Luisa Giudicianni scite author profile

Luisa Giudicianni

2Publications

0Citation Statements Received

0Citation Statements Given

How they've been cited

How they cite others

Affiliations

Ingegneria dei Sistemi (Italy), Engineering (Italy)

Publications

Order By: Most citations

Compliance in the Cloud

Bonelli

Giudicianni

Immediata

et al. 2013

View full text Add to dashboard Cite

Despite the huge economic, handling, and computational benefits of the cloud technology, the multitenant and geographically distributed nature of clouds hides a large crowd of security and regulatory issues to be addressed. The main reason for these problems is the unavoidable loss of physical control that costumers are forced to accept when opting for the cloud model. This aspect, united with the lack of knowledge (i.e. transparency) of the vendor’s infrastructure implementation, represents a nasty question when costumers are asked to respond to audit findings, produce support for forensic investigations, and, more generically, to ensure compliance with information security standards and regulations. Yet, support for security standards compliance is a need for cloud providers to overcome customers hesitancy and meet their expectations. In this context, tracking, auditing, and reporting practices, while transcending the compliance regimes, represent the primary vehicle of assurance for security managers and auditors on the achievement of security and regulatory compliance objectives. The aim of this chapter is to provide a roundup of crucial requirements resulting from common security certification standards and regulation. Then, the chapter reports an overview of approaches and methodologies for addressing compliance coming from the most relevant initiatives on cloud security and a survey of what storage cloud vendors declare to do in terms of compliance. Finally, the SIEM-based approach as a supporting technology for the achievement of security compliance objectives is described and, the architecture of the security compliance component of the VISION Cloud architecture is presented.

show abstract

Compliance in the Cloud

Bonelli

Giudicianni

Immediata

et al. 2015

View full text Add to dashboard Cite

Despite the huge economic, handling, and computational benefits of the cloud technology, the multitenant and geographically distributed nature of clouds hides a large crowd of security and regulatory issues to be addressed. The main reason for these problems is the unavoidable loss of physical control that costumers are forced to accept when opting for the cloud model. This aspect, united with the lack of knowledge (i.e. transparency) of the vendor's infrastructure implementation, represents a nasty question when costumers are asked to respond to audit findings, produce support for forensic investigations, and, more generically, to ensure compliance with information security standards and regulations. Yet, support for security standards compliance is a need for cloud providers to overcome customers hesitancy and meet their expectations. In this context, tracking, auditing, and reporting practices, while transcending the compliance regimes, represent the primary vehicle of assurance for security managers and auditors on the achievement of security and regulatory compliance objectives. The aim of this chapter is to provide a roundup of crucial requirements resulting from common security certification standards and regulation. Then, the chapter reports an overview of approaches and methodologies for addressing compliance coming from the most relevant initiatives on cloud security and a survey of what storage cloud vendors declare to do in terms of compliance. Finally, the SIEM-based approach as a supporting technology for the achievement of security compliance objectives is described and, the architecture of the security compliance component of the VISION Cloud architecture is presented.

show abstract

scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.

Contact Info

customersupport@researchsolutions.com

10624 S. Eastern Ave., Ste. A-614

Henderson, NV 89052, USA

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Blog Terms and Conditions API Terms Privacy Policy Contact Cookie Preferences Do Not Sell or Share My Personal Information

Made with 💙 for researchers

Part of the Research Solutions Family.