Technische Unterstützung von Audits bei Cloud-Betreibern

Kunz, Thomas; Niehues, Peter; Waldmann, Ulrich

doi:10.1007/s11623-013-0211-1

Cited by 10 publications

(2 citation statements)

References 1 publication

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Therefore, auditors must be immediately informed after compliance violations appeared. In addition to that, (semi) automation of these validation processes can enable an efficient validation of individual customer requirements (e.g., a high availability rate) [31]. Table 8.…”

Section: Compliancementioning

confidence: 99%

“…Thus, we argue that, after the initial certification process is accomplished, continuous auditing of selected certification criteria is required to assure continuously reliable and secure cloud services and to establish a trustworthy CSC. Nevertheless, continuous auditing cannot be realized solely manually due to high costs and considerable expenditures, hence, requiring (semi-) automated auditing processes [7,31]. Automation enables efficient validation of individual customer requirements (e.g., data location), allows for automated management of certificates for cloud providers, and increases efficiency of audits [31,57].…”

Section: Introductionmentioning

confidence: 99%

See 1 more Smart Citation

What is Really Going On at Your Cloud Service Provider? Creating Trustworthy Certifications by Continuous Auditing

Lins

Thiebes

Schneider

et al. 2015

2015 48th Hawaii International Conference on System Sciences

View full text Add to dashboard Cite

Cloud service certifications attempt to assure a high level of security and compliance. However, considering that cloud services are part of an everchanging environment, multi-year validity periods may put in doubt the reliability of such certifications. We argue that continuous auditing of selected certification criteria is required to assure continuously reliable and secure cloud services and thereby increase the trustworthiness of certifications. Continuous auditing of cloud services is still in its infancy, thus, we performed a systematic literature review to identify automated auditing methods that are applicable in the context of cloud computing. Our study yields a set of automated methods for continuous auditing in six clusters. We discuss the identified methods in terms of their applicability to address major concerns about cloud computing and how the methods can aid to continuously audit cloud environments. We thereby provide paths for future research to implement continuous auditing in cloud service contexts.

show abstract

Section: Compliancementioning

confidence: 99%