Cloud Security - A Semantic Approach in End to End Security Compliance

IF 0.6 4区 工程技术 Q4 Engineering Nuclear Engineering International Pub Date : 2017-12-31 DOI:10.18034/ei.v5i2.586
Vns Surendra Chimakurthi
{"title":"Cloud Security - A Semantic Approach in End to End Security Compliance","authors":"Vns Surendra Chimakurthi","doi":"10.18034/ei.v5i2.586","DOIUrl":null,"url":null,"abstract":"Many firms are seeing the benefits of moving to the cloud. For the sake of their customers' data, cloud service providers are required by law to maintain the highest levels of data security and privacy. Most cloud service providers employ a patchwork of security and privacy safeguards while industry standards are being created. The upshot is that customers of cloud services are unsure whether or not the security protections supplied by these services are enough to meet their specific security and compliance requirements. In this article, we have discussed the many threats cloud users face and emphasized the compliance frameworks and security processes that should be in place to minimize the risk. To categorize cloud security measures, risks, and compliance requirements, we developed an ontology. We needed to design software to identify the high-level policy rules that must be applied in response to each danger as part of this initiative. Additionally, the program provides a list of cloud service providers that now satisfy specific security requirements. Even if they aren't familiar with the underlying technology, cloud users may utilize our system to build up their security policy and identify compatible providers.","PeriodicalId":49736,"journal":{"name":"Nuclear Engineering International","volume":null,"pages":null},"PeriodicalIF":0.6000,"publicationDate":"2017-12-31","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"12","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Nuclear Engineering International","FirstCategoryId":"5","ListUrlMain":"https://doi.org/10.18034/ei.v5i2.586","RegionNum":4,"RegionCategory":"工程技术","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q4","JCRName":"Engineering","Score":null,"Total":0}
引用次数: 12

Abstract

Many firms are seeing the benefits of moving to the cloud. For the sake of their customers' data, cloud service providers are required by law to maintain the highest levels of data security and privacy. Most cloud service providers employ a patchwork of security and privacy safeguards while industry standards are being created. The upshot is that customers of cloud services are unsure whether or not the security protections supplied by these services are enough to meet their specific security and compliance requirements. In this article, we have discussed the many threats cloud users face and emphasized the compliance frameworks and security processes that should be in place to minimize the risk. To categorize cloud security measures, risks, and compliance requirements, we developed an ontology. We needed to design software to identify the high-level policy rules that must be applied in response to each danger as part of this initiative. Additionally, the program provides a list of cloud service providers that now satisfy specific security requirements. Even if they aren't familiar with the underlying technology, cloud users may utilize our system to build up their security policy and identify compatible providers.
查看原文
分享 分享
微信好友 朋友圈 QQ好友 复制链接
本刊更多论文
云安全——端到端安全合规的语义方法
许多公司都看到了迁移到云计算的好处。为了保护客户的数据,法律要求云服务提供商保持最高水平的数据安全和隐私。大多数云服务提供商在制定行业标准的同时,采用了各种安全和隐私保护措施。其结果是,云服务的客户不确定这些服务提供的安全保护是否足以满足其特定的安全和遵从性需求。在本文中,我们讨论了云用户面临的许多威胁,并强调了应该采用的合规性框架和安全流程,以最大限度地降低风险。为了对云安全措施、风险和遵从性需求进行分类,我们开发了一个本体。我们需要设计软件来识别高级策略规则,这些规则必须应用于响应作为该计划一部分的每个危险。此外,该计划还提供了一份云服务提供商列表,这些提供商现在满足了特定的安全要求。即使他们不熟悉底层技术,云用户也可以利用我们的系统来建立他们的安全策略并识别兼容的提供商。
本文章由计算机程序翻译,如有差异,请以英文原文为准。
求助全文
约1分钟内获得全文 去求助
来源期刊
Nuclear Engineering International
Nuclear Engineering International 工程技术-核科学技术
自引率
0.00%
发文量
0
审稿时长
6-12 weeks
期刊介绍: Information not localized
期刊最新文献
A Review of Cybersecurity and Biometric Authentication in Cloud Network Network Security Framework, Techniques, and Design for Hybrid Cloud Wave Structures for Nonlinear Schrodinger Types Fractional Partial Differential Equations Arise in Physical Sciences Significant of Gradient Boosting Algorithm in Data Management System Handwritten Bangla Numerical Digit Recognition Using Fine Regulated Deep Neural Network
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
0
微信
客服QQ
Book学术公众号 扫码关注我们
反馈
×
意见反馈
请填写您的意见或建议
请填写您的手机或邮箱
已复制链接
已复制链接
快去分享给好友吧!
我知道了
×
扫码分享
扫码分享
Book学术官方微信
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术
文献互助 智能选刊 最新文献 互助须知 联系我们:info@booksci.cn
Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。
Copyright © 2023 Book学术 All rights reserved.
ghs 京公网安备 11010802042870号 京ICP备2023020795号-1