Abstract
Security of cloud services is a major concern to cloud consumers when selecting cloud providers. Sufficient security information should be provided so that consumer trust in cloud services can be built, but in practice, security information is critical and may not be publicized. During the service selection process, cloud consumers therefore have to study published information on the cloud providers' Web sites or the cloud providers registry in order to assess how secure the services are. To assist cloud consumers in service selection, this paper presents an initial attempt to apply text classification to classify published information on the providers' Web pages to determine which security best practices and guidelines the providers have followed in providing their services. We take the security best practices and guidelines from the Cloud Controls Matrix (CCM) and the accompanying Consensus Assessments Initiative Questionnaire (CAIQ), and compile a set of security concepts before using it as a basis for classifying the providers' Web pages. The classification result roughly signifies the security conformance level of the providers. We demonstrate this method and present an evaluation using the case of five public cloud providers.
Sign-in/Register to access full text options 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
