Title :
Inadequacies of Current Risk Controls for the Cloud
Author :
Auty, M. ; Creese, S. ; Goldsmith, M. ; Hopkins, P.
Author_Institution :
Int. Digital Lab., Univ. of Warwick, Coventry, UK
fDate :
Nov. 30 2010-Dec. 3 2010
Abstract :
In this paper we describe where current risk controls (as documented in ISO27001/27002) for mitigating information security risks are likely to be inadequate for use in the cloud. Such an analysis could provide a rationale for prioritizing protection research, and the work presented here is part of a larger exercise designed to identify the potential for cascade attacks in the cloud, and those areas most likely to be targeted based on both an understanding of threat motivations and likely areas of vulnerability.
Keywords :
cloud computing; security of data; cascade attacks; cloud environment; current risk controls; mitigating information security; Access control; Cloud computing; Encryption; Monitoring; Sensors; Software; Authentication; Information; Insider; Monitoring; Security; Threat; Vulnerability;
Conference_Titel :
Cloud Computing Technology and Science (CloudCom), 2010 IEEE Second International Conference on
Conference_Location :
Indianapolis, IN
Print_ISBN :
978-1-4244-9405-7
Electronic_ISBN :
978-0-7695-4302-4
DOI :
10.1109/CloudCom.2010.49
