Security and Compliance Ontology for Cloud Service Agreements

Cloud computing is a business paradigm where two important roles must be defined: provider and consumer. Providers offer services (e.g. web application, web services, and databases) and consumers pay for using them. The goal of this research is to focus on security and compliance aspects of cloud se...

Descripción completa

Detalles Bibliográficos
Autores: Zalazar, Ana Sofia, Ballejos, Luciana Cristina, Rodriguez, Sebastian Alberto
Tipo de recurso: artículo
Estado:Versión publicada
Fecha de publicación:2017
País:Argentina
Institución:Consejo Nacional de Investigaciones Científicas y Técnicas
Repositorio:CONICET Digital (CONICET)
Idioma:inglés
OAI Identifier:oai:ri.conicet.gov.ar:11336/136503
Acceso en línea:http://hdl.handle.net/11336/136503
Access Level:acceso abierto
Palabra clave:SECURITY
COMPLIANCE
ONTOLOGY
AGREEMENTS
CLOUD SERVICE
https://purl.org/becyt/ford/2.2
https://purl.org/becyt/ford/2
Descripción
Sumario:Cloud computing is a business paradigm where two important roles must be defined: provider and consumer. Providers offer services (e.g. web application, web services, and databases) and consumers pay for using them. The goal of this research is to focus on security and compliance aspects of cloud service. An ontology is introduced, which is the conceptualization of cloud domain, for analyzing different compliance aspects of cloud agreements. The terms, properties and relations are shown in a diagram. The proposed ontology can help service consumers to extract relevant data from service level agreements, to interpret compliance regulations, and to compare different contractual terms. Finally, some recommendations are presented for cloud consumers to adopt services and evaluate security risks.