Go home now Header Background Image
Search
Submission Procedure
share: |
Special Issues
Submission Procedure
Aims and Scope
Board of Editors
What's New
 
Follow us
 
Articles by Topics
Articles by Author
Geographical Mashup
List of Topics
 
Printed Publications
 
Volume 26 (2020)
Volume 25 (2019)
Volume 24 (2018)
Volume 23 (2017)
Volume 22 (2016)
Volume 21 (2015)
Volume 20 (2014)
Volume 19 (2013)
Volume 18 (2012)
Issue 1
Issue 2
Issue 3
Issue 4
Issue 5
Issue 6
Issue 7
Issue 8
Issue 9
Issue 10
Issue 11
Issue 12
Issue 13
Issue 14
Issue 15
Issue 16
Issue 17
Issue 18
Issue 19
Issue 20
Volume 17 (2011)
Volume 16 (2010)
Volume 15 (2009)
Volume 14 (2008)
Volume 13 (2007)
Volume 12 (2006)
Volume 11 (2005)
Volume 10 (2004)
Volume 9 (2003)
Volume 8 (2002)
Volume 7 (2001)
Volume 6 (2000)
Volume 5 (1999)
Volume 4 (1998)
Volume 3 (1997)
Volume 2 (1996)
Volume 1 (1995)
Volume 0 (1994)
 
Collection of other papers
Volume 18 / Issue 12

available in:   PDF (164 kB) PS (3 MB)
 
get:  
Similar Docs BibTeX   Read comments Write a comment
 Number of Comments:1
get:  
Links into Future
 
DOI:   10.3217/jucs-018-12-1662

 

Analysing the Security Risks of Cloud Adoption Using the SeCA Model: A Case Study

Thijs Baars (Utrecht University, The Netherlands)

Marco Spruit (Utrecht University, The Netherlands)

Abstract: When IS/IT needs to be replaced, cloud systems might provide a feasible solution. However, the adoption process thus far has gone undocumented and enterprise architects are troubled with proper hands-on tools missing, until very recently. This single case study describes a large Dutch utility provider in their effort to understand the facets of the cloud and identifying the risks associated with it. In an action research setting, the SeCA model was used to analyse the cloud solutions and identify the risks with specific data classifications in mind. The results show how decision makers can use the SeCA model in various ways to identify the security risks associated with each cloud solution analysed. The analysis assumes that data classifications are in place. This research concludes that by using the SeCA model, a full understanding of the security risks can be gained on an objective and structural level; this is a further validation of prior empirical research that the SeCA model is a proper hands-on tool for cloud security analysis.

Keywords: SeCA model, case study, cloud computing, cloud security, information security

Categories: H.2, H.3.7, H.5.4