Skip to main content
SpringerLink
Log in

IS Risks Governance for Cloud Computing Service

  • Conference paper
  • First Online:
Digital Transformation Technology

Part of the book series: Lecture Notes in Networks and Systems ((LNNS,volume 224))

Abstract

Cloud computing services have become important to IS/IT recently. Cloud service providers (CSPs) support different types of cloud computing services (Infrastructure as a Service, Platform as a Service, and Software as a Service). There are many challenges and concerns in using cloud computing services that may cause many risks. These risks need addressing while using cloud computing. CSPs provide procedures in order to control risk areas while providing their services. There are many studies that assess risks in cloud computing services. They provide evaluation tools and/or frameworks to manage the risk in cloud computing services. Moreover, IS/IT governance is one of the most powerful ways to achieve IS/IT business alignment. The main goals of IS/IT governance are to ensure that the investments in IS/IT generate business values and to mitigate the risks associated with IS/IT. Even though there are various risks in cloud computing services, there is no comprehensive framework to support risk assessment according to user’s needs. In this paper, we aim to provide a conceptual framework for governance in cloud computing services. This framework will focus on cloud client (CC) requirements to achieve the governance.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 149.00
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 199.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Similar content being viewed by others

References

  1. Müller SD, Holm SR, Søndergaard J (2015) Benefits of cloud computing: literature review in a maturity model perspective. Commun Assoc Inf Syst 37(1):851–878. https://doi.org/10.17705/1cais.03742

    Google Scholar 

  2. Mell P, Grance T (2011) The NIST-National Institute of Standards and Technology definition of cloud computing. NIST Spec Publ 7:800–145

    Google Scholar 

  3. Ashraf I (2014) An overview of service models of cloud computing. Int J Multidiscip Curr Res 2:779–783

    Google Scholar 

  4. Diaby T, Rad BB (2017) Cloud computing: a review of the concepts and deployment models. Int J Inf Technol Comput Sci 9(6):50–58. https://doi.org/10.5815/ijitcs.2017.06.07

    Article  Google Scholar 

  5. Guide P, Edition F A guide to the project management body of knowledge

    Google Scholar 

  6. Lainhart JW (2012) COBIT 5: a business framework for the governance and management of enterprise IT COBIT 5

    Google Scholar 

  7. Lourenco J, Santos-Pereira C, Rijo R, Cruz-Correia R (2014) Service level agreement of information and communication Technologies in Portuguese hospitals. Proc Technol 16:1397–1402. https://doi.org/10.1016/j.protcy.2014.10.158

    Article  Google Scholar 

  8. Sultana A, Raghuveer K (2017) Security risks in cloud delivery models

    Google Scholar 

  9. Sultana A (2017) Security risks in cloud delivery models, pp 2637–2640

    Google Scholar 

  10. Singh S, Jeong YS, Park JH (2016) A survey on cloud computing security: issues, threats, and solutions. J Netw Comput Appl 75:200–222. https://doi.org/10.1016/j.jnca.2016.09.002

    Article  Google Scholar 

  11. Fox A et al (2009) Above the clouds: a berkeley view of cloud computing. Department of Electrical Engineering and Computer Sciences, University of California, Berkeley, Rep. UCB/EECS 28.13 (2009)

    Google Scholar 

  12. Sharma PK, Kaushik PS, Agarwal P, Jain P, Agarwal S, Dixit K (2017) Issues and challenges of data security in a cloud computing environment. In: 2017 IEEE 8th annual ubiquitous computing electronics mobile communication conference UEMCON 2017, vol 2018 Jan, pp 560–566. https://doi.org/10.1109/UEMCON.2017.8249113

  13. Ramachandra G, Iftikhar M, Khan FA (2017) A comprehensive survey on security in cloud computing. Proc Comput Sci 110(2012):465–472. https://doi.org/10.1016/j.procs.2017.06.124

    Article  Google Scholar 

  14. Sen AK, Tiwari PK (2018) Security issues and solutions in cloud computing. Security issues and solutions in cloud computing, Mar 2018. https://doi.org/10.9790/0661-1902046772

  15. Tunc et al C (2017) Cloud security automation framework. In: Proceedings of 2017 IEEE 2nd international workshop foundations application Self* Systems FAS*W 2017. IDC, pp 307–312. https://doi.org/10.1109/FAS-W.2017.164

