INFORMATION SECURITY

Topic: Mitigations to ensure the

confidentiality, integrity and availability of
the data stored on these providers?
Discuss mitigations for both the cloud
providers and also the end users.
Name of University:
Team Members:

Introduction of Cloud Providers

It is

a firm which delivers cloud computing that

relies on services and solution to individuals and
business. It is also known as utility computing
provider.(Janssen,2015)
Based on the business model. There are many
solutions
Infrastructure as a Service(IAAS)
Software as service(SAAS)
Platform as service(PAAS)

INFORMATION SECURITY

What is Confidentiality,
integrity, availability

Also known as CIA

triad
Structure made to
guide policies for
information security
within an
organization.
Are considered to be
crucial elements
components of
society.
INFORMATION SECURITY

Diagrammatical representation of
Dropbox, Google Drive

INFORMATION SECURITY

Problems related to ensure

Confidentiality, Availability,
Integrity by cloud providers

Malicious behaviour of insiders.

Incomplete or insecure data completion.
Management interface vulnerability.
Loss of Governance.
Isolation of failure.
Compliance and legal risks.

INFORMATION SECURITY

Cloud Providers
Problems Faced

Data integrity
Data theft
Privacy issue
Data loss
Data location

INFORMATION SECURITY

Mitigation

Identify the assets

Conduct post-run

Analyze the risk

Apple security
countermeasure

Users of Cloud Services

Problems faced

Privacy
Security
Data breaches
Data protection

INFORMATION SECURITY

Mitigation

Privileged user Access

Long-term viability

Regulatory Compliance
Data Location
Demonstrable customer care
Data Segregation
Recovery
Investigative support/Search
ability
7

References
Peltier, T. R. (2013).Information security fundamentals. CRC Press.
Whitman, M., & Mattord, H. (2011).Principles of information security. Cengage Learning.
Mell, P., & Grance, T. (2011). The NIST definition of cloud computing.
Whitman, M., & Mattord, H. (2013).Management of information security. Cengage Learning.
Feng, D. G., Zhang, M., Zhang, Y., & Xu, Z. (2011). Study on cloud computing
security.Journal of software,22(1), 71-83.
Stamp, M. (2011).Information security: principles and practice. John Wiley & Sons.
Conti, M., Nguyen, V. T. N., & Crispo, B. (2011). CRePE: Context-related policy enforcement
for Android. InInformation Security(pp. 331-345). Springer Berlin Heidelberg.
Vacca, J. R. (2012).Computer and information security handbook. Newnes.
Ifinedo, P. (2012). Understanding information systems security policy compliance: An
integration of the theory of planned behavior and the protection motivation
theory.Computers & Security,31(1), 83-95.
Hu, Q., Dinev, T., Hart, P., & Cooke, D. (2012). Managing Employee Compliance with
Information Security Policies: The Critical Role of Top Management and Organizational
Culture*.Decision Sciences,43(4), 615-660.
Taylor, R. W., Fritsch, E. J., & Liederbach, J. (2014).Digital crime and digital terrorism.
Prentice Hall Press.
Thompson, S. T. (2013). Helping the hacker? Library information, security, and social
engineering. Information Technology and Libraries, 25(4), 222-225.
INFORMATION SECURITY

THANK YOU !!

INFORMATION SECURITY