Categorization of Standards, Guidelines and Tools for Secure System Design for Critical Infrastructure IT in the Cloud

Sarita Paudel, Markus Tauber, Christian Wagner, Aleksandar Hudic, Wee-Kong Ng
2014 2014 IEEE 6th International Conference on Cloud Computing Technology and Science  
With the increasing popularity of cloud computing, security in cloud-based applications is gaining awareness and is regarded as one of the most crucial factors for the longterm success of such applications. Despite all benefits of cloud computing, its fate lies in its success in gaining trust from its users achieved by ensuring cloud services being built in a safe and secure manner. This work evaluates existing security standards and tools for creating Critical Infrastructure (CI) services in
more » ... oud environments -often implemented as cyberphysical systems (CPS). We also identify security issues from a literature review and from a show case analysis. Furthermore, we analyse and evaluate how mitigation options for identified open security issues for CI in the cloud point to individual aspects of standards and guidelines to support the creation of secure CPS/CI in the cloud. Additionally, we presented the results in a multidimensional taxonomy based on the mapping of the issues and the standards and tools. We show which areas require the attention as they are currently not covered completely by existing standards, guidelines and tools.
doi:10.1109/cloudcom.2014.172 dblp:conf/cloudcom/PaudelTWHN14 fatcat:fybbweodxvegrpqlzfkzbq3mji