1415161718192017 of 68
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • harvard1
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf
Information Security Risk Assessment in Cloud
Luleå University of Technology, Department of Computer Science, Electrical and Space Engineering, Computer Science.
2019 (English)Independent thesis Advanced level (degree of Master (One Year)), 10 credits / 15 HE creditsStudent thesis
Abstract [en]

This research addresses the issue of information security risk assessment (ISRA) on cloud solutions implemented for large companies. Four companies were studied, of which three used cloud services and conducted ISRA, while one provided cloud services and consultancy to customers on ISRA. Data were gathered qualitatively to (1) analyze the cloud using companies’ practices and (2) to identify regularities observed by the cloud providing company. The COAT-hanger model, which focuses on theorizing the practices, was used to study the practices. The results showed that the companies aimed to follow the guidelines, in the form of frameworks or their own experience, to conduct ISRA; furthermore, the frameworks were altered to fit the companies’ needs. The results further indicated that one of the main concerns with the cloud ISRA was the absence of a culture that integrates risk management. In addition, the companies’ boards lacked interest in and/or awareness of risks associated with the cloud solutions. Finally, the finding also stressed the importance of a good understanding and a well written legal contract between the cloud providers and the companies utilizing the cloud services.

Place, publisher, year, edition, pages
2019. , p. 56
Keywords [en]
Information Security, Risk Assessment, Cloud Security, Risk Analysis, Risk Identification, Risk Evaluation, Practical Security
National Category
Computer Sciences
Identifiers
URN: urn:nbn:se:ltu:diva-76120OAI: oai:DiVA.org:ltu-76120DiVA, id: diva2:1354699
Subject / course
Student thesis, at least 15 credits
Educational program
Information Security, master's level (60 credits)
Supervisors
Examiners
Available from: 2019-10-30 Created: 2019-09-26 Last updated: 2019-10-30Bibliographically approved

Open Access in DiVA

fulltext(1266 kB)20 downloads
File information
File name FULLTEXT01.pdfFile size 1266 kBChecksum SHA-512
b3f6bbe491e362b816cc98f90c3bb993757cdc5ab02ed5303e564f372dfa78cc64239d77cfa6196a32957985ebb85b7cbf3367b1af7fc74e835856b56e5963c4
Type fulltextMimetype application/pdf

By organisation
Computer Science
Computer Sciences

Search outside of DiVA

GoogleGoogle Scholar
Total: 20 downloads
The number of downloads is the sum of all downloads of full texts. It may include eg previous versions that are now no longer available

urn-nbn

Altmetric score

urn-nbn
Total: 34 hits
1415161718192017 of 68
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • harvard1
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf