Loading...

Media is loading
 

Paper Type

Complete

Abstract

Identity and access management is an essential component to addressing security issues in cloud. Nowadays, private organizations and government agencies at any level spend billions of dollars in an effort to protect user’ identity and digital access while complying with legislation that mandates the implementation of security measures. This paper intends to illuminate and discusses in more detail three legislative acts: ENISA, CSA and NIST. These guidelines address the significant business and technical decisions that need to be considered by an organization seeking to implement Security as a Service, or an organization that is looking for guidance on how to assess an IAM offering. The current paper provides a brief description of all three legislative acts, a high-level comparison of suggested and/or mandated guidelines (highlighting gaps and overlaps) and suggests a possible threshold model that may incorporate security settings that satisfy requirements of all three legislative acts.

Share

COinS
 
Aug 10th, 12:00 AM

Cloud Surfing: A General Comparison of Cloud Identity Guidelines

Identity and access management is an essential component to addressing security issues in cloud. Nowadays, private organizations and government agencies at any level spend billions of dollars in an effort to protect user’ identity and digital access while complying with legislation that mandates the implementation of security measures. This paper intends to illuminate and discusses in more detail three legislative acts: ENISA, CSA and NIST. These guidelines address the significant business and technical decisions that need to be considered by an organization seeking to implement Security as a Service, or an organization that is looking for guidance on how to assess an IAM offering. The current paper provides a brief description of all three legislative acts, a high-level comparison of suggested and/or mandated guidelines (highlighting gaps and overlaps) and suggests a possible threshold model that may incorporate security settings that satisfy requirements of all three legislative acts.

When commenting on articles, please be friendly, welcoming, respectful and abide by the AIS eLibrary Discussion Thread Code of Conduct posted here.