Cloud computing security requirements: a systematic review

Iliana Iankoulova, Maia Daneva

    Research output: Chapter in Book/Report/Conference proceedingConference contributionAcademicpeer-review

    51 Citations (Scopus)
    1657 Downloads (Pure)

    Abstract

    Many publications have dealt with various types of security requirements in cloud computing but not all types have been explored in sufficient depth. It is also hard to understand which types of requirements have been under-researched and which are most investigated. This paper's goal is to provide a comprehensive and structured overview of cloud computing security requirements and solutions. We carried out a systematic review and identified security requirements from previous publications that we classified in nine sub-areas: Access Control, Attack/Harm Detection, Non-repudiation, Integrity, Security Auditing, Physical Protection, Privacy, Recovery, and Prosecution. We found that (i) the least researched sub-areas are non-repudiation, physical protection, recovery and prosecution, and that (ii) access control, integrity and auditability are the most researched sub-areas.
    Original languageUndefined
    Title of host publicationProceedings of the Sixth International Conference on Research Challenges in Information Science, RCIS 2012
    EditorsC Rolland, J. Castro, O Pastor
    Place of PublicationUSA
    PublisherIEEE Computer Society
    Pages1-7
    Number of pages7
    ISBN (Print)978-1-4577-1936-3
    DOIs
    Publication statusPublished - May 2012
    EventSixth International Conference on Research Challenges in Information Science, RCIS 2012 - Universitat Politècnica de València, Valencia, Spain
    Duration: 16 May 201218 May 2012
    Conference number: 6

    Publication series

    Name
    PublisherIEEE Computer Society

    Conference

    ConferenceSixth International Conference on Research Challenges in Information Science, RCIS 2012
    Abbreviated titleRCIS 2012
    Country/TerritorySpain
    CityValencia
    Period16/05/1218/05/12

    Keywords

    • SCS-Services
    • least researched sub-areas
    • systematic literature review
    • sequirity requirements engineering
    • auditing
    • most researched sub-areas
    • harm detection
    • physical protection
    • data integrity
    • data privacy
    • data recovery
    • prosecution
    • EWI-23178
    • Empirical Study
    • nonrepudiation
    • Software-as-a-Service
    • Attack Detection
    • IR-85244
    • Cloud computing
    • Access Control
    • Data Security
    • METIS-296358

    Cite this