{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,4,3]],"date-time":"2026-04-03T22:41:27Z","timestamp":1775256087414,"version":"3.50.1"},"reference-count":53,"publisher":"Wiley","issue":"1","license":[{"start":{"date-parts":[[2018,10,23]],"date-time":"2018-10-23T00:00:00Z","timestamp":1540252800000},"content-version":"vor","delay-in-days":295,"URL":"http:\/\/creativecommons.org\/licenses\/by\/4.0\/"}],"funder":[{"DOI":"10.13039\/501100001809","name":"National Natural Science Foundation of China","doi-asserted-by":"publisher","award":["61802270"],"award-info":[{"award-number":["61802270"]}],"id":[{"id":"10.13039\/501100001809","id-type":"DOI","asserted-by":"publisher"}]},{"DOI":"10.13039\/501100001809","name":"National Natural Science Foundation of China","doi-asserted-by":"publisher","award":["61802271"],"award-info":[{"award-number":["61802271"]}],"id":[{"id":"10.13039\/501100001809","id-type":"DOI","asserted-by":"publisher"}]}],"content-domain":{"domain":["onlinelibrary.wiley.com"],"crossmark-restriction":true},"short-container-title":["Wireless Communications and Mobile Computing"],"published-print":{"date-parts":[[2018,1]]},"abstract":"<jats:p>The Internet of Things (IoT) offers a wide variety of benefits to our daily lives in many ways, ranging from smart wearable devices to industrial systems. However, it also brings well\u2010known security and compliance concerns, especially in the physical layer. In addition, due to numerous IoT architectures which have been developed and deployed based on the cloud, the security and compliance of IoT depend on the cloud thoroughly. In this paper, a secure and compliant continuous assessment framework (SCCAF) is proposed to evaluate the security and compliance levels of cloud services in life\u2010cycle. The SCCAF facilitates cloud service to customers to select an optimal cloud service provider (CSP) which satisfies their desired security requirements. Moreover, it also enables cloud service customers to evaluate the compliance of the selected CSP in the process of using cloud services. To evaluate the performance and availability of SCCAF, we carry out a series of experiments with case study and real\u2010world scenario datasets. Experimental results show that SCCAF can assess the security and compliance of CSPs efficiently and effectively.<\/jats:p>","DOI":"10.1155\/2018\/3078272","type":"journal-article","created":{"date-parts":[[2018,10,23]],"date-time":"2018-10-23T20:24:09Z","timestamp":1540326249000},"update-policy":"https:\/\/doi.org\/10.1002\/crossmark_policy","source":"Crossref","is-referenced-by-count":11,"title":["SCCAF: A Secure and Compliant Continuous Assessment Framework in Cloud\u2010Based IoT Context"],"prefix":"10.1155","volume":"2018","author":[{"given":"Xiang","family":"Li","sequence":"first","affiliation":[]},{"given":"Xin","family":"Jin","sequence":"additional","affiliation":[]},{"given":"Qixu","family":"Wang","sequence":"additional","affiliation":[]},{"given":"Mingsheng","family":"Cao","sequence":"additional","affiliation":[]},{"ORCID":"https:\/\/orcid.org\/0000-0002-8705-2617","authenticated-orcid":false,"given":"Xingshu","family":"Chen","sequence":"additional","affiliation":[]}],"member":"311","published-online":{"date-parts":[[2018,10,23]]},"reference":[{"key":"e_1_2_10_1_2","doi-asserted-by":"publisher","DOI":"10.1016\/j.jnca.2017.04.002"},{"key":"e_1_2_10_2_2","doi-asserted-by":"publisher","DOI":"10.1109\/JIOT.2016.2619679"},{"key":"e_1_2_10_3_2","doi-asserted-by":"publisher","DOI":"10.1109\/MNET.2017.1600248"},{"key":"e_1_2_10_4_2","doi-asserted-by":"publisher","DOI":"10.1109\/MNET.2018.1700392"},{"key":"e_1_2_10_5_2","doi-asserted-by":"publisher","DOI":"10.1109\/TWC.2015.2418316"},{"key":"e_1_2_10_6_2","doi-asserted-by":"publisher","DOI":"10.1016\/j.jnca.2016.11.027"},{"key":"e_1_2_10_7_2","doi-asserted-by":"publisher","DOI":"10.1016\/j.jnca.2016.09.002"},{"key":"e_1_2_10_8_2","doi-asserted-by":"publisher","DOI":"10.1109\/MITP.2017.3680959"},{"key":"e_1_2_10_9_2","doi-asserted-by":"publisher","DOI":"10.1109\/ACCESS.2017.2678510"},{"key":"e_1_2_10_10_2","doi-asserted-by":"publisher","DOI":"10.1109\/ACCESS.2017.2748956"},{"key":"e_1_2_10_11_2","doi-asserted-by":"publisher","DOI":"10.1109\/TCC.2015.2469659"},{"key":"e_1_2_10_12_2","doi-asserted-by":"publisher","DOI":"10.1016\/j.cose.2016.06.003"},{"key":"e_1_2_10_13_2","doi-asserted-by":"crossref","unstructured":"HalabiT.andBellaicheM. Evaluation and selection of Cloud security services based on Multi-Criteria Analysis MCA Proceedings of the 2017 International Conference on Computing Networking and Communications (ICNC) January 2017 Silicon Valley CA USA 706\u2013710 https:\/\/doi.org\/10.1109\/ICCNC.2017.7876216.","DOI":"10.1109\/ICCNC.2017.7876216"},{"key":"e_1_2_10_14_2","unstructured":"NaS.-H. KimK.-H. andHuhE.-n. A Methodology for Evaluating Cloud Computing Security Service-Level Agreements 2013 5."},{"key":"e_1_2_10_15_2","doi-asserted-by":"crossref","unstructured":"GargS. K. VersteegS. andBuyyaR. SMICloud: a framework for comparing and ranking cloud services Proceedings of the 4th IEEE\/ACM international conference on utility and Cloud on utility and Cloud computing (UCC \u203211 December 2011 Melbourne Australia 210\u2013218 https:\/\/doi.org\/10.1109\/ucc.2011.36 2-s2.0-84856350671.","DOI":"10.1109\/UCC.2011.36"},{"key":"e_1_2_10_16_2","doi-asserted-by":"crossref","unstructured":"Ruo-xinZ. CuiX.-j. GongS.-j. RenH.-k. andChenK. Model for cloud computing security assessment based on ahp and fce Proceedings of the in Computer Science Education (ICCSE 2014 9th International Conference on. 1em plus 0.5em minus 0.4em IEEE 2014 197\u2013204.","DOI":"10.1109\/ICCSE.2014.6926454"},{"key":"e_1_2_10_17_2","doi-asserted-by":"publisher","DOI":"10.1016\/j.future.2016.07.013"},{"key":"e_1_2_10_18_2","doi-asserted-by":"publisher","DOI":"10.1016\/j.future.2016.01.009"},{"key":"e_1_2_10_19_2","doi-asserted-by":"publisher","DOI":"10.1016\/j.knosys.2013.11.014"},{"key":"e_1_2_10_20_2","doi-asserted-by":"crossref","unstructured":"LunaJ. GhaniH. GermanusD. andSuriN. A security metrics framework for the cloud Security and Cryptography (SECRYPT) 2011 Proceedings of the International Conference 2011 245\u2013250.","DOI":"10.5220\/0003446902450250"},{"key":"e_1_2_10_21_2","doi-asserted-by":"crossref","unstructured":"Luna GarciaJ. LangenbergR. andSuriN. Benchmarking cloud security level agreements using quantitative policy trees Proceedings of the the 2012 ACM Workshop October 2012 Raleigh North Carolina USA https:\/\/doi.org\/10.1145\/2381913.2381932.","DOI":"10.1145\/2381913.2381932"},{"key":"e_1_2_10_22_2","first-page":"150","article-title":"A reference model for security level evaluation: policy and fuzzy techniques","volume":"11","author":"Casola V.","year":"2005","journal-title":"Journal of Universal Computer Science"},{"key":"e_1_2_10_23_2","doi-asserted-by":"crossref","unstructured":"TahaA. TraperoR. LunaJ. andSuriN. AHP-based quantitative approach for assessing and comparing cloud security Proceedings of the 13th IEEE International Conference on Trust Security and Privacy in Computing and Communications TrustCom 2014 September 2014 China 284\u2013291 