Beitrag in einem Tagungsband
What is Really Going on at Your Cloud Service Provider? Creating Trustworthy Certifications by Continuous Auditing

Details zur Publikation
Lins, S.; Thiebes, S.; Schneider, S.; Sunyaev, A.
Verlagsort / Veröffentlichungsort:
Kauai, Hawaii, USA
Proceddings of the 48th Hawaii International Conference on System Science (HICSS 2015)

Zusammenfassung, Abstract

Cloud service certifications attempt to assure a high level of security and compliance. However, considering that cloud services are part of an ever-changing environment, multi-year validity periods may put in doubt the reliability of such certifications. We argue that continuous auditing of selected certification criteria is required to assure continuously reliable and secure cloud services and thereby increase the trustworthiness of certifications. Continuous auditing of cloud services is still in its infancy, thus, we performed a systematic literature review to identify automated auditing methods that are applicable in the context of cloud computing. Our study yields a set of automated methods for continuous auditing in six clusters. We discuss the identified methods in terms of their applicability to address major concerns about cloud computing and how the methods can aid to continuously audit cloud environments. We thereby provide paths for future research to implement continuous auditing in cloud service contexts.

Autor(inn)en / Herausgeber(innen)

Zuletzt aktualisiert 2019-25-07 um 10:27