Web proceedings papers

Authors

Sasko Ristov , Marjan Gusev and Magdalena Kostoska

Abstract

Concept of cloud computing is an important paradigm offering dynamically scalable resources, redundancy, multitenancy, elasticity and also costs saving, both in CAPEX and OPEX. Despite the benefits, there are many security issues to be solved. Since the applications and data are moving outside of the customer security perimeter, the most important part is to insure certain information security. In this paper we analyze the conformity of ISO 27001:2005 requirements as a framework for managing the security of information assets in cloud computing. Although it is intended for standalone solutions and applications we plan to research its impact on cloud computing. As a result of the research, we propose addition of a new control objective to the standard to increase its conformity to information security, data privacy and trust in cloud computing.

Keywords

ISMS, Cloud Computing, Information Security, Data Privacy