Inter-Cloud Data Security Framework to Build Trust Based on Compliance with Controls

Syed Imran Akhtar; Abdul Rauf; Muhammad Faisal Amjad; Ifra Batool

doi:10.1049/2024/6565102

IET Information Security (Jan 2024)

Inter-Cloud Data Security Framework to Build Trust Based on Compliance with Controls

Syed Imran Akhtar,
Abdul Rauf,
Muhammad Faisal Amjad,
Ifra Batool

Affiliations

Syed Imran Akhtar: Department of Information Security
Abdul Rauf: Department of Information Security
Muhammad Faisal Amjad: Department of Information Security
Ifra Batool: Department of Computer Science

DOI: https://doi.org/10.1049/2024/6565102
Journal volume & issue: Vol. 2024

Abstract

Read online

Prospects of cloud computing as a technology that optimizes resources, reduces complexity, and provides cost-effective solutions to its consumers are well established. The future of cloud is the “cloud of clouds,” where cloud service providers (CSPs) collaborate with each other to provide ever-scalable solutions to their customers. However, one of the most restricting factors toward the use of the cloud by its consumers is their concerns about data security. Most sensitive to any organization is its data, thus, to give confidence to these organizations to put their data in the cloud requires a trustworthy framework. Therefore, this paper proposes an inter-cloud data security framework, which is a set of controls and a mechanism to measure trust for data sharing based on compliance with the controls. The proposed framework for building inter-cloud trust for data security (FBI-TDS) defines a set of data security controls extracted to cover the possible data-related threats linked with various inter-cloud use cases. As part of FBI-TDS, a mechanism is suggested that would enable CSPs to view compliance with data security controls and the overall trustworthiness of other CSPs. This would enable them to decide the level of interaction that they might undertake, depending upon their data security commitments. A data security compliance monitor service is proposed which measures compliance with data security controls. This service communicates with data trust as a service (DTaaS), which measures the trustworthiness of a CSP based on its total compliance value, users’ feedback rating, and cloud security auditor rating. CSPs who subscribe to DTaaS would be able to view the trustworthiness of other CSPs, yet they would be bound to provide access to the service to measure theirs as well. This new approach to data security in inter-cloud is a mix of data security controls, their measure of compliance, and based on this trust value of a CSP for handling data. The proposed solution thus promotes the cloud of clouds by securing inter-cloud interactions for data-related use cases.

Published in IET Information Security

ISSN: 1751-8709 (Print); 1751-8717 (Online)
Publisher: Wiley
Country of publisher: United Kingdom
LCC subjects: Technology: Electrical engineering. Electronics. Nuclear engineering: Electronics: Computer engineering. Computer hardware; Science: Mathematics: Instruments and machines: Electronic computers. Computer science
Website: https://ietresearch.onlinelibrary.wiley.com/journal/ietis

About the journal