Defining an Effective Security Policy for Companies using Cloud Compt..

      Аннотация: Cloud computing offers a variety of services like computational platform, computational power, storage and applications by means of the web. The cloud services have brought business supporting technology that attracts different companies around the globe. The aim of this study is to define an effective security policy for companies using cloud computing. In a cloud situation, policy are neither likely to be up to date nor likely to be effective, due to the constant change in attack threats. Security threats and vulnerability have been giving credit to attackers to access the information of different users. First, this study identifies security challenges, companies need to guard against it in order to define an effective security policy with the corresponding existing solutions. Second, one of the main contributions of this study is a security policy model. The model contains five elements Security Goals, Policies, Security Mechanisms, Security Requirements and Security Challenges. Security challenges addressed in security policy by passing through the steps exist in the security policy model. Generally, the model is used to define an effective security policy.

Ключевые слова: security, Cloud Conmputing