{"title":"为云系统构建遵从性和安全性参考架构(CSRA)","authors":"D. Yimam, E. Fernández","doi":"10.1109/IC2E.2016.16","DOIUrl":null,"url":null,"abstract":"Appealing features of cloud services motivate consumers to migrate their core businesses to them. However, there are challenges about security, privacy, and compliance. Building compliant systems is difficult because of the complex nature of regulations and cloud systems. In addition, the lack of reference architectures (RAs) makes compliance even harder. RAs should be complete, precise, abstract, vendor neutral, platform independent, with no implementation details, however, their levels of detail and abstraction are still debatable and there is no accepted definition about what an RA should contain. Existing approaches used to build RAs lack structured templates and systematic procedures. In addition, most approaches do not take full advantage of patterns and best practices that promote architectural qualities such as modularity, reusability, flexibility and usability. We propose here a five-step approach to build an RA that can improve the quality of the concrete architectures derived from it and from which we can derive more specialized RAs. These RAs take advantage of patterns and best practices that promote software quality.","PeriodicalId":430893,"journal":{"name":"2016 IEEE International Conference on Cloud Engineering (IC2E)","volume":"19 7","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2016-04-04","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"6","resultStr":"{\"title\":\"Building Compliance and Security Reference Architectures (CSRA) for Cloud Systems\",\"authors\":\"D. Yimam, E. Fernández\",\"doi\":\"10.1109/IC2E.2016.16\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Appealing features of cloud services motivate consumers to migrate their core businesses to them. However, there are challenges about security, privacy, and compliance. Building compliant systems is difficult because of the complex nature of regulations and cloud systems. In addition, the lack of reference architectures (RAs) makes compliance even harder. RAs should be complete, precise, abstract, vendor neutral, platform independent, with no implementation details, however, their levels of detail and abstraction are still debatable and there is no accepted definition about what an RA should contain. Existing approaches used to build RAs lack structured templates and systematic procedures. In addition, most approaches do not take full advantage of patterns and best practices that promote architectural qualities such as modularity, reusability, flexibility and usability. We propose here a five-step approach to build an RA that can improve the quality of the concrete architectures derived from it and from which we can derive more specialized RAs. These RAs take advantage of patterns and best practices that promote software quality.\",\"PeriodicalId\":430893,\"journal\":{\"name\":\"2016 IEEE International Conference on Cloud Engineering (IC2E)\",\"volume\":\"19 7\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2016-04-04\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"6\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2016 IEEE International Conference on Cloud Engineering (IC2E)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/IC2E.2016.16\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2016 IEEE International Conference on Cloud Engineering (IC2E)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/IC2E.2016.16","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Building Compliance and Security Reference Architectures (CSRA) for Cloud Systems
Appealing features of cloud services motivate consumers to migrate their core businesses to them. However, there are challenges about security, privacy, and compliance. Building compliant systems is difficult because of the complex nature of regulations and cloud systems. In addition, the lack of reference architectures (RAs) makes compliance even harder. RAs should be complete, precise, abstract, vendor neutral, platform independent, with no implementation details, however, their levels of detail and abstraction are still debatable and there is no accepted definition about what an RA should contain. Existing approaches used to build RAs lack structured templates and systematic procedures. In addition, most approaches do not take full advantage of patterns and best practices that promote architectural qualities such as modularity, reusability, flexibility and usability. We propose here a five-step approach to build an RA that can improve the quality of the concrete architectures derived from it and from which we can derive more specialized RAs. These RAs take advantage of patterns and best practices that promote software quality.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