2-s2.0-84922962668.","DOI":"10.1109\/TrustCom.2014.39"},{"key":"e_1_2_10_24_2","doi-asserted-by":"publisher","DOI":"10.1016\/0377-2217(90)90057-I"},{"key":"e_1_2_10_25_2","doi-asserted-by":"publisher","DOI":"10.1007\/978-1-4471-2346-0_2"},{"key":"e_1_2_10_26_2","doi-asserted-by":"crossref","unstructured":"AbawajyJ. Determining service trustworthiness in intercloud computing environments Proceedings of the 10th International Symposium on Pervasive Systems Algorithms and Networks I-SPAN 2009 December 2009 Taiwan 784\u2013788 2-s2.0-77949862450 https:\/\/doi.org\/10.1109\/I-SPAN.2009.155.","DOI":"10.1109\/I-SPAN.2009.155"},{"key":"e_1_2_10_27_2","doi-asserted-by":"crossref","unstructured":"AlhamadM. DillonT. andChangE. SLA-Based Trust Model for Cloud Computing Proceedings of the 2010 13th International Conference on Network-Based Information Systems (NBiS) September 2010 Takayama Gifu Japan 321\u2013324 https:\/\/doi.org\/10.1109\/NBiS.2010.67.","DOI":"10.1109\/NBiS.2010.67"},{"key":"e_1_2_10_28_2","doi-asserted-by":"crossref","unstructured":"XuZ. MartinP. PowleyW. andZulkernineF. Reputation-Enhanced QoS-based Web Services Discovery Proceedings of the IEEE International Conference on Web Services (ICWS 2007) July 2007 Salt Lake City UT USA 249\u2013256 https:\/\/doi.org\/10.1109\/ICWS.2007.152.","DOI":"10.1109\/ICWS.2007.152"},{"key":"e_1_2_10_29_2","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-642-10383-4_18"},{"key":"e_1_2_10_30_2","doi-asserted-by":"crossref","unstructured":"YauS. S.andYinY. QoS-Based Service Ranking and Selection for Service-Based Systems Proceedings of the 2011 IEEE International Conference on Services Computing (SCC) July 2011 Washington DC USA 56\u201363 https:\/\/doi.org\/10.1109\/SCC.2011.114.","DOI":"10.1109\/SCC.2011.114"},{"key":"e_1_2_10_31_2","doi-asserted-by":"publisher","DOI":"10.1109\/TSE.2004.11"},{"key":"e_1_2_10_32_2","doi-asserted-by":"crossref","unstructured":"KalepuS. KrishnaswamyS. andSeng Wai Loke. Reputation = f(user ranking compliance verity) Proceedings of the Proceedings. IEEE International Conference on Web Services 2004. July 2004 San Diego CA USA 200\u2013207 https:\/\/doi.org\/10.1109\/ICWS.2004.1314740.","DOI":"10.1109\/ICWS.2004.1314740"},{"key":"e_1_2_10_33_2","doi-asserted-by":"publisher","DOI":"10.1007\/11575771_30"},{"key":"e_1_2_10_34_2","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-642-16576-4_15"},{"key":"e_1_2_10_35_2","doi-asserted-by":"crossref","unstructured":"LiuX. FletcherK. K. andMingdong Tang Service Selection Based on Personalized Preference and Trade-Offs among QoS Factors and Price Proceedings of the 2012 IEEE International Conference on Services Economics (SE 2012) June 2012 Honolulu HI 32\u201339 https:\/\/doi.org\/10.1109\/SE.2012.5.","DOI":"10.1109\/SE.2012.5"},{"key":"e_1_2_10_36_2","doi-asserted-by":"publisher","DOI":"10.1109\/tsc.2010.52"},{"key":"e_1_2_10_37_2","doi-asserted-by":"publisher","DOI":"10.1016\/j.future.2012.06.006"},{"key":"e_1_2_10_38_2","doi-asserted-by":"publisher","DOI":"10.1109\/tpds.2012.285"},{"key":"e_1_2_10_39_2","doi-asserted-by":"crossref","unstructured":"MenzelM.andRanjanR. CloudGenius Proceedings of the the 21st international conference April 2012 Lyon France https:\/\/doi.org\/10.1145\/2187836.2187967.","DOI":"10.1145\/2187836.2187967"},{"key":"e_1_2_10_40_2","doi-asserted-by":"crossref","unstructured":"LiA. YangX. KandulaS. andZhangM. CloudCmp: comparing public cloud providers Proceedings of the 10th ACM SIGCOMM Conference on Internet Measurement (IMC \u203210) November 2010 Melbourne Australia ACM 1\u201314 https:\/\/doi.org\/10.1145\/1879141.1879143 2-s2.0-78650877494.","DOI":"10.1145\/1879141.1879143"},{"key":"e_1_2_10_41_2","doi-asserted-by":"publisher","DOI":"10.12785\/amis\/071L18"},{"key":"e_1_2_10_42_2","volume-title":"Consensus assessments initiative questionnaire, Cloud Security Alliance","year":"2017"},{"key":"e_1_2_10_43_2","unstructured":"Information security technology-Security guide of cloud computing services GB\/T 31167-2014 National Information Security Standardization Technical Committee 2014."