Home |  DEUTSCH |  Contact |  Imprint |  Data Protection |  Login |  KIT

Article3204

Aus Aifbportal

Wechseln zu: Navigation, Suche


Designing Monitoring Systems for Continuous Certification of Cloud Services: Deriving Meta-Requirements and Design Guidelines




Veröffentlicht: 2019

Journal: Communications of the AIS


Volume: 44


BibTeX




Kurzfassung
Continuous service certification (CSC) involves the consistently gathering and assessing certification-relevant information about cloud service operations to validate whether they continue to adhere to certification criteria. Previous research has proposed test-based CSC methodologies that directly assess the components of cloud service infrastructures. However, test-based certification requires that certification authorities can access the cloud infrastructure, which various issues may limit. To address these challenges, cloud service providers need to conduct monitoring-based CSC; that is, monitor their cloud service infrastructure to gather certification-relevant data by themselves and then provide these data to certification authorities. Nevertheless, we need to better understand how to design monitoring systems to enable cloud service providers to perform such monitoring. By taking a design science perspective, we derive universal meta-requirements and design guidelines for CSC monitoring systems based on findings from five expert focus group interviews with 33 cloud experts and 10 one-to-one interviews with cloud customers. With this study, we expand the current knowledge base regarding CSC and monitoring-based CSC. Our derived design guidelines contribute to the development of CSC monitoring systems and enable monitoring-based CSC that overcomes issues of prior test-based approaches.

DOI Link: 10.17705/1CAIS.04425

Projekt

NGCert



Forschungsgruppe

Critical Information Infrastructures