IRMA-International.org: Creator of Knowledge
Information Resources Management Association
Advancing the Concepts & Practices of Information Resources Management in Modern Organizations

A Structured Method for Security Requirements Elicitation Concerning the Cloud Computing Domain

A Structured Method for Security Requirements Elicitation Concerning the Cloud Computing Domain
View Sample PDF
Author(s): Kristian Beckers (Univeristy of Duisburg-Essen, Germany), Isabelle Côté (ITESYS Institute for Technical Systems GmbH, Germany), Ludger Goeke (ITESYS Institute for Technical Systems GmbH, Germany), Selim Güler (EASY SOFTWARE AG, Germany)and Maritta Heisel (University of Duisburg-Essen, Germany)
Copyright: 2018
Pages: 24
Source title: Computer Systems and Software Engineering: Concepts, Methodologies, Tools, and Applications
Source Author(s)/Editor(s): Information Resources Management Association (USA)
DOI: 10.4018/978-1-5225-3923-0.ch031

Purchase

View A Structured Method for Security Requirements Elicitation Concerning the Cloud Computing Domain on the publisher's website for pricing and purchasing information.

Abstract

Cloud computing systems offer an attractive alternative to traditional IT-systems, because of economic benefits that arise from the cloud's scalable and flexible IT-resources. The benefits are of particular interest for SME's. The reason is that using Cloud Resources allows an SME to focus on its core business rather than on IT-resources. However, numerous concerns about the security of cloud computing services exist. Potential cloud customers have to be confident that the cloud services they acquire are secure for them to use. Therefore, they have to have a clear set of security requirements covering their security needs. Eliciting these requirements is a difficult task, because of the amount of stakeholders and technical components to consider in a cloud environment. Therefore, the authors propose a structured, pattern-based method supporting eliciting security requirements and selecting security measures. The method guides potential cloud customers to model the application of their business case in a cloud computing context using a pattern-based approach. Thus, a potential cloud customer can instantiate our so-called Cloud System Analysis Pattern. Then, the information of the instantiated pattern can be used to fill-out our textual security requirements patterns and individual defined security requirement patterns, as well. The presented method is tool-supported. Our tool supports the instantiation of the cloud system analysis pattern and automatically transfers the information from the instance to the security requirements patterns. In addition, they have validation conditions that check e.g., if a security requirement refers to at least one element in the cloud. The authors illustrate their method using an online-banking system as running example.

Related Content

Preethi, Sapna R., Mohammed Mujeer Ulla. © 2023. 16 pages.
Srividya P.. © 2023. 12 pages.
Preeti Sahu. © 2023. 15 pages.
Vandana Niranjan. © 2023. 23 pages.
S. Darwin, E. Fantin Irudaya Raj, M. Appadurai, M. Chithambara Thanu. © 2023. 33 pages.
Shankara Murthy H. M., Niranjana Rai, Ramakrishna N. Hegde. © 2023. 23 pages.
Jothimani K., Bhagya Jyothi K. L.. © 2023. 19 pages.
Body Bottom