Towards Cloud Computing SLA Risk Management: Issues and Challenges

Cloud Computing has become mainstream technology offering a commoditized approach to software, platform and infrastructure as a service over the Internet on a global scale. This raises important new security issues beyond traditional perimeter based approaches. This paper attempts to identify these issues and their corresponding challenges, proposing to use risk and Service Level Agreement (SLA) management as the basis for a service level framework to improve governance, risk and compliance in cloud computing environments

An Integrated Conceptual Model for Information System Security Risk Management and Enterprise Architecture Management Based on TOGAF

Part 3: Short PapersInternational audienceRisk management is today a major steering tool for any organization wanting to deal with Information System (IS) security. However, IS Security Risk Management (ISSRM) remains difficult to establish and maintain, mainly in a context of multi-regulations with complex and inter-connected IS. We claim that a connection with Enterprise Architecture Management (EAM) contributes to deal with these issues. According to our research agenda, a first step towards a better integration of both domains is to define an EAM-ISSRM conceptual integrated model. To build such a model, we will improve the ISSRM domain model, a conceptual model depicting the domain of ISSRM, with the concepts of EAM. The contribution of this paper is focused on the improvement of the ISSRM domain model with the concepts of TOGAF, a well-known EAM standard