Tsaregorodtsev, A.V., Ermoshkin, G.N. Basic principles for the formation of the tree of objectives for information security in the cloud computing.

Abstract: Changing security contour and loss of internal control over the critical assets of organizations followed by the later migration of these assets to the cloud spheres made the problem of information cloud computing security management in the corporate system a top priority issue. All of the above requires the change in the traditional approaches to the information security guarantees and development of the novel methodological apparatus, allowing for higher efficiency of the IT resources and considerably lowering their costs via diversification of information streams in the organization and their migration to the cloud architecture. Much attention is paid to the topical information security problems and their possible solutions based on formation of the trees of objectives for the information security in the cloud computing environment. The authors offer a novel concept for the cloud computing environment security based upon the tree of objectives, allowing to take into account all of the critical processes in the sphere of information security management, and to take into consideration the terms of common responsibility and common obligations of the parties, the above-mentioned qualities shall allow the organizations to make decisions on the formation of information network based on the criterion of minimal infrastructure costs, while guaranteeing the necessary information security level.

Keywords: