Cloud security had not yet distinguished itself as a field separate from information assurance. Its security metrics are currently synonymous with what a security professional would refer to as a third-party or vendor security audit. Where cloud services are viewed in a systems- of-systems context, any comprehensive security validation approach should rely on the ability of a cloud service to meet customer security requirements; that is, to provide the basis by which customers may assess the efficacy of their own security controls which may be dependent on those in the cloud. This requires a systems-level approach to security validation that is extensible to systems-of-systems environments. This paper describes such an approach.
Mendeley saves you time finding and organizing research
Choose a citation style from the tabs below