LiiT
Laboratory for Internet and Innovative Technologies
Abstract

Concept of cloud computing is an important paradigm offering dynamically scalable resources, redundancy, multitenancy, elasticity and also costs saving, both in CAPEX and OPEX. Despite the benefits, there are many security issues to be solved. Since the applications and data are moving outside of the customer security perimeter, the most important part is to insure certain information security. In this paper we analyze the conformity of ISO 27001:2005 requirements as a framework for managing the security of information assets in cloud computing. Although it is intended for standalone solutions and applications we plan to research its impact on cloud computing. As a result of the research, we propose addition of a new control objective to the standard to increase its conformity to information security, data privacy and trust in cloud computing.

Authors

Sasko Ristov, Marjan Gusev, and Magdalena Kostoska

Keywords

ISMS, Cloud Computing, Information Security, Data Privacy

Full Paper

The paper is published in ICT Innovations 2011, (editor L. Kocarev), Web Proceedings, ISSN 1857-7288

Download