论文信息 - Security standards taxonomy for Cloud applications in Critical Infrastructure IT

Security standards taxonomy for Cloud applications in Critical Infrastructure IT

The trend of using the Cloud will soon reach Critical Infrastructure (CI) IT. Due to the lack of relevant taxonomies and criteria catalogs, it is often difficult for software development teams who work in the CI and cloud domain to adopt the right standard or tool for the context at hand. This work motivates the investigation of the applicability of software security standards and tools for CI IT, outlines the relevant security issues and investigates gaps in existing work on this topic.

[1] Rossouw von Solms,et al. Guidelines for secure software development , 2008, SAICSIT '08.

[2] S. O. Kuyoro,et al. Cloud computing security issues and challenges , 2011 .

[3] Krishna P. Gummadi,et al. Policy-Sealed Data: A New Abstraction for Building Trusted Cloud Services , 2012, USENIX Security Symposium.

[4] Madjid Merabti,et al. Secure Cloud Computing for Critical Infrastructure: A Survey , 2012 .

[5] Reijo Savola,et al. Towards a taxonomy for information security metrics , 2007, QoP '07.

[6] Matjaz B. Juric,et al. Towards a unified taxonomy and architecture of cloud frameworks , 2013, Future Gener. Comput. Syst..

[7] Huaglory Tianfield. Security issues in cloud computing , 2012, 2012 IEEE International Conference on Systems, Man, and Cybernetics (SMC).

[8] M. A. C. Dekker. Critical Cloud Computing. A CIIP perspective on cloud computing services , 2013 .

[9] Sam Weber,et al. Lessons Learned: Building the Caernarvon High-Assurance Operating System , 2011, IEEE Security & Privacy.