{"id":"https://openalex.org/W2792268826","doi":"https://doi.org/10.1145/3018896.3025154","title":"Security evaluation of cloud service providers using third party auditors","display_name":"Security evaluation of cloud service providers using third party auditors","publication_year":2017,"publication_date":"2017-03-22","ids":{"openalex":"https://openalex.org/W2792268826","doi":"https://doi.org/10.1145/3018896.3025154","mag":"2792268826"},"language":"en","primary_location":{"id":"doi:10.1145/3018896.3025154","is_oa":false,"landing_page_url":"https://doi.org/10.1145/3018896.3025154","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the Second International Conference on Internet of things, Data and Cloud Computing","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5043361399","display_name":"Syed S. Rizvi","orcid":"https://orcid.org/0000-0003-0168-3774"},"institutions":[{"id":"https://openalex.org/I130769515","display_name":"Pennsylvania State University","ror":"https://ror.org/04p491231","country_code":"US","type":"education","lineage":["https://openalex.org/I130769515"]}],"countries":["US"],"is_corresponding":true,"raw_author_name":"Syed S. Rizvi","raw_affiliation_strings":["Pennsylvania State University"],"affiliations":[{"raw_affiliation_string":"Pennsylvania State University","institution_ids":["https://openalex.org/I130769515"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5031307119","display_name":"Trent A. Bolish","orcid":null},"institutions":[{"id":"https://openalex.org/I130769515","display_name":"Pennsylvania State University","ror":"https://ror.org/04p491231","country_code":"US","type":"education","lineage":["https://openalex.org/I130769515"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Trent A. Bolish","raw_affiliation_strings":["Pennsylvania State University"],"affiliations":[{"raw_affiliation_string":"Pennsylvania State University","institution_ids":["https://openalex.org/I130769515"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5025158989","display_name":"Joseph R. Pfeffer","orcid":null},"institutions":[{"id":"https://openalex.org/I130769515","display_name":"Pennsylvania State University","ror":"https://ror.org/04p491231","country_code":"US","type":"education","lineage":["https://openalex.org/I130769515"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Joseph R. Pfeffer","raw_affiliation_strings":["Pennsylvania State University"],"affiliations":[{"raw_affiliation_string":"Pennsylvania State University","institution_ids":["https://openalex.org/I130769515"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":3,"corresponding_author_ids":["https://openalex.org/A5043361399"],"corresponding_institution_ids":["https://openalex.org/I130769515"],"apc_list":null,"apc_paid":null,"fwci":1.9345,"has_fulltext":false,"cited_by_count":7,"citation_normalized_percentile":{"value":0.90342696,"is_in_top_1_percent":false,"is_in_top_10_percent":true},"cited_by_percentile_year":{"min":89,"max":97},"biblio":{"volume":null,"issue":null,"first_page":"1","last_page":"6"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11614","display_name":"Cloud Data Security Solutions","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11614","display_name":"Cloud Data Security Solutions","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11424","display_name":"Security and Verification in Computing","score":0.994700014591217,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10101","display_name":"Cloud Computing and Resource Management","score":0.9940000176429749,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/cloud-computing","display_name":"Cloud computing","score":0.7124308943748474},{"id":"https://openalex.org/keywords/cloud-service-provider","display_name":"Cloud service provider","score":0.6655850410461426},{"id":"https://openalex.org/keywords/audit","display_name":"Audit","score":0.6289023160934448},{"id":"https://openalex.org/keywords/service-provider","display_name":"Service provider","score":0.612395703792572},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.6057835817337036},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.5833839178085327},{"id":"https://openalex.org/keywords/third-party","display_name":"Third party","score":0.47348058223724365},{"id":"https://openalex.org/keywords/cloud-computing-security","display_name":"Cloud computing security","score":0.45490843057632446},{"id":"https://openalex.org/keywords/internet-privacy","display_name":"Internet privacy","score":0.4472709596157074},{"id":"https://openalex.org/keywords/service","display_name":"Service (business)","score":0.411624014377594},{"id":"https://openalex.org/keywords/business","display_name":"Business","score":0.33082133531570435},{"id":"https://openalex.org/keywords/accounting","display_name":"Accounting","score":0.1772603988647461}],"concepts":[{"id":"https://openalex.org/C79974875","wikidata":"https://www.wikidata.org/wiki/Q483639","display_name":"Cloud computing","level":2,"score":0.7124308943748474},{"id":"https://openalex.org/C2983819522","wikidata":"https://www.wikidata.org/wiki/Q483639","display_name":"Cloud service provider","level":4,"score":0.6655850410461426},{"id":"https://openalex.org/C199521495","wikidata":"https://www.wikidata.org/wiki/Q181487","display_name":"Audit","level":2,"score":0.6289023160934448},{"id":"https://openalex.org/C116537","wikidata":"https://www.wikidata.org/wiki/Q2169973","display_name":"Service