Managing information security is a challenge. Traditional checklist approaches to meeting standards may well provide compliance, but do not guarantee to provide security assurance. The same might be said for audit. The complexity of IT relationships must be acknowledged and explicitly managed by recognising the implications of the self-interest of each… (More)
Managing information security in the cloud is a challenge. Traditional checklist approaches to standards compliance may well provide compliance, but do not guarantee to provide security assurance. The complexity of cloud relationships must be acknowledged and explicitly managed by recognising the implications of self-interest of each party involved. We… (More)
All Cloud computing standards are dependent upon checklist methodology to implement and then audit the alignment of a company or an operation with the standards that have been set. An investigation of the use of checklists in other academic areas has shown there to be significant weaknesses in the checklist solution to both implementation and audit, these… (More)
Defining proper measures for evaluating the effectiveness of an assurance model, which we have developed to ensure cloud security, is vital to ensure the successful implementation and continued running of the model. We need to understand that with security being such an essential component of business processes, responsibility must lie with the board. The… (More)
These notes describe a contribution to the 2011 GIVE Challenge from the University of Aberdeen. Our contribution focuses on an attempt to increase the extent to which participants felt engaged in the direction giving/following game on which the GIVE challenge focuses.
Cloud computing has been a great enabler for both the Internet of Things and Big Data. However, as with all new computing developments, development of the technology is usually much faster than consideration for, and development of, solutions for security and privacy. In a previous paper, we proposed that a unikernel solution could be used to improve… (More)
Since the inception of cloud computing, security researchers have been active in addressing the question of cloud information security, which has seen the development of a wide range of technical solutions. The same can be said for non-cloud information security research which has been active for a far longer period of time. Yet, year on year, security… (More)