Authors: Elena Irina Neaga; Adrian V. Gheorghe
Addresses: School of Business and Economics, Loughborough University, Leicestershire, LE11 3TU, UK. ' Department of Engineering Management and Systems Engineering, Batten College of Engineering and Technology, Old Dominion University, Norfolk, Virginia 23508, USA
Abstract: The paper discusses the possibilities of leveraging the new cloud concepts and standardised architectural principles for providing support to systems security engineering for the next generation of cloud-based systems. These systems are part of a 'system-of-systems' infrastructure. The related study and systems investigation demonstrate the potential of combining fundamental cloud concepts and related models with systems security requirements elicitation, analysis and management using the systems engineering process (SEP). The approach highlights the benefits of applying systems and software engineering standards ISO/IEC15288 and ISO/IEC12207 alongside data security standards ISO 27001/ISO27002. This paper aims at creating the foundation for new strategies for 'systems-of-systems' that will address the security issues and embed them in a holistic cloud ready infrastructure.
Keywords: systems engineering; cloud infrastructure; software as a service; SaaS; platform as a service; PaaS; infrastructure as a service; IaaS; ISO/IEC 15288; ISO/IEC12207; ISO 27001/ISO 27002; SABSA; TOGAF; system of systems; cloud computing; software engineering standards; data security standards.
International Journal of System of Systems Engineering, 2012 Vol.3 No.2, pp.103 - 116
Published online: 16 Aug 2014 *Full-text access for editors Full-text access for subscribers Purchase this article Comment on this article