},{"key":"e_1_2_10_44_2","volume-title":"Cloud Security Alliance","author":"Cloud Controls Matrix","year":"2017"},{"key":"e_1_2_10_45_2","doi-asserted-by":"publisher","DOI":"10.1504\/IJSSCI.2008.017590"},{"key":"e_1_2_10_46_2","doi-asserted-by":"publisher","DOI":"10.1016\/j.eswa.2012.05.056"},{"key":"e_1_2_10_47_2","unstructured":"ISO\/IEC 19086-1 Information technology-Cloud computing-Service level agreement (SLA) framework-Part 1:Overview and concepts International Organization for Standardization\/International Electrotechnical Commission 2016."},{"key":"e_1_2_10_48_2","unstructured":"ISO\/IEC 19086-3 Information technology-Cloud computing-Service level agreement (SLA) framework-Part 3: Core conformance requirements International Organization for Standardization\/International Electrotechnical Commission 2016."},{"key":"e_1_2_10_49_2","volume-title":"National Institute of Standards and Technology, Standard","author":"Cloud Computing Service Metrics Description","year":"2018"},{"key":"e_1_2_10_50_2","unstructured":"ISO\/IEC FDIS 19086-2 Information technology-Cloud computing-Service level agreement (SLA) framework-Part 2: Metric Model International Organization for Standardization\/International Electrotechnical Commission 2017."},{"key":"e_1_2_10_51_2","article-title":"Theory of probability. 1em plus 0.5em minus 0","author":"Gnedenko B. V.","year":"2017","journal-title":"4em Routledge"},{"key":"e_1_2_10_52_2","doi-asserted-by":"publisher","DOI":"10.1145\/584091.584093"},{"key":"e_1_2_10_53_2","doi-asserted-by":"publisher","DOI":"10.1109\/TSC.2012.34"}],"container-title":["Wireless Communications and Mobile Computing"],"original-title":[],"language":"en","link":[{"URL":"http:\/\/downloads.hindawi.com\/journals\/wcmc\/2018\/3078272.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"text-mining"},{"URL":"http:\/\/downloads.hindawi.com\/journals\/wcmc\/2018\/3078272.xml","content-type":"application\/xml","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/onlinelibrary.wiley.com\/doi\/pdf\/10.1155\/2018\/3078272","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2026,4,3]],"date-time":"2026-04-03T21:20:29Z","timestamp":1775251229000},"score":1,"resource":{"primary":{"URL":"https:\/\/onlinelibrary.wiley.com\/doi\/10.1155\/2018\/3078272"}},"subtitle":[],"editor":[{"given":"Zhiqing","family":"Wei","sequence":"additional","affiliation":[]}],"short-title":[],"issued":{"date-parts":[[2018,1]]},"references-count":53,"journal-issue":{"issue":"1","published-print":{"date-parts":[[2018,1]]}},"alternative-id":["10.1155\/2018\/3078272"],"URL":"https:\/\/doi.org\/10.1155\/2018\/3078272","archive":["Portico"],"relation":{},"ISSN":["1530-8669","1530-8677"],"issn-type":[{"value":"1530-8669","type":"print"},{"value":"1530-8677","type":"electronic"}],"subject":[],"published":{"date-parts":[[2018,1]]},"assertion":[{"value":"2018-06-22","order":0,"name":"received","label":"Received","group":{"name":"publication_history","label":"Publication History"}},{"value":"2018-09-27","order":2,"name":"accepted","label":"Accepted","group":{"name":"publication_history","label":"Publication History"}},{"value":"2018-10-23","order":3,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}],"article-number":"3078272"}}