NDLI: Requisitos para análise de segurança da informação em provedores de serviços em nuvem

Please wait, while we are loading the content...

Requisitos para análise de segurança da informação em provedores de serviços em nuvem

Content Provider	Semantic Scholar
Author	Freund, Gislaine Parra Fagundes, Priscila Basto Macedo, Douglas Dyllon Jeronimo De
Copyright Year	2019
Abstract	With the occurrence of the big data phenomenon, the need for technology and adequate infrastructure to support this new scenario arises. In this context, cloud services meet this demand, but require specific security controls because of the way in which computing resources are designed, used, and managed. This paper presents an evaluation of the ISO / IEC 27017: 2016 standard with the objective of reporting security requirements for cloud service providers, classified according to their application to the organizational, physical and technical aspects. With the study it was possible to observe that for the organizational as well as the technical aspect, the standard presents several specific controls for the cloud services. Regarding the physical aspect, the recommendations are very similar to those of a traditional environment. The issue of security responsibilities and roles permeates the other controls and needs to be defined in detail among the parties involved. The work presents a framework with the controls addressed by the standard to streamline the understanding and its application, but requires additional technical evaluations to operationalize them. It is also noted that to achieve a complete safety solution, the controls of ISO / IEC 27002: 2013 should be adopted. In addition, the purpose of the cloud service usage scenarios, the service model purchased, and the security risks associated with each are decisive for properly implementing the requirements.
File Format	PDF HTM / HTML
DOI	10.22478/ufpb.1981-0695.2019v14n1.44931
Alternate Webpage(s)	http://periodicos.ufpb.br/index.php/itec/article/viewFile/38201/21009
Alternate Webpage(s)	https://doi.org/10.22478/ufpb.1981-0695.2019v14n1.44931
Volume Number	14
Language	English
Access Restriction	Open
Content Type	Text
Resource Type	Article

Central Library (ISO-9001:2015 Certified)
Indian Institute of Technology Kharagpur
Kharagpur, West Bengal, India | PIN - 721302

See location in the Map
03222 282435
Mail: support@ndl.gov.in

Sl.	Authority	Responsibilities	Communication Details
1	Ministry of Education (GoI), Department of Higher Education	Sanctioning Authority	https://www.education.gov.in/ict-initiatives
2	Indian Institute of Technology Kharagpur	Host Institute of the Project: The host institute of the project is responsible for providing infrastructure support and hosting the project	https://www.iitkgp.ac.in
3	National Digital Library of India Office, Indian Institute of Technology Kharagpur	The administrative and infrastructural headquarters of the project	Dr. B. Sutradhar bsutra@ndl.gov.in
4	Project PI / Joint PI	Principal Investigator and Joint Principal Investigators of the project	Dr. B. Sutradhar bsutra@ndl.gov.in Prof. Saswat Chakrabarti will be added soon
5	Website/Portal (Helpdesk)	Queries regarding NDLI and its services	support@ndl.gov.in
6	Contents and Copyright Issues	Queries related to content curation and copyright issues	content@ndl.gov.in
7	National Digital Library of India Club (NDLI Club)	Queries related to NDLI Club formation, support, user awareness program, seminar/symposium, collaboration, social media, promotion, and outreach	clubsupport@ndl.gov.in
8	Digital Preservation Centre (DPC)	Assistance with digitizing and archiving copyright-free printed books	dpc@ndl.gov.in
9	IDR Setup or Support	Queries related to establishment and support of Institutional Digital Repository (IDR) and IDR workshops	idr@ndl.gov.in