A Semantic Ontology based Concept for Measuring Security Compliance of Cloud Service Providers?
Journal: International Journal of Computer Science and Mobile Computing - IJCSMC (Vol.3, No. 3)Publication Date: 2014-03-30
Authors : Mustafa Nouman Murad Al-Hassan;
Page : 815-831
Keywords : Cloud Computing; Security Compliance; Data Breach; Ontology Concept; Semantic Similarity;
Abstract
Cloud computing is Internet-based computing, whereby shared resources, software and information, are provided with computers and devices on-demand. It also makes security problems more complicate and more important for Cloud Service Provider (CSP) and consumer than before. International standard organizations issue security-related standards and guidance which can be used in cloud environment such as ISO/IEC 27001. This research explores the possibility to measure security compliance for data breaches threat based semantic similarity measure between the documents of international standard compliments and CSP response against data breaches threat. We developed a model for that purpose. Our model consists of three stages: (1) Extracting ontology concepts of CC threat (2) Extracting ontology concepts of CSP (3) Matching Process among the both ontology concepts. The matching process has done by using semantic similarity measure. Also during our study, we collected and studied many documents and reports that discussed data breaches threat. Then we classified it into group of (Control Area), identify the items that cover each control area. Also tested 5 CSPs to measure their security compliance by collection their data related to each control area; then convert it into text file in order extracting ontology concepts.
Other Latest Articles
- A Fuzzy Based Model for Software Quality Estimation Using Risk Parameter Assessment?
- Insertion Sort with its Enhancement?
- Analysis of Speech Signals?
- A NOVEL APPROACH TO ENHANCE THE PERFORMANCE OF VANET BY REDUCING DELAY IN COLLISION WARNING SYSTEMS?
- A NOVEL APPROACH TO ENHANCE THE MAINTAINABILITY OF OBJECT ORIENTED SOFTWARE ENGINEERING DURING COMPONENT BASED SOFTWARE ENGINEERING
Last modified: 2014-03-28 21:41:04