Empirical evaluation of a cloud computing information security governance framework

Oscar Rebolloa; Daniel Melladob; Eduardo Fernandez-Medinac; Haralambos Mouratidis

doi:10.1016/j.infsof.2014.10.003

Empirical evaluation of a cloud computing information security governance framework

Oscar Rebolloa, Daniel Melladob, Eduardo Fernandez-Medinac, Haralambos Mouratidis

University of Brighton

Research output: Contribution to journal › Article › peer-review

Abstract

Cloud computing is a thriving paradigm that supports an efficient way to provide IT services by introducing on-demand services and flexible computing resources. However, significant adoption of cloud services is being hindered by security issues that are inherent to this new paradigm. In previous work, we have proposed ISGcloud, a security governance framework to tackle cloud security matters in a comprehensive manner whilst being aligned with an enterprise’s strategy.

Original language	English
Pages (from-to)	44-57
Number of pages	14
Journal	Information and Software Technology
Volume	58
DOIs	https://doi.org/10.1016/j.infsof.2014.10.003
Publication status	Published - 14 Oct 2014

Bibliographical note

Keywords

information security governance
case study
cloud computing
security governance framework
cloud lifecycle

Access to Document

10.1016/j.infsof.2014.10.003Licence: Unspecified

IST - Empirical evaluation v4.pdfAccepted author manuscript, 575 KBLicence: CC BY-NC-ND

Cite this

@article{6d72068380e6448ca59c2141cfefdfe2,

title = "Empirical evaluation of a cloud computing information security governance framework",

abstract = "Cloud computing is a thriving paradigm that supports an efficient way to provide IT services by introducing on-demand services and flexible computing resources. However, significant adoption of cloud services is being hindered by security issues that are inherent to this new paradigm. In previous work, we have proposed ISGcloud, a security governance framework to tackle cloud security matters in a comprehensive manner whilst being aligned with an enterprise{\textquoteright}s strategy.",

keywords = "information security governance, case study, cloud computing, security governance framework, cloud lifecycle",

author = "Oscar Rebolloa and Daniel Melladob and Eduardo Fernandez-Medinac and Haralambos Mouratidis",

note = "{\textcopyright} 2015, Elsevier. Licensed under the Creative Commons Attribution-NonCommercial-NoDerivatives 4.0 International http://creativecommons.org/licenses/by-nc-nd/4.0/",

year = "2014",

month = oct,

day = "14",

doi = "10.1016/j.infsof.2014.10.003",

language = "English",

volume = "58",

pages = "44--57",

journal = "Information and Software Technology",

issn = "0950-5849",

}

TY - JOUR

T1 - Empirical evaluation of a cloud computing information security governance framework

AU - Rebolloa, Oscar

AU - Melladob, Daniel

AU - Fernandez-Medinac, Eduardo

AU - Mouratidis, Haralambos

PY - 2014/10/14

Y1 - 2014/10/14

N2 - Cloud computing is a thriving paradigm that supports an efficient way to provide IT services by introducing on-demand services and flexible computing resources. However, significant adoption of cloud services is being hindered by security issues that are inherent to this new paradigm. In previous work, we have proposed ISGcloud, a security governance framework to tackle cloud security matters in a comprehensive manner whilst being aligned with an enterprise’s strategy.

AB - Cloud computing is a thriving paradigm that supports an efficient way to provide IT services by introducing on-demand services and flexible computing resources. However, significant adoption of cloud services is being hindered by security issues that are inherent to this new paradigm. In previous work, we have proposed ISGcloud, a security governance framework to tackle cloud security matters in a comprehensive manner whilst being aligned with an enterprise’s strategy.

KW - information security governance

KW - case study

KW - cloud computing

KW - security governance framework

KW - cloud lifecycle

U2 - 10.1016/j.infsof.2014.10.003

DO - 10.1016/j.infsof.2014.10.003

M3 - Article

SN - 0950-5849

VL - 58

SP - 44

EP - 57

JO - Information and Software Technology

JF - Information and Software Technology

ER -

Empirical evaluation of a cloud computing information security governance framework

Abstract

Bibliographical note

Keywords

Access to Document

Fingerprint

Cite this