IRMA-International.org: Creator of Knowledge
Information Resources Management Association
Advancing the Concepts & Practices of Information Resources Management in Modern Organizations

A Framework for Compliance and Security Coverage Estimation for Cloud Services: A Cloud Insurance Model

A Framework for Compliance and Security Coverage Estimation for Cloud Services: A Cloud Insurance Model
View Sample PDF
Author(s): Dipankar Dasgupta (University of Memphis, USA)and Durdana Naseem (University of Memphis, USA)
Copyright: 2015
Pages: 23
Source title: Cloud Technology: Concepts, Methodologies, Tools, and Applications
Source Author(s)/Editor(s): Information Resources Management Association (USA)
DOI: 10.4018/978-1-4666-6539-2.ch025

Purchase

View A Framework for Compliance and Security Coverage Estimation for Cloud Services: A Cloud Insurance Model on the publisher's website for pricing and purchasing information.

Abstract

Many organizations are adopting cloud services to reduce their computing cost and increase the flexibility of their IT infrastructure. As cloud services are moving to the mainstream to meet major computing needs, the issues of ownership and chain of custody of customer data are becoming primary responsibilities of providers. Therefore, security requirements are essential for all service models (while the degree of defensive measures may vary) along with satisfying industry standard compliances. The authors develop an insurance framework called MEGHNAD for estimating the security coverage based on the type of cloud service and the level of security assurance required. This security coverage estimator may be useful to cloud providers (offering Security as a Service), cloud adopters, and cloud insurers who want to incorporate or market cloud security insurance. This framework allows the user/operator to choose a cloud service (such as Saas, Paas, IaaS) and other pertinent information in order to determine the appropriate level of security insurance coverage. This chapter describes an extension to the MEGHNAD (version 2.0) framework by incorporating security-related compliances. The compliance for each sector requires specific protection for online data such as transparency, respect for context, security, focused collection, accountability, access, and accuracy. The MEGHNAD tool can also generate a SLA document that can be used for monitoring by a certified Third-Party Assessment Organization (3PAO).

Related Content

Dina Darwish. © 2024. 43 pages.
Kassim Kalinaki, Musau Abdullatif, Sempala Abdul-Karim Nasser, Ronald Nsubuga, Julius Kugonza. © 2024. 23 pages.
Yogita Yashveer Raghav, Ramesh Kait. © 2024. 17 pages.
Renuka Devi Saravanan, Shyamala Loganathan, Saraswathi Shunmuganathan. © 2024. 21 pages.
Veera Talukdar, Ardhariksa Zukhruf Kurniullah, Palak Keshwani, Huma Khan, Sabyasachi Pramanik, Ankur Gupta, Digvijay Pandey. © 2024. 30 pages.
Dharmesh Dhabliya, Sukhvinder Singh Dari, Nitin N. Sakhare, Anish Kumar Dhablia, Digvijay Pandey, Balakumar Muniandi, A. Shaji George, A. Shahul Hameed, Pankaj Dadheech. © 2024. 9 pages.
Avtar Singh, Shobhana Kashyap. © 2024. 11 pages.
Body Bottom