Data Security Perspectives in the Framework of Cloud Governance
The adoption of Cloud Computing paradigm by the Small and Medium Enterprises allows them to associate and to create virtualized forms of enterprises or clusters that better sustain the competition with large enterprises sharing the same markets. In the same time the lack of security standards in Cloud Computing generates reluctance from the Small and Medium Enterprises in fully move their activities in the Cloud. We have proposed a Cloud Governance architecture which relies on mOSAIC project’s cloud management solution called Cloud Agency, implemented as a multi-agent system. The Cloud Governance solution is based on various datastores that manage the data produced and consumed during the services lifecycle. This paper focuses on determining the requirements that must be met by the various databases that compound the most complex datastore from the proposed architecture, called Service Datastore, together with emphasizing the threats and security risks that the individual database entities must face.
KeywordsCloud Computing Cloud Governance Datastores Databases Security in the Cloud
Unable to display preview. Download preview PDF.
- 3.Mulholland, A., Pyke, J., Fingar, P.: Enterprise Cloud Computing: A Strategy Guide for Business and Technology Leaders. Meghan-Kiffer Press, Tampa (2010)Google Scholar
- 4.Gong, C., Liu, J., Zhang, Q., Chen, H., Gong, Z.: The characteristics of cloud computing. In: ICPP Workshops, pp. 275–279 (2010)Google Scholar
- 5.Mell, P., Grance, T.: The NIST Definition of Cloud Computing. Recommendations of the National Institute of Standards and Technology (September 2011), http://csrc.nist.gov/publications/nistpubs/800-145/SP800-145.pdf
- 6.Wainewright, P.: Time to think about cloud governance (August 2011), http://www.zdnet.com/blog/saas/time-to-think-about-cloud-governance/1376
- 7.ISACA: Cobit 5 introduction (February 2012), http://www.isaca.org/COBIT/Documents/An-Introduction.pdf
- 8.DMTF: Architecture for managing clouds (June 2010), http://dmtf.org/sites/default/files/standards/documents/DSP-IS01021.0.0.pdf
- 9.DMTF: Use cases and interactions for managing clouds (June 2010), http://www.dmtf.org/sites/default/files/standards/documents/DSP-IS0103_1.0.0.pdf
- 10.Venticinque, S., Negru, V., Munteanu, V.I., Sandru, C., Aversa, R., Rak, M.: Negotiation policies for provisioning of cloud resources. In: Proceedings of the 4th International Conference on Agents and Artificial Intelligence, pp. 347–350. SciTePress (February 2012)Google Scholar
- 11.Venticinque, S., Aversa, R., Di Martino, B., Rak, M., Petcu, D.: A Cloud Agency for SLA Negotiation and Management. In: Guarracino, M.R., Vivien, F., Träff, J.L., Cannatoro, M., Danelutto, M., Hast, A., Perla, F., Knüpfer, A., Di Martino, B., Alexander, M. (eds.) Euro-Par 2010 Workshop. LNCS, vol. 6586, pp. 587–594. Springer, Heidelberg (2011)CrossRefGoogle Scholar
- 12.Aversa, R., Di Martino, B., Rak, M., Venticinque, S.: Cloud agency: A mobile agent based cloud system. In: Proceedings of the 2010 International Conference on Complex, Intelligent and Software Intensive Systems, CISIS 2010, pp. 132–137. IEEE Computer Society, Washington, DC (2010)CrossRefGoogle Scholar
- 13.Cloud Computing Use Cases Group: Cloud computing use cases white paper (July 2010)Google Scholar