Meeting Compliance Requirements While Using Cloud Services

2019 ◽  
pp. 1769-1786
Author(s):  
S. Srinivasan
Keyword(s):  
Health Insurance ◽  
Service Providers ◽  
Cloud Services ◽  
Federal Regulations ◽  
Information Security Management ◽  
Payment Card ◽  
Customer Data ◽  
Sarbanes Oxley ◽  
Compliance Requirements ◽  
Financial Privacy

Compliance with government and industry regulations is an essential part of conducting business in several sectors. Many of the requirements revolve around financial, privacy, or security aspects. Most of the requirements are due to federal regulations in USA while some are industry requirements that are applicable globally. Even some of the federal regulations in USA apply to service providers abroad when they are providing service to entities in USA. In that sense, all of the compliance requirements discussed here apply to a global audience. In this chapter, the authors discuss in detail the scope of the Health Insurance Portability and Accountability Act, Sarbanes-Oxley Act, Federal Information Security Management Act, Gramm-Leach-Bliley Act, Payment Card Industry Requirements, and the Statement on Auditing Standards 70. These compliance requirements concern protecting the customer data stored in the cloud with respect to confidentiality and integrity. Several of these requirements have significant enforcement powers associated with them, and businesses need to take these requirements seriously and comply. The compliance aspect involves gathering and reporting appropriate information on a regular basis. The authors present details on all these aspects in this chapter.

Meeting Compliance Requirements while using Cloud Services

2014 ◽  
pp. 127-144
Author(s):  
S. Srinivasan
Keyword(s):  
Health Insurance ◽  
Service Providers ◽  
Cloud Services ◽  
Federal Regulations ◽  
Information Security Management ◽  
Payment Card ◽  
Customer Data ◽  
Sarbanes Oxley ◽  
Compliance Requirements ◽  
Financial Privacy

Compliance with government and industry regulations is an essential part of conducting business in several sectors. Many of the requirements revolve around financial, privacy, or security aspects. Most of the requirements are due to federal regulations in USA while some are industry requirements that are applicable globally. Even some of the federal regulations in USA apply to service providers abroad when they are providing service to entities in USA. In that sense, all of the compliance requirements discussed here apply to a global audience. In this chapter, the authors discuss in detail the scope of the Health Insurance Portability and Accountability Act, Sarbanes-Oxley Act, Federal Information Security Management Act, Gramm-Leach-Bliley Act, Payment Card Industry Requirements, and the Statement on Auditing Standards 70. These compliance requirements concern protecting the customer data stored in the cloud with respect to confidentiality and integrity. Several of these requirements have significant enforcement powers associated with them, and businesses need to take these requirements seriously and comply. The compliance aspect involves gathering and reporting appropriate information on a regular basis. The authors present details on all these aspects in this chapter.

scholarly journals Cloud Security - A Semantic Approach in End to End Security Compliance

2017 ◽  
Vol 5 (2) ◽  
pp. 97-106
Author(s):  
VNS Surendra Chimakurthi
Keyword(s):  
Security Policy ◽  
Service Providers ◽  
Cloud Service ◽  
Cloud Security ◽  
Cloud Services ◽  
Security Requirements ◽  
Security And Privacy ◽  
Cloud Service Providers ◽  
Compliance Requirements ◽  
Cloud Users

Many firms are seeing the benefits of moving to the cloud. For the sake of their customers' data, cloud service providers are required by law to maintain the highest levels of data security and privacy. Most cloud service providers employ a patchwork of security and privacy safeguards while industry standards are being created. The upshot is that customers of cloud services are unsure whether or not the security protections supplied by these services are enough to meet their specific security and compliance requirements. In this article, we have discussed the many threats cloud users face and emphasized the compliance frameworks and security processes that should be in place to minimize the risk. To categorize cloud security measures, risks, and compliance requirements, we developed an ontology. We needed to design software to identify the high-level policy rules that must be applied in response to each danger as part of this initiative. Additionally, the program provides a list of cloud service providers that now satisfy specific security requirements. Even if they aren't familiar with the underlying technology, cloud users may utilize our system to build up their security policy and identify compatible providers.

scholarly journals A Generic Model for Identifying QoS Parameters Interrelations in Cloud Services Selection Ontology during Runtime

