Title :
Enforcing confidentiality in a SaaS cloud environment
Author :
Chou, Yuyu ; Levina, Olga ; Oetting, Jan
Author_Institution :
Dept. for Syst. Anal. & IT, Berlin Inst. of Technol., Berlin, Germany
Abstract :
Achieving confidentiality is a critical concern that deters enterprises from using public cloud services. In the environment of Public Software as a Service (SaaS) it is even more serious because customers lose their system controls, and rigid service level agreements do not state detail security protection methods and provide sufficient legal guarantees. To resolve these issues, this paper proposes the concept of a SaaS Confidentiality Risk Management (SCoRiM) Framework as a holistic and flexible approach to enable small and medium sized enterprises to protect their critical data. It is aimed to enhance the data confidentiality management with and without support from the providers throughout the entire SaaS integrated system development life cycle.
Keywords :
cloud computing; law; risk management; security of data; small-to-medium enterprises; SaaS cloud environment; SaaS confidentiality risk management; SaaS integrated system development life cycle; critical data protection; data confidentiality management enhancement; legal guarantee; public cloud service; public software as a service; rigid service level agreement; security protection method; small and medium sized enterprise; Cloud computing; Guidelines; Information security; Privacy; Risk management; Cloud Computing; Confidentiality; Information security Risk Management; SaaS; System Development Life Cycle;
Conference_Titel :
Telecommunications Forum (TELFOR), 2011 19th
Conference_Location :
Belgrade
Print_ISBN :
978-1-4577-1499-3
DOI :
10.1109/TELFOR.2011.6143500
