Developing a Conceptual Framework for Cloud Security Assurance

Bob Duncan, David J. Pym, Mark Whittington

Research output: Chapter in Book/Report/Conference proceedingPublished conference contribution

15 Citations (Scopus)
96 Downloads (Pure)


Managing information security in the cloud is a challenge. Traditional checklist approaches to standards compliance may well provide compliance, but do not guarantee to provide security assurance. The complexity of cloud relationships must be acknowledged and explicitly managed by recognising the implications of self-interest of each party involved. We begin development of a conceptual modelling framework for cloud security assurance that can be used as a starting point for effective continuous security assurance, together with a high level of compliance.
Original languageEnglish
Title of host publication2013 IEEE 5th International Conference on Cloud Computing Technology and Science (CloudCom)
PublisherInstitute of Electrical and Electronics Engineers (IEEE)
Number of pages6
ISBN (Electronic)9780769550954
ISBN (Print)9781479915484
Publication statusPublished - 5 Dec 2013
EventCloud Com 2013 - University of the West of England Exhibition and Conference Centre, Frenchay Campus, Coldharbour Lane, Bristol, Bristol, United Kingdom
Duration: 2 Dec 20135 Dec 2013


ConferenceCloud Com 2013
Abbreviated titleCloudCom 2013
Country/TerritoryUnited Kingdom
Internet address


  • cloud computing
  • security
  • assurance
  • framework
  • compliance


Dive into the research topics of 'Developing a Conceptual Framework for Cloud Security Assurance'. Together they form a unique fingerprint.

Cite this