Toward business-driven risk management for cloud computing
Tipus de documentText en actes de congrés
EditorIEEE Computer Society Publications
Condicions d'accésAccés obert
The Cloud computing paradigm is offering an innovative and promising vision concerning the Information and Communications Technology (ICT). Notwithstanding, the use of Cloud resources, which usually are external assets to their consumers, implies risk issues that must be taken into account. In this paper, we present a Cloud computing risk management approach aware of the Business-Level Objectives (BLOs) of a given Cloud organization. More to the point, we propose an innovatory SEmi-quantitative BLO-driven Cloud Risk Assessment (SEBCRA) as its core subprocess. In addition, we present, as a use case, a Cloud Service Provider (CSP) that is able to improve the achievement of a BLO, i.e. profit maximization, by managing, assessing, and treating Cloud risks. As demonstrated in the experimentation, this provider maximizes its profit by transferring risks of provisioning its private Cloud to third-party providers of Cloud infrastructures.
CitacióFitó, J.; Macías, M.; Guitart, J. Toward business-driven risk management for cloud computing. A: International Conference on Network and Service Management. "Proceedings of the 2010 International Conference on Network and Service Management". Cataratas del Niagara: IEEE Computer Society Publications, 2010, p. 238-241.
Versió de l'editorhttp://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=5691291