Article ID | Journal | Published Year | Pages | File Type |
---|---|---|---|---|
4962109 | Procedia Computer Science | 2016 | 10 Pages |
Abstract
This paper presents a security-by-design methodology for the development of cloud applications, which relies on Security SLAs as a means to express their security requirements. The process followed to build such Security SLAs entails the application of a risk analysis procedure aimed at identifying the main vulnerabilities affecting a cloud application and allows to determine the countermeasures to consider at design time in order to thwart the main existing threats.The paper illustrates a proof-of-concept application that founds on standard risk assessment tools and adopts state-of-art Security Control Frameworks and a novel Security SLA model for the security requirements representation.
Keywords
Related Topics
Physical Sciences and Engineering
Computer Science
Computer Science (General)
Authors
Valentina Casola, Alessandra De Benedictis, Massimiliano Rak, Erkuden Rios,