2017 Zalazar, Ana Sofia and Ballejos, Luciana and Rodriguez, Sebastian, Security and Compliance Ontology for Cloud Service Agreements, Open Journal of Cloud Computing (OJCC), 4(1): 17—25, 2017.
Resumen: Cloud computing is a business paradigm where two important roles must be defined: provider and consumer. Providers offer services (e.g. web application, web services, and databases) and consumers pay for using them. The goal of this research is to focus on security and compliance aspects of cloud service. An ontology is introduced, which is the conceptualization of cloud domain, for analyzing different compliance aspects of cloud agreements. The terms, properties and relations are shown in a diagram. The proposed ontology can help service consumers to extract relevant data from service level agreements, to interpret compliance regulations, and to compare different contractual terms. Finally, some recommendations are presented for cloud consumers to adopt services and evaluate security risks.