A FRAMEWORK FOR IMPROVING SECURITY IN CLOUD COMPUTING FOR SMES (FISCCS) USING SECURITY INDEX

Abstract

Cloud computing plays a very important role in the development of business and competitive edge for many organizations including SMEs. Cloud computing is considered to be a very capable and able internet-based computing platform which offers numerous benefits like mobility, flexibility, reliability and cost effectiveness. Every cloud user continues to expect maximum service, and a critical aspect is cloud security which is one among other specific challenges hindering adoption of the cloud technologies. The absence of appropriate, standardized and self-assessing security frameworks of the cloud world becomes an endless problem in developing countries and can expose the cloud computing model to major security risks which threaten its potential success within the country. It is further noted that security issues arise from either human error (people), lack of implementing appropriate technology or external factors like cloud providers or legislation. Security metrics can be seen as tools for providing information about the security status of a certain environment. With that in mind, this paper presents a security framework for assessing security in the cloud environment based on the Goal Question Metrics methodology. The framework named as Framework for Improving Security in Cloud Computing for SMEs (FISCCS) produces a security index that describes the security level accomplished by an evaluated cloud computing environment thereby providing the first line of defense.