A Study of Risk Management in Hybrid Cloud Configuration
With recent progress in Internet services and high-speed network environments, cloud computing has rapidly developed, with two main forms. First, public clouds are operated by service providers, such as Google and Amazon. Second, private clouds are built by individual companies for their own use. Unfortunately, public clouds have the problem of uncertain security, while private clouds have the problem of high cost. Hence, the hybrid cloud form is now attracting attention, because it offers advantages of both public and private clouds. The problem with a hybrid cloud, however, is management. Using two cloud forms entails a high computational load. Another problem is data handling. For these reasons, risk management in a hybrid cloud configuration is an important issue. Through analysis of risk in a hybrid cloud configuration, 21 risk factors are extracted and evaluated, and countermeasures are proposed and compiled. Although a hybrid cloud involves a wide-ranging set of risks, it offers many advantages. A future subject will be to quantitatively evaluate the effectiveness of the proposed countermeasures.
KeywordsHybrid Cloud Computing Risk Management Risk Breakdown Structure Risk Matrix
Unable to display preview. Download preview PDF.
- 1.Nakahara, S., et al.: Cloud traceability (CBoC TRX). NTT Technical Journal, 31–35 (October 2011) (in Japanese)Google Scholar
- 2.Inoue, O.: First server Failure, Nihon Keizai Shimbun (June 26, 2012) (in Japanese)Google Scholar
- 3.Microsoft: Shift to Hybrid Cloud (in Japanese), http://www.microsoft.com/ja-jp/opinionleaders/economy_ict/100701_2.aspx
- 4.Tanimoto, S., et al.: Risk Management on the Security Problem in Cloud Computing. In: IEEE/ACIS CNSI 2011, Korea (2011)Google Scholar
- 5.Goto, A., et al.: The concept for the cloud computing technology CboC. NTT Technical Journal, 64–69 (September 2009) (in Japanese)Google Scholar
- 6.Uramoto, N.: Security and Compliance Issues in Cloud Computing. IPSJ Magazine 50(11), 1099–1105 (2009)Google Scholar
- 7.Amrhei, D. (in Japanese), http://www.ibm.com/developerworks/jp/websphere/techjour-nal/0904_amrhein/0904_amrhein.html
- 8.Risk Breakdown Structure, http://www.justgetpmp.com/2011/12/risk-breakdown-structure-rbs.html
- 10.NIST Special Publication 800-30、Risk Management Guide for Information Technology Systems, http://csrc.nist.gov/publications/nistpubs/800-30/sp800-30.pdf