Article

Article title FEATURES OF THE ANALYSIS OF INFORMATION SECURITY OF CLOUDY SYSTEMS
Authors O.Y. Peskova, K.E. Stepovaja
Section SECTION I. CONCEPTUAL ISSUES OF INFORMATION SECURITY
Month, Year 12, 2013 @en
Index UDC 004.75
DOI
Abstract The paper provides a classification of cloud services, groups of requirements to cloudy systems are shown, and describes the architecture of cloud computing of NIS, model of service and the expansions of cloudy systems presented in this model. The main problems of ensuring safety in cloudy services are considered. Classification of problems of information security of cloudy technologies is offered. Lists the organizations dealing with issues of standardization of safety of cloudy systems. A list of requirements to safety is developed for various classes of cloudy systems in the following directions: Classification and asset management, Safety issues related with the personnel, Physical protection of data center, Management of data transmission and operational activity, Access control, Monitoring of access, Development and maintenance of systems, Measures for ensuring continuous work of system, Compliance to requirements. According to each requirement within a developed methodology the following questions are specified: Deployment model for which this criterion is critical, Objective application of recommendations, Threats can be eliminated by the application of these recommendations.

Download PDF

Keywords Cloud systems; security; safety requirements.
References 1. Батлер Б. Насколько широко используются облачные технологии? Зависит от того, как спрашивают [Электронный ресурс] // Открытые системы [сайт]. URL: http://www.osp.ru/news/articles/2013/18/13035508/ (дата обращения: 20.10.2013).
2. ORGs for Scalable, Robust, Privacy-Friendly Client Cloud Computing Internet Computing, September/October 2008 (vol. 12 no. 5), pp. 96-99 Carl Hewitt, Massachusetts Institute of
Technology. URL: http://www.computer.org/csdl/mags/ic/2008/05/mic2008050096-abs.html (дата обращения: 20.10.2013).
3. NIST Cloud Computing Program [Электронный ресурс] // National Institute of Standards and Technology [сайт]. URL: http://csrc.nist.gov/publications/nistpubs/800-145/SP800-
145.pdf (дата обращения: 20.10.2013).
4. NIST Референтная (эталонная) архитектура облачных вычислений (Cloud Computing Reference Architecture) Версия 1.0. [Электронный ресурс] // О Cloud Computing на русском [сайт]. URL: http://cloud.sorlik.ru/reference_architecture.html (дата обращения: 20.10.2013).
5. Эмм М. Облачные вычисления. Плюсы и минусы с точки зрения безопасности [Электронный ресурс] // Информационная безопасность в СПбГЭУ [сайт]. URL:
http://pycode.ru/2011/02/cloud-computing/ (дата обращения: 20.10.2013).
6. Черняк Л. Безопасность: облако или болото? [Электронный ресурс] // Открытые системы [сайт]. URL: http://www.osp.ru/os/2010/01/13000673/ (дата обращения: 20.10.2013).
7. Stallman R. Cloud computing is a trap, warns GNU founder Richard Stallman», интервью газете The Guardian. 2008/09/29 URL: http://www.guardian.co.uk/technology/2008
/sep/29/cloud.computing.richard.stallman (дата обращения: 20.10.2013).

Comments are closed.