sciences (HICSS)|
|Place of Publication||Hawaii, USA|
|Number of pages||10|
|Publication status||Published - 4 Jan 2017|
|Event||50th Hawaii International Conference on System Sciences (HICSS) - Hawaii, USA, January 2017|
Duration: 4 Jan 2017 → …
|Conference||50th Hawaii International Conference on System Sciences (HICSS)|
|Period||4/01/17 → …|
Bibliographical noteAttribution-NonCommercial-NoDerivatives 4.0 International
Argyropoulos, N., Shei, S., Kalloniatis, C., Mouratidis, H., Delaney, A., Fish, A., & Gritzalis, S. (2017). A Semi-Automatic Approach for Eliciting Cloud Security and Privacy Requirements. In 50th Hawaii International Conference on System Sciences (HICSS) (pp. 4827-4836). Hawaii, USA.