The Cloud computing paradigm is offering an innovative and promising vision concerning the Information and Communications Technology (ICT). Notwithstanding, the use
of Cloud resources, which usually are external assets to their consumers, implies risk issues that must be taken into account.
In this paper, we present a Cloud computing risk management approach aware of the Business-Level Objectives (BLOs) of a given Cloud organization. More to the point, we propose an innovatory SEmi-quantitative BLO-driven Cloud Risk Assessment (SEBCRA) as its core subprocess. In addition, we present, as a use case, a Cloud Service Provider (CSP) that is able to improve the achievement of a BLO, i.e. profit maximization, by managing, assessing, and treating Cloud risks. As demonstrated in the experimentation, this provider maximizes its profit by transferring risks of provisioning its private Cloud to third-party providers of Cloud infrastructures.
CitationFitó, J.; Macías, M.; Guitart, J. Toward business-driven risk management for cloud computing. A: International Conference on Network and Service Management. "Proceedings of the 2010 International Conference on Network and Service Management". Cataratas del Niagara: IEEE Computer Society Publications, 2010, p. 238-241.
All rights reserved. This work is protected by the corresponding intellectual and industrial property rights. Without prejudice to any existing legal exemptions, reproduction, distribution, public communication or transformation of this work are prohibited without permission of the copyright holder. If you wish to make any use of the work not provided for in the law, please contact: firstname.lastname@example.org