Data Analysis of Cloud Security Alliance's Security, Trust & Assurance Registry
The security of clients' applications on the cloud platforms has been of great interest. Security concerns associated with cloud computing are improving in both the domains; security issues faced by cloud providers and security issues faced by clients. However, security concerns still remain in domains like cloud auditing and migrating application components to cloud to make the process more secure and cost-efficient. To an extent, this can be attributed to a lack of detailed information being publicly present about the cloud platforms and their security policies. A resolution in this regard can be found in Cloud Security Alliance's Security, Trust, and Assurance Registry (STAR) which documents the security controls provided by popular cloud computing offerings. In this paper, we perform some descriptive analysis on STAR data in an attempt to comprehend the information publicly presented by different cloud providers. It is to help clients in more effectively searching and analyzing the required security information they need for the decision making process for hosting their applications on cloud. Based on the analysis, we outline some augmentations that can be made to STAR as well as certain specific design improvements for a cloud migration risk assessment framework.
A. Sen and S. K. Madria, "Data Analysis of Cloud Security Alliance's Security, Trust & Assurance Registry," ACM International Conference Proceeding Series, Association for Computing Machinery (ACM), Jan 2018.
The definitive version is available at https://doi.org/10.1145/3154273.3154343
19th International Conference on Distributed Computing and Networking, ICDCN 2018 (2018: Jan. 4-7, Varanasi, India)
Intelligent Systems Center
Keywords and Phrases
Cloud Computing; CSA STAR; Data Analyses; Risk Assessment
International Standard Book Number (ISBN)
Article - Conference proceedings
© 2018 Association for Computing Machinery (ACM), All rights reserved.