Symmetry ◽  
2021 ◽  
Vol 13 (4) ◽  
pp. 563
Author(s):  
Babu Rajendiran ◽  
Jayashree Kanniappan
Keyword(s):  
Service Providers ◽  
Cloud Service ◽  
Cloud Services ◽  
Operating Costs ◽  
Generic Model ◽  
Business Organizations ◽  
Cloud Environment ◽  
Cloud Service Provider ◽  
Qos Parameters ◽  
Computer Based

Nowadays, many business organizations are operating on the cloud environment in order to diminish their operating costs and to select the best service from many cloud providers. The increasing number of Cloud Services available on the market encourages the cloud consumer to be conscious in selecting the most apt Cloud Service Provider that satisfies functionality, as well as QoS parameters. Many disciplines of computer-based applications use standardized ontology to represent information in their fields that indicate the necessity of an ontology-based representation. The proposed generic model can help service consumers to identify QoS parameters interrelations in the cloud services selection ontology during run-time, and for service providers to enhance their business by interpreting the various relations. The ontology has been developed using the intended attributes of QoS from various service providers. A generic model has been developed and it is tested with the developed ontology.

scholarly journals Addressing Semantics Standards for Cloud Portability and Interoperability in Multi Cloud Environment

Symmetry ◽  
2021 ◽  
Vol 13 (2) ◽  
pp. 317
Author(s):  
Chithambaramani Ramalingam ◽  
Prakash Mohan
Keyword(s):  
Service Providers ◽  
Research Work ◽  
Cloud Service ◽  
Cloud Services ◽  
Cloud Environment ◽  
Cloud Service Providers ◽  
Application Programming ◽  
Increasing Demand ◽  
Programming Interfaces ◽  
Multi Cloud

The increasing demand for cloud computing has shifted business toward a huge demand for cloud services, which offer platform, software, and infrastructure for the day-to-day use of cloud consumers. Numerous new cloud service providers have been introduced to the market with unique features that assist service developers collaborate and migrate services among multiple cloud service providers to address the varying requirements of cloud consumers. Many interfaces and proprietary application programming interfaces (API) are available for migration and collaboration services among cloud providers, but lack standardization efforts. The target of the research work was to summarize the issues involved in semantic cloud portability and interoperability in the multi-cloud environment and define the standardization effort imminently needed for migrating and collaborating services in the multi-cloud environment.

scholarly journals The dogs bark and the circus moves on

2015 ◽  
Vol 28 (1/2) ◽  
pp. 7-18
Author(s):  
John D Robinson
Keyword(s):  
Digital Library ◽  
Capital Investment ◽  
Service Providers ◽  
Cloud Services ◽  
Bottom Line ◽  
Content Type ◽  
Full Responsibility ◽  
Managed Services ◽  
Library Function ◽  
The Uk

Purpose – The paper aims to set out challenges that libraries face while developing their Digital Library capabilities and capacity and propose an approach to estimating the costs for these functions. There is a skills challenge as well as an organisational challenge. The opportunities to build new teams or re-train existing staff are discussed. Design/methodology/approach – The approach builds on a 2008 paper about Digital Library economics and discusses the changes in the environment since then. A model is described in which a library takes on the full responsibility for building and operating a Digital Library function in-house. This is used to benchmark other options such as managed services, outsourced infrastructure and “cloud” services. Findings – The Open Access Publication and Research Data Management mandates present challenges to all libraries based in academic institutions in the UK. New working methods and new costs are unavoidable. There are a number of ways to deal with this depending upon the institutional circumstance. The bottom line can be increases in revenue budgets of around 10 per cent with variable requirements for capital investment. Originality/value – Libraries and librarians have different experiences in closely working with colleagues in information technology (IT). A number of propositions are presented about the value of cooperation and collaboration between library and IT and also with external partners and service providers.

GOVERNMENT REGULATIONS OF THE USING CLOUD SERVICES

2022 ◽  
Author(s):  
Olexander Melnikov ◽  
◽  
Konstantin Petrov ◽  
Igor Kobzev ◽  
Viktor Kosenko ◽  
...  
Keyword(s):  
Cloud Computing ◽  
Large Scale ◽  
Service Providers ◽  
Cloud Service ◽  
Cloud Services ◽  
Government Agencies ◽  
Remote Work ◽  
Cloud Infrastructure ◽  
Wide Range ◽  
Technological Base

