Abstract

As cloud computing becomes the dominant mechanism for delivery of electronic services, significant recent effort has focused on certifying cloud services to ensure their compliance with security and privacy standards (such as GDPR). Assessing the benefit of using a particular cloud service, especially if such a service is being offered by providers that may be new to the cloud marketplace, remains a challenge. Cloud Security Alliance (CSA) provides a certification approach that associates a ranking to providers based on their capability assessment using a “cloud control matrix”. A provider can make a self-assessment, or an assessment can be undertaken by a third party. The intention is to increase user trust in a provider based on their rating using this methodology. This work investigates whether a similar certification methodology can be applied to edge resources, especially if these edge resources are combined with cloud services in a “smart cities” context. Can a CSA-like approach also be used to increase trust in use of edge resources? How would the CSA methodology need to change to support this type of assessment, and how useful is such an approach likely to be in practice? We propose a risk assessment methodology that can be used to address these concerns, and evaluate it in a practical application using both edge and cloud computing resources. • “ Smartainability ” - a strategy to assess how sustainable smart cities are as a result of smart technology. • Smart services must ensure their compliance with security and privacy standards (such as GDPR). • Cloud-Edge-IoT resources differ in their capability, security and availability profiles — making reliance on them risk prone. • Trust can be established across an ensemble of “smart” devices and clouds to support “risk-informed” interventions.

Full Text
Published version (Free)

Talk to us

Join us for a 30 min session where you can share your feedback and ask us any queries you have

Schedule a call