provider","level":3,"score":0.612395703792572},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.6057835817337036},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.5833839178085327},{"id":"https://openalex.org/C2983583741","wikidata":"https://www.wikidata.org/wiki/Q16785388","display_name":"Third party","level":2,"score":0.47348058223724365},{"id":"https://openalex.org/C184842701","wikidata":"https://www.wikidata.org/wiki/Q370563","display_name":"Cloud computing security","level":3,"score":0.45490843057632446},{"id":"https://openalex.org/C108827166","wikidata":"https://www.wikidata.org/wiki/Q175975","display_name":"Internet privacy","level":1,"score":0.4472709596157074},{"id":"https://openalex.org/C2780378061","wikidata":"https://www.wikidata.org/wiki/Q25351891","display_name":"Service (business)","level":2,"score":0.411624014377594},{"id":"https://openalex.org/C144133560","wikidata":"https://www.wikidata.org/wiki/Q4830453","display_name":"Business","level":0,"score":0.33082133531570435},{"id":"https://openalex.org/C121955636","wikidata":"https://www.wikidata.org/wiki/Q4116214","display_name":"Accounting","level":1,"score":0.1772603988647461},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.0},{"id":"https://openalex.org/C162853370","wikidata":"https://www.wikidata.org/wiki/Q39809","display_name":"Marketing","level":1,"score":0.0}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1145/3018896.3025154","is_oa":false,"landing_page_url":"https://doi.org/10.1145/3018896.3025154","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the Second International Conference on Internet of things, Data and Cloud Computing","raw_type":"proceedings-article"}],"best_oa_location":null,"sustainable_development_goals":[],"awards":[],"funders":[],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":9,"referenced_works":["https://openalex.org/W1489345236","https://openalex.org/W1991821034","https://openalex.org/W2002612238","https://openalex.org/W2039637952","https://openalex.org/W2090006734","https://openalex.org/W2150121301","https://openalex.org/W2152982407","https://openalex.org/W2513780007","https://openalex.org/W4254465771"],"related_works":["https://openalex.org/W2992381278","https://openalex.org/W2182830926","https://openalex.org/W2946446321","https://openalex.org/W2801153998","https://openalex.org/W2533404577","https://openalex.org/W1871321464","https://openalex.org/W3015621166","https://openalex.org/W2742153754","https://openalex.org/W8677904","https://openalex.org/W2499478834"],"abstract_inverted_index":{"Cloud":[0,68,89],"computing":[1,7,40,49],"is":[2,41,93,98,177,246],"a":[3,17,36,45,67,114,169,197,201,221,264],"revolutionary":[4],"breakthrough":[5],"in":[6,132,168,214,267],"technology.":[8],"It":[9],"allows":[10,159],"businesses":[11],"to":[12,31,56,66,75,83,99,109,129,134,162,183,189,205,230,247],"supply":[13],"their":[14,85,136,141,164,273],"customers":[15,60],"with":[16],"seemingly":[18],"endless":[19],"amount":[20,53],"of":[21,54,138,166,224,237,243],"resources":[22],"on":[23,172],"demand,":[24],"so":[25],"long":[26],"as":[27,120],"they":[28,63],"are":[29,73,192],"willing":[30],"pay":[32],"for":[33,107,127,160,180],"it.":[34],"From":[35,44],"business":[37],"perspective,":[38],"cloud":[39,48],"revolutionizing":[42],"profitability.":[43],"security":[46,81,103,139,235],"standpoint,":[47],"presents":[50,196],"an":[51,94],"alarming":[52],"risk":[55,117],"customer":[57],"data.":[58,87],"When":[59],"make":[61],"purchases,":[62],"transfer":[64],"data":[65],"Service":[69],"Provider":[70],"(CSP),":[71],"but":[72],"unable":[74],"evaluate":[76,231],"which":[77,252,268],"CSP":[78],"has":[79],"sufficient":[80],"controls":[82,104,236],"protect":[84],"sensitive":[86],"The":[88,111,143],"Security":[90],"Alliance":[91],"(CSA)":[92],"organization":[95,171],"whose":[96],"mission":[97],"suggest":[100],"best":[101],"practice":[102],"and":[105,154,208,232,262],"guidelines":[106],"CSPs":[108,128,144],"follow.":[110],"CSA":[112,182],"provides":[113,220],"questionnaire":[115,191],"or":[116],"assessment,":[118],"known":[119],"the":[121,149,181,186,190,210,215,234,240,249,253,260],"Consensus":[122],"Assessment":[123],"Initiative":[124],"Questionnaire":[125],"(CAIQ)":[126],"fill":[130],"out":[131],"order":[133],"gauge":[135],"level":[137,165],"within":[140],"organization.":[142],"access":[145],"these":[146,173],"questionnaires":[147],"from":[148],"CSA's":[150],"STAR":[151,216],"(Security":[152],"Trust":[153],"Assurance":[155],"Registry)":[156],"database.":[157],"This":[158,194],"CSUs":[161,269],"base":[163],"trust":[167,274],"specific":[170,222],"assessments.":[174],"However,":[175],"there":[176],"no":[178],"way":[179],"validate":[184,209,233],"that":[185,199,226],"CSP's":[187],"responses":[188,212],"accurate.":[193],"paper":[195],"framework":[198,219],"uses":[200],"third-party":[202],"auditor":[203],"(TPA)":[204],"review,":[206],"audit,":[207],"CAIQ":[211],"stored":[213],"repository.":[217],"Our":[218],"group":[223],"auditors":[225],"can":[227,256],"be":[228,257],"used":[229],"CSPs.":[238],"Therefore,":[239],"primary":[241],"objective":[242],"this":[244],"research":[245],"formulate":[248],"mechanism":[250],"by":[251,259],"appropriate":[254],"auditor(s)":[255],"chosen":[258],"TPA":[261],"create":[263],"verification":[265],"system":[266],"may":[270],"finally":[271],"put":[272],"in.":[275]},"counts_by_year":[{"year":2025,"cited_by_count":1},{"year":2024,"cited_by_count":1},{"year":2021,"cited_by_count":1},{"year":2020,"cited_by_count":3},{"year":2019,"cited_by_count":1}],"updated_date":"2025-11-06T03:46:38.306776","created_date":"2025-10-10T00:00:00"}