Security and Compliance Ontology for Cloud Service Agreements

Cloud computing is a business paradigm where two important roles must be defined: provider and consumer. Providers offer services (e.g. web application, web services, and databases) and consumers pay for using them. The goal of this research is to focus on security and compliance aspects of cloud se...

ver descrição completa

Detalhes bibliográficos
Autores: Zalazar, Ana Sofia, Ballejos, Luciana Cristina, Rodriguez, Sebastian Alberto
Tipo de documento: artigo
Estado:Versão publicada
Data de publicação:2017
País:Argentina
Recursos:Consejo Nacional de Investigaciones Científicas y Técnicas
Repositório:CONICET Digital (CONICET)
Idioma:inglês
OAI Identifier:oai:ri.conicet.gov.ar:11336/136503
Acesso em linha:http://hdl.handle.net/11336/136503
Access Level:Acceso aberto
Palavra-chave:SECURITY
COMPLIANCE
ONTOLOGY
AGREEMENTS
CLOUD SERVICE
https://purl.org/becyt/ford/2.2
https://purl.org/becyt/ford/2
Descrição
Resumo:Cloud computing is a business paradigm where two important roles must be defined: provider and consumer. Providers offer services (e.g. web application, web services, and databases) and consumers pay for using them. The goal of this research is to focus on security and compliance aspects of cloud service. An ontology is introduced, which is the conceptualization of cloud domain, for analyzing different compliance aspects of cloud agreements. The terms, properties and relations are shown in a diagram. The proposed ontology can help service consumers to extract relevant data from service level agreements, to interpret compliance regulations, and to compare different contractual terms. Finally, some recommendations are presented for cloud consumers to adopt services and evaluate security risks.