The article considers the development and implementation of cloud services in the work of government agencies. The classification of the choice of cloud service providers is offered, which can serve as a basis for decision making. The basics of cloud computing technology are analyzed. The COVID-19 pandemic has identified the benefits of cloud services in remote work Government agencies at all levels need to move to cloud infrastructure. Analyze the prospects of cloud computing in Ukraine as the basis of e-governance in development. This is necessary for the rapid provision of quality services, flexible, large-scale and economical technological base. The transfer of electronic information interaction in the cloud makes it possible to attract a wide range of users with relatively low material costs. Automation of processes and their transfer to the cloud environment make it possible to speed up the process of providing services, as well as provide citizens with minimal time to obtain certain information. The article also lists the risks that exist in the transition to cloud services and the shortcomings that may arise in the process of using them.

scholarly journals АНАЛИЗ ПОДХОДОВ К ОБЕСПЕЧЕНИЮ БЕЗОПАСНОСТИ ОБЛАЧНЫХ СЕРВИСОВ

2020 ◽  
pp. 70-82
Author(s):  
Вячеслав Вікторович Фролов
Keyword(s):  
Cloud Computing ◽  
Service Providers ◽  
Geographical Location ◽  
Cloud Service ◽  
Cloud Services ◽  
Cloud Infrastructure ◽  
Critical System ◽  
Cloud Service Providers ◽  
Safety And Reliability ◽  
Cloud Resources

The article is devoted to the analysis of modern approaches that ensure the security of cloud services. Since cloud computing is one of the fastest growing areas among information technology, it is extremely important to ensure the safety and reliability of processes occurring in the clouds and to secure the interaction between the client and the provider of cloud services. Given that fears about data loss and their compromise are one of the main reasons that some companies do not transfer their calculations to the clouds. The object of research and analysis of this work are cloud services, which are provided by various cloud service providers. The aim of the study of this work is to compare existing approaches that provide information security for cloud services, as well as offer a new approach based on the principle of diversity. There are many approaches that ensure their safety, using both traditional and cloud-specific. The multi-cloud approach is one of the most promising strategies for improving reliability by reserving cloud resources on the servers of various cloud service providers. It is shown that it is necessary to use diversity to ensure the reliability and safety of critical system components. The principle of diversity is to use a unique version of each resource thanks to a special combination of a cloud computing provider, the geographical location of data centers, cloud service presentation models, and cloud infrastructure deployment models. The differences between cloud providers and which combination of services are preferable to others in terms of productivity are discussed in detail. In addition, best practices for securing cloud resources are reviewed. As a result, this paper concludes that there is a problem of insufficient security and reliability of cloud computing and how to reduce threats in order to avoid a common cause failure and, as a result, loss of confidential data or system downtime using diversity of cloud services.

scholarly journals An analysis of Approaches for Desktop Virtualization and Challenges

2021 ◽  
pp. 600-612
Author(s):  
Rupesh Kumar ◽  
Arun Kumar Yadav ◽  
H N Verma
Keyword(s):  
Computer System ◽  
Service Providers ◽  
Low Cost ◽  
New Technology ◽  
End Users ◽  
Cloud Services ◽  
Personal Computers ◽  
Small Organizations ◽  
Desktop Virtualization ◽  
Virtual Desktop

In the Information Technology world, cloud computing technology offering unlimited amount of IT resources and services to end users over the internet on pay-per-use basis. End users are accessing the cloud services on their mobile or personal computers. Service providers are upgrading their services very frequently to enhance the services, and to use their upgraded services, end users are also required to update the specification of their devices. But it will be very costly for the end users to upgrade their devices for high specification to use the enhanced services. Desktop Virtualization is an extensive technology of cloud services. It is the new concept, in which users can access the virtual desktop of required specifications, software and operating system on their old devices anytime and anywhere. With the help of desktop virtualization, users will be benefited by avoiding the cost of frequent upgradation of mobile or personal computer system. Desktop virtualization technology is proving to be a boon for large and small organizations who have to upgrade their computer system with new technology, which is a very costly and challenging process. Desktop virtualization avoids upgrading the hardware of the client machine repeatedly. It allows us to access all applications and data at a low cost on our old machine. This paper presents the comparative analysis of various approaches for desktop virtualization and various challenges which required the solution. Analysis presented in paper has been done based on various performance parameters which will provide the end users low-cost cloud services and best performance on their mobile or personal computers.

scholarly journals Selection of optimal data placement using cloud infrastructure

