Security controls based on K-ISMS in cloud computing service

Abstract

Cloud computing service can be provided by diverse forms such as XaaS, MSP and others. The most common examples of XaaS are Software as a Service, Infrastructure as a Service, and Platform as a Service. A MSP(Management Service Provider) is a type of IT service companies that provides network, server and specialized applications to end user and organization. Also cloud computing service offers many benefits of reducing cost by sharing storage resource, but is vulnerable to threats. Therefore the issue of information security should be solved to mitigate the threat in cloud computing environment. The cloud computing service providers had better establish the ISMS (Information Security Management System) to manage risks systematically. In this paper, we propose the security controls for cloud computing service which are based on K-ISMS through a comparative analysis of domestic and foreign cloud computing service guidelines. These security controls will be useful for organization's ISMS. © 2014 Springer-Verlag Berlin Heidelberg.