Cloud computing security requirements: a systematic review

Iliana Iankoulova; Maia Daneva

doi:10.1109/RCIS.2012.6240421

Cloud computing security requirements: a systematic review

Iliana Iankoulova, Maia Daneva

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › Academic › peer-review

58 Citations (Scopus)

2404 Downloads (Pure)

Abstract

Many publications have dealt with various types of security requirements in cloud computing but not all types have been explored in sufficient depth. It is also hard to understand which types of requirements have been under-researched and which are most investigated. This paper's goal is to provide a comprehensive and structured overview of cloud computing security requirements and solutions. We carried out a systematic review and identified security requirements from previous publications that we classified in nine sub-areas: Access Control, Attack/Harm Detection, Non-repudiation, Integrity, Security Auditing, Physical Protection, Privacy, Recovery, and Prosecution. We found that (i) the least researched sub-areas are non-repudiation, physical protection, recovery and prosecution, and that (ii) access control, integrity and auditability are the most researched sub-areas.

Original language	Undefined
Title of host publication	Proceedings of the Sixth International Conference on Research Challenges in Information Science, RCIS 2012
Editors	C Rolland, J. Castro, O Pastor
Place of Publication	USA
Publisher	IEEE Computer Society
Pages	1-7
Number of pages	7
ISBN (Print)	978-1-4577-1936-3
DOIs	https://doi.org/10.1109/RCIS.2012.6240421
Publication status	Published - May 2012
Event	Sixth International Conference on Research Challenges in Information Science, RCIS 2012 - Universitat Politècnica de València, Valencia, Spain Duration: 16 May 2012 → 18 May 2012 Conference number: 6

Publication series

Name
Publisher	IEEE Computer Society

Conference

Conference	Sixth International Conference on Research Challenges in Information Science, RCIS 2012
Abbreviated title	RCIS 2012
Country/Territory	Spain
City	Valencia
Period	16/05/12 → 18/05/12

Keywords

SCS-Services
least researched sub-areas
systematic literature review
sequirity requirements engineering
auditing
most researched sub-areas
harm detection
physical protection
data integrity
data privacy
data recovery
prosecution
EWI-23178
Empirical Study
nonrepudiation
Software-as-a-Service
Attack Detection
IR-85244
Cloud computing
Access Control
Data Security
METIS-296358

Access to Document

10.1109/RCIS.2012.6240421

RCIS2012-Camera-Ready-Iankoulova-Daneva

Cite this

@inproceedings{ee4be60ae911483b93eb7c546efea233,

title = "Cloud computing security requirements: a systematic review",

abstract = "Many publications have dealt with various types of security requirements in cloud computing but not all types have been explored in sufficient depth. It is also hard to understand which types of requirements have been under-researched and which are most investigated. This paper's goal is to provide a comprehensive and structured overview of cloud computing security requirements and solutions. We carried out a systematic review and identified security requirements from previous publications that we classified in nine sub-areas: Access Control, Attack/Harm Detection, Non-repudiation, Integrity, Security Auditing, Physical Protection, Privacy, Recovery, and Prosecution. We found that (i) the least researched sub-areas are non-repudiation, physical protection, recovery and prosecution, and that (ii) access control, integrity and auditability are the most researched sub-areas.",

keywords = "SCS-Services, least researched sub-areas, systematic literature review, sequirity requirements engineering, auditing, most researched sub-areas, harm detection, physical protection, data integrity, data privacy, data recovery, prosecution, EWI-23178, Empirical Study, nonrepudiation, Software-as-a-Service, Attack Detection, IR-85244, Cloud computing, Access Control, Data Security, METIS-296358",

author = "Iliana Iankoulova and Maia Daneva",

note = "10.1109/RCIS.2012.6240421 ; null ; Conference date: 16-05-2012 Through 18-05-2012",

year = "2012",

month = may,

doi = "10.1109/RCIS.2012.6240421",

language = "Undefined",

isbn = "978-1-4577-1936-3",

publisher = "IEEE Computer Society",

pages = "1--7",

editor = "C Rolland and J. Castro and O Pastor",

booktitle = "Proceedings of the Sixth International Conference on Research Challenges in Information Science, RCIS 2012",

address = "United States",

}

Iankoulova, I & Daneva, M 2012, Cloud computing security requirements: a systematic review. in C Rolland, J Castro & O Pastor (eds), Proceedings of the Sixth International Conference on Research Challenges in Information Science, RCIS 2012. IEEE Computer Society, USA, pp. 1-7, Sixth International Conference on Research Challenges in Information Science, RCIS 2012, Valencia, Spain, 16/05/12. https://doi.org/10.1109/RCIS.2012.6240421

Cloud computing security requirements: a systematic review. / Iankoulova, Iliana; Daneva, Maia.

Proceedings of the Sixth International Conference on Research Challenges in Information Science, RCIS 2012. ed. / C Rolland; J. Castro; O Pastor. USA : IEEE Computer Society, 2012. p. 1-7.

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › Academic › peer-review

TY - GEN

T1 - Cloud computing security requirements: a systematic review

AU - Iankoulova, Iliana

AU - Daneva, Maia

N1 - Conference code: 6

PY - 2012/5

Y1 - 2012/5

N2 - Many publications have dealt with various types of security requirements in cloud computing but not all types have been explored in sufficient depth. It is also hard to understand which types of requirements have been under-researched and which are most investigated. This paper's goal is to provide a comprehensive and structured overview of cloud computing security requirements and solutions. We carried out a systematic review and identified security requirements from previous publications that we classified in nine sub-areas: Access Control, Attack/Harm Detection, Non-repudiation, Integrity, Security Auditing, Physical Protection, Privacy, Recovery, and Prosecution. We found that (i) the least researched sub-areas are non-repudiation, physical protection, recovery and prosecution, and that (ii) access control, integrity and auditability are the most researched sub-areas.

AB - Many publications have dealt with various types of security requirements in cloud computing but not all types have been explored in sufficient depth. It is also hard to understand which types of requirements have been under-researched and which are most investigated. This paper's goal is to provide a comprehensive and structured overview of cloud computing security requirements and solutions. We carried out a systematic review and identified security requirements from previous publications that we classified in nine sub-areas: Access Control, Attack/Harm Detection, Non-repudiation, Integrity, Security Auditing, Physical Protection, Privacy, Recovery, and Prosecution. We found that (i) the least researched sub-areas are non-repudiation, physical protection, recovery and prosecution, and that (ii) access control, integrity and auditability are the most researched sub-areas.

KW - SCS-Services

KW - least researched sub-areas

KW - systematic literature review

KW - sequirity requirements engineering

KW - auditing

KW - most researched sub-areas

KW - harm detection

KW - physical protection

KW - data integrity

KW - data privacy

KW - data recovery

KW - prosecution

KW - EWI-23178

KW - Empirical Study

KW - nonrepudiation

KW - Software-as-a-Service

KW - Attack Detection

KW - IR-85244

KW - Cloud computing

KW - Access Control

KW - Data Security

KW - METIS-296358

U2 - 10.1109/RCIS.2012.6240421

DO - 10.1109/RCIS.2012.6240421

M3 - Conference contribution

SN - 978-1-4577-1936-3

SP - 1

EP - 7

BT - Proceedings of the Sixth International Conference on Research Challenges in Information Science, RCIS 2012

A2 - Rolland, C

A2 - Castro, J.

A2 - Pastor, O

PB - IEEE Computer Society

CY - USA

Y2 - 16 May 2012 through 18 May 2012

ER -