2021 ◽  
pp. 34-42
Author(s):  
Vladimir Meikshan ◽  
◽  
Natalia Teslya ◽  
Keyword(s):  
Mathematical Model ◽  
Data Storage ◽  
Service Providers ◽  
Cloud Service ◽  
Cloud Services ◽  
Information Storage ◽  
Cloud Infrastructure ◽  
Digital Ecosystem ◽  
Cloud Service Providers ◽  
The Cost

Benefits of using cloud technology are obvious, their application is expanding, as a result, it determines the steady growth of demand. Cloud computing has acquired particular relevance for large companies connected with Internet services, retailing, logistics that generate large volume of business and other information. The use of cloud technologies allows organizing the joint consumption of resources, solving the problems of storing and transferring significant amounts of data. Russian consumer cooperation refers to large territory distributed organizations actively forming their own digital ecosystem. The issue of data storing and processing for consumer coo-peration organizations is very relevant. At the same time, the prices of cloud service providers are significantly different and require solving the problem of minimizing the cost of storing and transferring significant amounts of data. The application of the linear programming method is considered to select the optimal data storage scheme for several cloud service providers having different technical and economic parameters of the package (maximum amount of storage, cost of allocated resources). Mathematical model includes the equation of costs for data storing and transferring and restrictions on the amount of storage, the amount of data and its safety. Software tool that allows to perform numerical calculations is selected Microsoft Excel in combination with the "search for solutions" add-on. In accordance with the mathematical model, the conditions for minimizing the amount of cloud storage costs and the necessary restrictions are established. Initial data are set for three data forming centers, storages of certain size for five cloud service providers and nominal price for information storage and transmission. Calculations of expenses are performed in several variants: without optimization, with the solution of the optimization problem, with price increase by cloud service providers. Results of the calculations confirm the necessity to solve the problem of minimizing the cost of cloud services for corporate clients. The presented model can be expanded for any cost conditions as well as for different areas of cloud applications.

scholarly journals CLOUD TECHNOLOGIES IN BUSINESS MANAGEMENT

2021 ◽  
Vol 4 (39) ◽  
pp. 294-301
Author(s):  
V. Gevko ◽  
O. Vivchar ◽  
V. Sharko ◽  
О. Radchenko ◽  
M. Budiaiev ◽  
...  
Keyword(s):  
Business Processes ◽  
Service Providers ◽  
De Novo ◽  
Cloud Service ◽  
Jel Classification ◽  
Digital Transformation ◽  
Cloud Services ◽  
Modern World ◽  
High Tech ◽  
Cloud Technologies

Abstract. The modern world is in the phase of active implementation of digitalization of most processes, including cloud technologies, which is also associated with the introduction of quarantine measures in most countries. Over the past decade, the average annual growth of the cloud services market has expanded by about 50% to more than $ 220 billion. This figure is projected to exceed $ 500 billion in the near future. Currently, a large number of cloud service companies are concentrated in the market. All companies can be classified into national, operating within one country, and international, operating in many countries simultaneously. In Ukraine, the leader is the high-tech company De Novo, which provides services in the segment of corporate clients based on VMware, EMC, Microsoft Azure solutions. Competitors are well-known foreign IT giants, namely: Oracle, IBM, Google, Microsoft, Amazon, HP and others. The Ministry of Digital Transformation of Ukraine plays an important role in this area. The latter signed an agreement with Microsoft to implement the Azure Expansion Program and accelerate Ukraine's digital transformation, including the development of Azure cloud services for the sum of more than $ 500 million. The transition from physical, outdated IT technologies to new cloud services will allow companies to significantly reduce the cost of maintaining their own staff of IT professionals and engineers, reduce dependence on IT equipment suppliers and increase productivity and efficiency of the decisions made. The management of the enterprise can choose one of the offered models from the companies-providers: IaaS, PaaS, SaaS. The choice will depend on the immediate management needs and financial capabilities of the enterprise. In Ukraine, the biggest share of users of cloud services belongs to large utility companies and state enterprises, namely: Dija, Ministry of Internal Affairs, Kyiv Municipal Enterprise "Informatics", Prozorro, Ukrposhta, E-Health (National Health Center of Ukraine), Naftogaz and several other organizations. Thus, the introduction of cloud services involves digital business transformations, namely: optimization of business processes, acceleration of innovation, cost reduction and so on. Key words: IT technologies, cloud technologies, cloud service providers, management, business. JEL Classification L86, M15 Formulas: 0; fig.: 1; tabl.: 2; bibl.: 21.

Sign in / Sign up

Export Citation Format

Share Document