SecSDLC: A Practical Life Cycle Approach for Cloud-based Information Security
Journal Title: International Journal of Research in Computer and Communication Technology - Year 2015, Vol 4, Issue 2
Abstract
Cloud computing services offer significant benefits to information technology (IT) systems such as reduced cost and shorter implementation time compared to traditional IT environments. However, the cloud multitenancy and web-enabled architecture creates a complex environment in which to develop and manage information security and compliance programs. At the enterprise level, risk and threat management can be an issue if it fails to protect cloud confidentiality, integrity, and availability (CIA). In this paper, a practical cloud security system development life cycle (SecSDLC) methodology is proposed to provide a holistic approach to effective and efficient cloud information security. The SecSDLC is based on industry best practices, and widely used and accepted methodologies such as waterfall SDLC, and NIST SP 800-64 revision 2 information security. Our previously developed solutions for cloud intrusion detection and prevention, security system monitoring, secure SLA, and compliance auditing are incorporated into the SecSDLC. A formal methodology is proposed to address concerns regarding cloud security and compliance requirements. The goal is to increase the probability of a successful information security program and reduce the likelihood of missing or inadequate components that may compromise cloud information security.
Authors and Affiliations
Fahad F Alruwaili, T. Aaron Gulliver
Keywords
Related Articles
- EP ID EP28143
- DOI -
- Views 263
- Downloads 1
A Novel Approach in Data Clustering using Population Based Optimization Algorithm to solve Economic Load Dispatch Problem
Computing the global optima of a functional has been extensively applied in a wide range of engineering applications. Nevertheless, it is well known they usually lack of effectiveness when dealing with complex nonline...
Unique i : An Integrated Automated Altered Fingerprint Identification System
Fingerprint identification systems are very useful in several biometric applications. They are capable of finding correct person with proper identification. Fingerprint identification systems are based on fingerprint...
Closed Loop Micro strip Antenna Design For Wireless Technology
A small Dual band microstrip patch antenna is introduced. The advance of communication systems requires new antenna designs to comply with the ever-increasing demands of the wireless market. This presented antenna is...
An Optimized MAC Unit Using S-MB Recoding Scheme and Compressors
In this paper, we demonstrate a MAC unit using 8 bit Booth multiplier and addition operation. Most of DSP applications uses addition and multiplication unit for faster operation. This arithmetic unit mainly multiplica...
Reduction of Common Mode Leakage Current in Three Phase Transformer less Photovoltaic Grid Connected System
In this project the usage of distributed generation renewable sources such as solar energy, wind energy and fuel energy become more popular because of environment friendly and increasing demand of electric energy. Fo...