Abstract
Cloud computing is becoming increasingly attractive both in commercial and government sectors because of the significant cost reduction in their IT operations. The technical benefits of cloud environment (and its service-oriented capabilities) are the availability of computing resources those can quickly be engaged for service execution and released when no longer needed. As the cloud services moving to the mainstream computing, the issues of ownership and the chain of custody of customer data are becoming very critical. In this talk, I will discuss various cloud security issues, and the role and responsibilities of cloud service providers since the secure cloud environment is essential for providing uninterrupted services to customers. This talk will introduce various metrics for cyber security coverage, and demonstrate a tool, called MEGHNAD for estimating security coverage for cloud services. This tool can serve as a specialized Cloud Doctor in prescribing the right combination of security tools for different cloud services and according to the level of security assurance required. It will useful to a cloud provider who wants to incorporate security insurance as part of their Service Level Agreements (SLA).
Chapter PDF
Similar content being viewed by others
References
Bhattarai, A., Dasgupta, D.: A Self-Supervised Approach to Comment Spam Detection Based on Content Analysis. International Journal of Information Security and Privacy (IJISP) 5(1), 14–32 (2011)
Dasgupta, D., Rahman, M.: A Framework for Estimating Security Coverage for Cloud Service Insurance. In: ACM ICPS Proceedings of Cyber Security and Information Intelligence Research Workshop (CSIIRW-7), Oak Ridge, USA, October 12-14 (2011)
Ferebee, D., Dasgupta, D., Wu, Q., Schmidt, M.: Security Visualization: Cyber Security Storm Map and Event Correlation. In: The Proceedings of IEEE Symposium on Computational Intelligence in Cyber Security (CICS) Under IEEE Symposium Series in Computational Intelligence, Paris, France (April 2011)
Yu, S., Dasgupta, D.: An Effective Network-based Intrusion Detection Using Conserved Self Pattern Recognition Algorithm Augmented with Near-deterministic Detector Generation. In: The Proceedings of IEEE Symposium on Computational Intelligence in Cyber Security (CICS) Organized in IEEE Symposium Series in Computational Intelligence, Paris, France (April 2011)
Carvalho, M., Dasgupta, D., Grimaila, M.: Mission Resilience in Cloud Computing: A Biologically Inspired Approach. In: 6th International Conference on Information Warfare and Security, Washington, DC, USA (March 2011)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2011 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Dasgupta, D. (2011). Who Is Responsible for Security and Privacy in the Cloud?. In: Chaki, N., Cortesi, A. (eds) Computer Information Systems – Analysis and Technologies. Communications in Computer and Information Science, vol 245. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-27245-5_2
Download citation
DOI: https://doi.org/10.1007/978-3-642-27245-5_2
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-27244-8
Online ISBN: 978-3-642-27245-5
eBook Packages: Computer ScienceComputer Science (R0)