A comparative study of Cloud Security Ontologies

Cloud Security is one of the foremost concerns among related stakeholders. Each concern brings diverse effects on discrete assets while analyzing the security issues in Cloud Computing. In spite of various studies, we still fail to define the needs of security, resulting in a slow pace in cloud adoption. Accordingly, a fresh approach is required to facilitate end-users and service providers to better understand the domain so that they can easily address their security requirements and find their solutions. Out of different security measures used by related stakeholders one is `ontology-based security approach,´ which creates a conceptual relationship among entities representing information, having systematic review for the purpose of identifying, analyzing and eliciting security countermeasures. Previous studies reveal a variety of security ontologies that can be used by the service providers, which have different approaches to assess the security; still, cloud service providers and end users find it complicating and lacking in security sphere as there is no specification, which ontology should be used at what condition. Hence, there is an emergent need for a critical review of prior studies related to Cloud Security Ontology. This paper presents a brief discussion on five major ontologies namely: Cloud Ontology, Takeshi Takahashi et al.´s Ontology, CoCoOn, Subramani Keerthana et al.´s Ontology and Nelson Gonzalez et al.´s Taxonomy dwelling upon their strengths and weaknesses. A comparative study is also accomplished using various attributes, which are identified based on the well-known practices with similar studies in security domain. Further, future research directions based on comparative study and the weaknesses sections have also been explored to facilitate the researchers in related areas.