Files in this item



application/pdfDI-GIULIO-THESIS-2017.pdf (2MB)
(no description provided)PDF


Title:Privacy and security in the clouds: IT security and privacy standards in the EU and US
Author(s):Di-Giulio, Carlo
Advisor(s):Bashir, Masooda N.
Contributor(s):Larivé, Maxime H. A.
Department / Program:Liberal Arts & Sciences
Discipline:European Union Studies
Degree Granting Institution:University of Illinois at Urbana-Champaign
European Union (EU)
Cloud Computing Compliance Controls Catalogue (C5)
Federal Risk Authorization Management Program (FedRAMP)
International Organization for Standardization (ISO)
System and Organization Controls (SOC) 2
Abstract:Cloud computing represents a revolutionary service model for accessing information technology (IT) services, and an opportunity for governments to reduce maintainance costs of IT infrastructure. However, relying on commercial cloud services may prove challenging for privacy and security if cloud service providers cannot guarantee adequate standards for their services. In this thesis, I analyze four IT security standards comparing them alongside each other. ISO/IEC 27001 and SOC 2 are two international IT frameworks issued by non-government organizations and available since 2005. FedRAMP and C5 are two more recent cloud-specific standards, respectively issued by the US and German governments. Examining the four standards in comparison, and evaluating their completeness and adequacy in guaranteeing information assurance in cloud environments, I question whether they really represent an improvement in cloud security, what are their shortcomings, and ultimately the necessity of new cloud security standards in the already crowded IT security landscape. I combine a broad contextual analysis with empirical results to help understand the reasons for creating C5, and shed lights on its role in the EU political agenda.
Issue Date:2017-04-17
Rights Information:Copyright 2017 Carlo Di-Giulio
Date Available in IDEALS:2017-08-10
Date Deposited:2017-05

This item appears in the following Collection(s)

Item Statistics