Handling Obstacles in Goal-Oriented Requirements Engineering
IEEE Transactions on Software Engineering - special section on current trends in exception handling—part II
Dealing with Security Requirements During the Development of Information Systems
CAiSE '93 Proceedings of Advanced Information Systems Engineering
ER '02 Proceedings of the 21st International Conference on Conceptual Modeling
A Goal-Based Organizational Perspective on Multi-agent Architectures
ATAL '01 Revised Papers from the 8th International Workshop on Intelligent Agents VIII
Modelling strategic relationships for process reengineering
Modelling strategic relationships for process reengineering
Privacy risk models for designing privacy-sensitive ubiquitous computing systems
DIS '04 Proceedings of the 5th conference on Designing interactive systems: processes, practices, methods, and techniques
Eliciting security requirements with misuse cases
Requirements Engineering
Security quality requirements engineering (SQUARE) methodology
SESS '05 Proceedings of the 2005 workshop on Software engineering for secure systems—building trustworthy applications
Privacy APIs: Access Control Techniques to Analyze and Verify Legal Privacy Policies
CSFW '06 Proceedings of the 19th IEEE workshop on Computer Security Foundations
Computer Standards & Interfaces
Analyzing Regulatory Rules for Privacy and Security Requirements
IEEE Transactions on Software Engineering
Human factors in software security risk management
Proceedings of the first international workshop on Leadership and management in software architecture
Addressing privacy requirements in system design: the PriS method
Requirements Engineering
Cloud Computing: Does Nirvana Hide behind the Nebula?
IEEE Software
Evaluating existing security and privacy requirements for legal compliance
Requirements Engineering - Special Issue on RE'09: Security Requirements Engineering; Guest Editors: Eric Dubois and Haralambos Mouratidis
Requirements Engineering - Special Issue on RE'09: Security Requirements Engineering; Guest Editors: Eric Dubois and Haralambos Mouratidis
Analysis of Secure Mobile Grid Systems: A systematic approach
Information and Software Technology
The Cloud at Your Service
Cloud Migration: A Case Study of Migrating an Enterprise IT System to IaaS
CLOUD '10 Proceedings of the 2010 IEEE 3rd International Conference on Cloud Computing
Review: A survey on security issues in service delivery models of cloud computing
Journal of Network and Computer Applications
The Characteristics of Cloud Computing
ICPPW '10 Proceedings of the 2010 39th International Conference on Parallel Processing Workshops
Privacy, Security and Trust Issues Arising from Cloud Computing
CLOUDCOM '10 Proceedings of the 2010 IEEE Second International Conference on Cloud Computing Technology and Science
Requirements Engineering - Special Issue on Digital privacy: theory, policies and technologies
Understanding Cloud Computing Vulnerabilities
IEEE Security and Privacy
Cloud adoption: a goal-oriented requirements engineering approach
Proceedings of the 2nd International Workshop on Software Engineering for Cloud Computing
A framework to support alignment of secure software engineering with legal regulations
Software and Systems Modeling (SoSyM)
Dark clouds on the horizon: using cloud storage as attack vector and online slack space
SEC'11 Proceedings of the 20th USENIX conference on Security
Decision Support Tools for Cloud Migration in the Enterprise
CLOUD '11 Proceedings of the 2011 IEEE 4th International Conference on Cloud Computing
Modelling Security Using Trust Based Concepts
International Journal of Secure Software Engineering
Model Based Process to Support Security and Privacy Requirements Engineering
International Journal of Secure Software Engineering
Hi-index | 0.00 |
Cloud computing is an evolving paradigm that is radically changing the way humans store, share and access their digital files. Despite the many benefits, such as the introduction of a rapid elastic resource pool, and on-demand service, the paradigm also creates challenges for both users and providers. In particular, there are issues related to security and privacy, such as unauthorised access, loss of privacy, data replication and regulatory violation that require adequate attention. Nevertheless, and despite the recent research interest in developing software engineering techniques to support systems based on the cloud, the literature fails to provide a systematic and structured approach that enables software engineers to identify security and privacy requirements and select a suitable cloud service provider based on such requirements. This paper presents a novel framework that fills this gap. Our framework incorporates a modelling language and it provides a structured process that supports elicitation of security and privacy requirements and the selection of a cloud provider based on the satisfiability of the service provider to the relevant security and privacy requirements. To illustrate our work, we present results from a real case study.