Back to Search Start Over

Compliance Issues In Cloud Computing Systems

Authors :
Yimam, Dereje (author)
Fernandez, Eduardo B. (Thesis advisor)
Florida Atlantic University (Degree grantor)
College of Engineering and Computer Science
Department of Computer and Electrical Engineering and Computer Science
Yimam, Dereje (author)
Fernandez, Eduardo B. (Thesis advisor)
Florida Atlantic University (Degree grantor)
College of Engineering and Computer Science
Department of Computer and Electrical Engineering and Computer Science
Publication Year :
2015

Abstract

Summary: Appealing features of cloud services such as elasticity, scalability, universal access, low entry cost, and flexible billing motivate consumers to migrate their core businesses into the cloud. However, there are challenges about security, privacy, and compliance. Building compliant systems is difficult because of the complex nature of regulations and cloud systems. In addition, the lack of complete, precise, vendor neutral, and platform independent software architectures makes compliance even harder. We have attempted to make regulations clearer and more precise with patterns and reference architectures (RAs). We have analyzed regulation policies, identified overlaps, and abstracted them as patterns to build compliant RAs. RAs should be complete, precise, abstract, vendor neutral, platform independent, and with no implementation details; however, their levels of detail and abstraction are still debatable and there is no commonly accepted definition about what an RA should contain. Existing approaches to build RAs lack structured templates and systematic procedures. In addition, most approaches do not take full advantage of patterns and best practices that promote architectural quality. We have developed a five-step approach by analyzing features from available approaches but refined and combined them in a new way. We consider an RA as a big compound pattern that can improve the quality of the concrete architectures derived from it and from which we can derive more specialized RAs for cloud systems. We have built an RA for HIPAA, a compliance RA (CRA), and a specialized compliance and security RA (CSRA) for cloud systems. These RAs take advantage of patterns and best practices that promote software quality. We evaluated the architecture by creating profiles. The proposed approach can be used to build RAs from scratch or to build new RAs by abstracting real RAs for a given context. We have also described an RA itself as a compound pattern by using a modified<br />2015<br />Includes bibliography.<br />Degree granted: Dissertation (Ph.D.)--Florida Atlantic University, 2015.<br />Collection: FAU Electronic Theses and Dissertations Collection

Details

Database :
OAIster
Notes :
173 p., application/pdf, English
Publication Type :
Electronic Resource
Accession number :
edsoai.on1364876328
Document Type :
Electronic Resource

Tools

Authors Abstract Subjects Details