Automated API framework tools for evaluating cloud resources (IAM, S3, KMS) for compliance with ISO 27001 case study AWS

Global Journal of Engineering and Technology Advances Pub Date : 2024-07-30 DOI:10.30574/gjeta.2024.20.1.0126

Trudy-Ann Campbell, Samson Eromonsei, Olusegun Afolabi

{"title":"Automated API framework tools for evaluating cloud resources (IAM, S3, KMS) for compliance with ISO 27001 case study AWS","authors":"Trudy-Ann Campbell, Samson Eromonsei, Olusegun Afolabi","doi":"10.30574/gjeta.2024.20.1.0126","DOIUrl":null,"url":null,"abstract":"CLOUD— computing's advancements has provided scalability and adaptability but has also given rise to data security concerns. ISO 27001 is vital for cloud information security, yet compliance in dynamic settings poses challenges. Automated API framework tools automate ISO 27001 compliance checks for IAM, S3, and KMS services in AWS, boosting efficiency and minimizing errors. This study investigates the effectiveness of these frameworks, focusing on AWS environments. It explores advantages, difficulties, and practical considerations of automation in cloud compliance. Insights aim to enhance understanding of how automation reinforces security and regulatory adherence. Previous studies highlight the need for adaptable monitoring solutions in cloud setups. Recent research demonstrates the potential of programming languages like Python to streamline compliance processes effectively. This study contributes by examining the efficiency of automated compliance frameworks in AWS, offering perspectives on their practical application in cloud settings.","PeriodicalId":402125,"journal":{"name":"Global Journal of Engineering and Technology Advances","volume":"8 33","pages":""},"PeriodicalIF":0.0000,"publicationDate":"2024-07-30","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Global Journal of Engineering and Technology Advances","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.30574/gjeta.2024.20.1.0126","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 0

Abstract

CLOUD— computing's advancements has provided scalability and adaptability but has also given rise to data security concerns. ISO 27001 is vital for cloud information security, yet compliance in dynamic settings poses challenges. Automated API framework tools automate ISO 27001 compliance checks for IAM, S3, and KMS services in AWS, boosting efficiency and minimizing errors. This study investigates the effectiveness of these frameworks, focusing on AWS environments. It explores advantages, difficulties, and practical considerations of automation in cloud compliance. Insights aim to enhance understanding of how automation reinforces security and regulatory adherence. Previous studies highlight the need for adaptable monitoring solutions in cloud setups. Recent research demonstrates the potential of programming languages like Python to streamline compliance processes effectively. This study contributes by examining the efficiency of automated compliance frameworks in AWS, offering perspectives on their practical application in cloud settings.

查看原文本刊更多论文

自动 API 框架工具，用于评估云资源（IAM、S3、KMS）是否符合 ISO 27001 标准案例研究 AWS

云计算的发展提供了可扩展性和适应性，但也引发了数据安全问题。ISO 27001 对云信息安全至关重要，但动态环境中的合规性却带来了挑战。自动 API 框架工具可自动检查 AWS 中 IAM、S3 和 KMS 服务的 ISO 27001 合规性，从而提高效率并减少错误。本研究以 AWS 环境为重点，调查了这些框架的有效性。它探讨了云合规自动化的优势、困难和实际考虑因素。这些见解旨在加深对自动化如何加强安全性和合规性的理解。以往的研究强调了云设置中对适应性监控解决方案的需求。最近的研究表明，Python 等编程语言具有有效简化合规流程的潜力。本研究通过考察 AWS 中自动化合规框架的效率，为其在云环境中的实际应用提供了视角。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

Global Journal of Engineering and Technology Advances

自引率

0.00%

发文量