持续遵从性:经验、挑战和机遇

2018 IEEE World Congress on Services (SERVICES) Pub Date : 2018-07-01 DOI:10.1109/SERVICES.2018.00029

Robert Filepp, C. Adam, Milton Hernandez, M. Vukovic, Nikos Anerousis, Guanlai Zhang

{"title":"持续遵从性:经验、挑战和机遇","authors":"Robert Filepp, C. Adam, Milton Hernandez, M. Vukovic, Nikos Anerousis, Guanlai Zhang","doi":"10.1109/SERVICES.2018.00029","DOIUrl":null,"url":null,"abstract":"IT compliance is an area of increasing attention and capital spend in enterprise IT environments. We present \"Continuous Compliance\", a framework that allows a managed IT services provider to automate the overall process of keeping IT assets conformant with enterprise policies, regulatory frameworks, and other best practices. Our framework applies to all cloud layers and service models: Infrastructure-, Platform-, and Software-as-a-Service. We describe our framework design, its operation, and the post-process analytics and reporting. We also examine remediation reports gathered from over 2,000 servers for a seven month period, graph the incidence of repeated remediations, and explore some reasons for gradually subsiding remediations.","PeriodicalId":130225,"journal":{"name":"2018 IEEE World Congress on Services (SERVICES)","volume":"83 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2018-07-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"4","resultStr":"{\"title\":\"Continuous Compliance: Experiences, Challenges, and Opportunities\",\"authors\":\"Robert Filepp, C. Adam, Milton Hernandez, M. Vukovic, Nikos Anerousis, Guanlai Zhang\",\"doi\":\"10.1109/SERVICES.2018.00029\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"IT compliance is an area of increasing attention and capital spend in enterprise IT environments. We present \\\"Continuous Compliance\\\", a framework that allows a managed IT services provider to automate the overall process of keeping IT assets conformant with enterprise policies, regulatory frameworks, and other best practices. Our framework applies to all cloud layers and service models: Infrastructure-, Platform-, and Software-as-a-Service. We describe our framework design, its operation, and the post-process analytics and reporting. We also examine remediation reports gathered from over 2,000 servers for a seven month period, graph the incidence of repeated remediations, and explore some reasons for gradually subsiding remediations.\",\"PeriodicalId\":130225,\"journal\":{\"name\":\"2018 IEEE World Congress on Services (SERVICES)\",\"volume\":\"83 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2018-07-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"4\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2018 IEEE World Congress on Services (SERVICES)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/SERVICES.2018.00029\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2018 IEEE World Congress on Services (SERVICES)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/SERVICES.2018.00029","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 4

摘要

IT遵从性是企业IT环境中日益受到关注和资本支出的一个领域。我们提出了“持续遵从性”，这是一个框架，它允许托管IT服务提供商自动化保持IT资产符合企业策略、监管框架和其他最佳实践的整个过程。我们的框架适用于所有的云层和服务模型:基础设施、平台和软件即服务。我们描述了我们的框架设计，它的操作，以及后处理的分析和报告。我们还检查了从2000多个服务器收集的七个月期间的修复报告，绘制了重复修复的发生率图表，并探讨了修复逐渐消退的一些原因。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文

微信好友朋友圈 QQ好友复制链接

本刊更多论文

Continuous Compliance: Experiences, Challenges, and Opportunities

IT compliance is an area of increasing attention and capital spend in enterprise IT environments. We present "Continuous Compliance", a framework that allows a managed IT services provider to automate the overall process of keeping IT assets conformant with enterprise policies, regulatory frameworks, and other best practices. Our framework applies to all cloud layers and service models: Infrastructure-, Platform-, and Software-as-a-Service. We describe our framework design, its operation, and the post-process analytics and reporting. We also examine remediation reports gathered from over 2,000 servers for a seven month period, graph the incidence of repeated remediations, and explore some reasons for gradually subsiding remediations.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

2018 IEEE World Congress on Services (SERVICES)

自引率

0.00%

发文量

期刊最新文献

A Knowledge Representation of Cloud Data Controls for EU GDPR Compliance Measuring the Scalability of Cloud-Based Software Services Constructing a Service Software with Microservices Stigmergy-Based QoS Optimisation for Flexible Service Composition in Mobile Communities IEEE Services 2018 Organizing Committee