  16. Cayirci E, Garaga A, Santana de Oliveira A, Roudier Y (2016) A risk assessment model for selecting cloud service providers. J Cloud Comput 5(1):1–12. https://doi.org/10.1186/s13677-016-0064-x

    Article  Google Scholar 

  17. Kalaiprasath R, Elankavi R, Udayakumar R (2017) Cloud security and compliance–a semantic approach in end to end security. Int J Smart Sens Intell Syst 2017:482–494. https://doi.org/10.21307/ijssis-2017-265

    Google Scholar 

  18. Tsaregorodtsev AV et al (2018) (2018) Information security risk estimation for cloud infrastructure. Int J Inf Technol Secur 10(4)

    Google Scholar 

  19. Medhioub M, Hamdi M, Kim TH (2017, Mar) Adaptive risk management framework for cloud computing. In: 2017 IEEE 31st international conference on advanced information networking and applications (AINA). IEEE, pp 1154–1161

    Google Scholar 

  20. Patel K, Alabisi A (2019) Cloud computing security risks: identification and assessment. ERA J Ideas 17(2):11–19

    Google Scholar 

  21. Vijayakumar K, Arun C (2019) Continuous security assessment of cloud based applications using distributed hashing algorithm in SDLC. Cluster Comput 22(s5):10789–10800. https://doi.org/10.1007/s10586-017-1176-x

    Article  Google Scholar 

  22. Chiou S-F, Pan H-T, Cahyadi EF, Hwang M-S (2019) A context establishment framework for cloud computing information security risk management based on the STOPE view. Int J Netw Secur 21(1):100. https://doi.org/10.6633/IJNS.201901

    Article  Google Scholar 

  23. Kristiani E, Yang CT, Wang YT, Huang CY (2019) Implementation of an edge computing architecture using openstack and kubernetes. Lect Notes Electr Eng 514:675–685. https://doi.org/10.1007/978-981-13-1056-0_66

    Article  Google Scholar 

  24. Al-ruithe M, Benkhelifa E, Hameed K (2016) A conceptual framework for designing data governance for cloud computing. Proc Comput Sci 94:160–167. https://doi.org/10.1016/j.procs.2016.08.025

    Article  Google Scholar 

  25. Brandis K, Dzombeta S, Colomo-Palacios R, Stantchev V (2019) Governance, risk, and compliance in cloud scenarios. Appl Sci 9(2):1–21. https://doi.org/10.3390/app9020320

    Article  Google Scholar 

  26. Faizi SM, Rahman SSM (2019) Securing cloud computing through IT governance. SSRN Electron J 7(1). https://doi.org/10.2139/ssrn.3360869

  27. Al-Ruithe M, Benkhelifa E (2017) Analysis and classification of barriers and critical success factors for implementing a cloud data governance strategy. Proc Comput Sci 113:223–232. https://doi.org/10.1016/j.procs.2017.08.352

    Article  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Faculty of Computers and Artificial Intelligence, Cairo University, Giza, Egypt

    Mohamed Gamal, Iman M. A. Helal, Sherif A. Mazen & Sherif Elhennawy

Authors
  1. Mohamed Gamal
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Iman M. A. Helal
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Sherif A. Mazen
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Sherif Elhennawy
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Mohamed Gamal .

Editor information

Editors and Affiliations

  1. Canadian International College, Sadat Academy for Management Sciences, New Cairo, Egypt

    Dalia A. Magdi

  2. Department of Information Systems, Helwan University, Cairo, Egypt

    Yehia K. Helmy

  3. Dr. of Computer Sciences, Ahram Canadian University, Cairo, Egypt

    Mohamed Mamdouh

  4. Director, Global Knowledge Research Foundation, Ahmedabad, India

    Amit Joshi

Rights and permissions

Reprints and permissions

Copyright information

© 2022 The Author(s), under exclusive license to Springer Nature Singapore Pte Ltd.

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Gamal, M., Helal, I.M.A., Mazen, S.A., Elhennawy, S. (2022). IS Risks Governance for Cloud Computing Service. In: Magdi, D.A., Helmy, Y.K., Mamdouh, M., Joshi, A. (eds) Digital Transformation Technology. Lecture Notes in Networks and Systems, vol 224. Springer, Singapore. https://doi.org/10.1007/978-981-16-2275-5_4

Download citation

Publish with us

Policies and ethics

Search

Navigation