Högskolan i Skövde

his.sePublications
Change search
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • apa-cv
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf
Cloud security frameworks and measures for SLA (Service Level Agreement)
University of Skövde, School of Informatics.
2022 (English)Independent thesis Advanced level (degree of Master (One Year)), 10 credits / 15 HE creditsStudent thesis
Abstract [en]

Small companies and organizations have expressed doubts about using cloud services due to unclear Service Level Agreement (SLA) contracts. These contracts are usually based on security frameworks and measures adapted for data security in general, but not for complex cloud data specifically. The purpose of this study was therefore to compare end users’ opinions of the security measures and security frameworks that were being used for their SLA contracts for cloud services. The study was carried out through semi-structured interviews, thematization, and comparison with earlier research on SLA and cloud security. The result showed that security frameworks on which SLA contracts were based were being used in a too general way by cloud service providers. This made the contracts unclear and not entirely relevant to their own operations. Therefore, the users wanted implementations of security measures that were easier to interpret, well-established and recognized, and relevant to their own operations. The users wanted the security measures to be more detailed by having the cloud service providers divide them into more categories relevant to their particular activities. The users also wanted SLA contracts adapted to their individual needs for cloud security specifically. One conclusion was that frameworks such as ISO, NIST, and COBIT were being used in a too general way for generating cloud service SLAs. Another conclusion was that cloud service security measures should be more specific to users’ own operations and easier to interpret in relation to established frameworks. Cloud service providers could use NIST, ISO, and COBIT to generate more specific measures. One solution would be to automatically generate more specific SLA contracts by auto-selecting established frameworks and well-defined security measures.

Place, publisher, year, edition, pages
2022. , p. 34
Keywords [en]
cloud security, cloud service, service level agreement, SLA
National Category
Computer and Information Sciences
Identifiers
URN: urn:nbn:se:his:diva-23044OAI: oai:DiVA.org:his-23044DiVA, id: diva2:1782897
Subject / course
Informationsteknologi
Educational program
Privacy, Information and Cyber Security - Master's Programme 60 ECTS
Supervisors
Examiners
Available from: 2023-07-18 Created: 2023-07-18 Last updated: 2023-07-18Bibliographically approved

Open Access in DiVA

fulltext(424 kB)302 downloads
File information
File name FULLTEXT01.pdfFile size 424 kBChecksum SHA-512
05c159554e14490706ead9b26d53984b201b4a1eb325b22c97856abd2cd8d43f1157fdcfeb7503f0033a2a6b32a16c3f2591cf32e04339bd25e859ff2b2fe679
Type fulltextMimetype application/pdf

By organisation
School of Informatics
Computer and Information Sciences

Search outside of DiVA

GoogleGoogle Scholar
Total: 302 downloads
The number of downloads is the sum of all downloads of full texts. It may include eg previous versions that are now no longer available

urn-nbn

Altmetric score

urn-nbn
Total: 315 hits
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • apa-cv
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf