Data Analysis of Cloud Security Alliance's Security, Trust & Assurance Registry

Author

Amartya Sen
Sanjay Kumar Madria, Missouri University of Science and TechnologyFollow

Abstract

The security of clients' applications on the cloud platforms has been of great interest. Security concerns associated with cloud computing are improving in both the domains; security issues faced by cloud providers and security issues faced by clients. However, security concerns still remain in domains like cloud auditing and migrating application components to cloud to make the process more secure and cost-efficient. To an extent, this can be attributed to a lack of detailed information being publicly present about the cloud platforms and their security policies. A resolution in this regard can be found in Cloud Security Alliance's Security, Trust, and Assurance Registry (STAR) which documents the security controls provided by popular cloud computing offerings. In this paper, we perform some descriptive analysis on STAR data in an attempt to comprehend the information publicly presented by different cloud providers. It is to help clients in more effectively searching and analyzing the required security information they need for the decision making process for hosting their applications on cloud. Based on the analysis, we outline some augmentations that can be made to STAR as well as certain specific design improvements for a cloud migration risk assessment framework.

Recommended Citation

A. Sen and S. K. Madria, "Data Analysis of Cloud Security Alliance's Security, Trust & Assurance Registry," Proceedings of the 19th International Conference on Distributed Computing and Networking (2018, Varanasi, India), Association for Computing Machinery (ACM), Jan 2018.

The definitive version is available at https://doi.org/10.1145/3154273.3154343

Meeting Name

19th International Conference on Distributed Computing and Networking, ICDCN 2018 (2018: Jan. 4-7, Varanasi, India)

Department(s)

Computer Science

Research Center/Lab(s)

Intelligent Systems Center

Second Research Center/Lab

Center for High Performance Computing Research

Comments

This project is partially funded by NSF grant CNS: 1332002

Keywords and Phrases

Cloud Computing; CSA STAR; Data Analyses; Risk Assessment

International Standard Book Number (ISBN)

978-145036372-3

Document Type

Article - Conference proceedings

Document Version

Citation

File Type

text

Language(s)

English

Rights

© 2018 Association for Computing Machinery (ACM), All rights reserved.

Publication Date

07 Jan 2018