You are here
Compliance Issues In Cloud Computing Systems
| Title: | Compliance Issues In Cloud Computing Systems. |
 226 views 87 downloads |
|---|---|---|
| Name(s): |
Yimam, Dereje, author Fernandez, Eduardo B., Thesis advisor Florida Atlantic University, Degree grantor College of Engineering and Computer Science Department of Computer and Electrical Engineering and Computer Science |
|
| Type of Resource: | text | |
| Genre: | Electronic Thesis Or Dissertation | |
| Date Created: | 2015 | |
| Date Issued: | 2015 | |
| Publisher: | Florida Atlantic University | |
| Place of Publication: | Boca Raton, Fla. | |
| Physical Form: | application/pdf | |
| Extent: | 173 p. | |
| Language(s): | English | |
| Summary: | Appealing features of cloud services such as elasticity, scalability, universal access, low entry cost, and flexible billing motivate consumers to migrate their core businesses into the cloud. However, there are challenges about security, privacy, and compliance. Building compliant systems is difficult because of the complex nature of regulations and cloud systems. In addition, the lack of complete, precise, vendor neutral, and platform independent software architectures makes compliance even harder. We have attempted to make regulations clearer and more precise with patterns and reference architectures (RAs). We have analyzed regulation policies, identified overlaps, and abstracted them as patterns to build compliant RAs. RAs should be complete, precise, abstract, vendor neutral, platform independent, and with no implementation details; however, their levels of detail and abstraction are still debatable and there is no commonly accepted definition about what an RA should contain. Existing approaches to build RAs lack structured templates and systematic procedures. In addition, most approaches do not take full advantage of patterns and best practices that promote architectural quality. We have developed a five-step approach by analyzing features from available approaches but refined and combined them in a new way. We consider an RA as a big compound pattern that can improve the quality of the concrete architectures derived from it and from which we can derive more specialized RAs for cloud systems. We have built an RA for HIPAA, a compliance RA (CRA), and a specialized compliance and security RA (CSRA) for cloud systems. These RAs take advantage of patterns and best practices that promote software quality. We evaluated the architecture by creating profiles. The proposed approach can be used to build RAs from scratch or to build new RAs by abstracting real RAs for a given context. We have also described an RA itself as a compound pattern by using a modified POSA template. Finally, we have built a concrete deployment and availability architecture derived from CSRA that can be used as a foundation to build compliance systems in the cloud. | |
| Identifier: | FA00004559 (IID) | |
| Degree granted: | Dissertation (Ph.D.)--Florida Atlantic University, 2015. | |
| Collection: | FAU Electronic Theses and Dissertations Collection | |
| Note(s): | Includes bibliography. | |
| Subject(s): |
Biometric identification Client/server computing -- Security measures Cloud computing -- Security measures Computational intelligence Computer software -- Quality control Electronic information resources -- Access control |
|
| Held by: | Florida Atlantic University Libraries | |
| Sublocation: | Digital Library | |
| Links: | http://purl.flvc.org/fau/fd/FA00004559 | |
| Persistent Link to This Record: | http://purl.flvc.org/fau/fd/FA00004559 | |
| Use and Reproduction: | Copyright © is held by the author, with permission granted to Florida Atlantic University to digitize, archive and distribute this item for non-profit research and educational purposes. Any reuse of this item in excess of fair use or other copyright exemptions requires permission of the copyright holder. | |
| Use and Reproduction: | http://rightsstatements.org/vocab/InC/1.0/ | |
| Host Institution: | FAU | |
| Is Part of Series: | Florida Atlantic University Digital Library Collections. |
