{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,7,1]],"date-time":"2025-07-01T18:46:37Z","timestamp":1751395597574},"reference-count":62,"publisher":"IGI Global","issue":"3","content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2020,7,1]]},"abstract":"<p>Security is a critical issue particularly in public cloud as it rests with the cloud providers. During security implementation, prevailing security threats and regulatory standards are borne in mind. Regulatory compliance varies from one cloud provider to another according to their maturity and location of the data center. Thus, subscribers need to verify the security requirement meeting their objective and the one implemented by the public cloud provider. To this end, subscribers need to visit each cloud provider's site to view the compliance. This is a time-consuming activity at the same time difficult to locate on a website. This work presents the prominent security standards suggested by the leading security institutions including NIST, CSA, ENISA, ISO, etc., that are applicable to the public cloud. A centrally-driven scheme is proposed in order to empower the subscriber to know the regulation and standards applicable according to their services need. The availability of an exhaustive list at one place will lower the users hassle at subscription time.<\/p>","DOI":"10.4018\/jitr.2020070102","type":"journal-article","created":{"date-parts":[[2020,7,17]],"date-time":"2020-07-17T15:54:17Z","timestamp":1595001257000},"page":"21-36","source":"Crossref","is-referenced-by-count":1,"title":["Regulations and Standards in Public Cloud"],"prefix":"10.4018","volume":"13","author":[{"given":"Jitendra","family":"Singh","sequence":"first","affiliation":[{"name":"Dyal Singh Evening College, University of Delhi, New Delhi, India"}]},{"given":"Kamlesh Kumar","family":"Raghuvanshi","sequence":"additional","affiliation":[{"name":"Department of Computer Science, Ramanujan College, University of Delhi, New Delhi, India"}]}],"member":"2432","reference":[{"key":"JITR.2020070102-0","doi-asserted-by":"crossref","unstructured":"Ab Rahman, N. H. & Choo, K.-K. R. (2015). A survey of information security incident handling in the cloud. Computers & Security, 49, 45-69.","DOI":"10.1016\/j.cose.2014.11.006"},{"key":"JITR.2020070102-1","doi-asserted-by":"publisher","DOI":"10.1016\/j.ins.2015.01.025"},{"key":"JITR.2020070102-2","unstructured":"Armour, W. W., Bukhari, N., & Butler, W. (2013). NIST Cloud Computing Security Reference Architecture. NIST."},{"key":"JITR.2020070102-3","unstructured":"Bolgert, A. L., Kalyanaraman, R., Forlenza, R. M., & Cohen, R. J. (2015). Supporting compliance in a cloud environment. Google Patents."},{"key":"JITR.2020070102-4","doi-asserted-by":"crossref","unstructured":"Bose, R., Luo, X., & Liu, Y. (2013). The Roles of Security and Trust: Comparing Cloud Computing. Procedia - Social and Behavioral Sciences, 73, 30-34.","DOI":"10.1016\/j.sbspro.2013.02.015"},{"key":"JITR.2020070102-5","doi-asserted-by":"crossref","unstructured":"Bracci, F., Corradi, A., & Foschini, L. (2014). Cloud Standards: Security and Interoperability Issues. In Communication Infrastructures for Cloud Computing (pp. 465-495). Hershey, PA: IGI Global.","DOI":"10.4018\/978-1-4666-4522-6.ch020"},{"key":"JITR.2020070102-6","doi-asserted-by":"publisher","DOI":"10.1016\/j.future.2008.12.001"},{"key":"JITR.2020070102-7","unstructured":"CDMI. (n.d.). CDMI Cloud Storage Standard. (SNIA) Retrieved from https:\/\/www.snia.org\/cloud\/cdmi"},{"key":"JITR.2020070102-8","unstructured":"Census India. (2011). Office of the Registrar General & Census Commissioner, India. Retrieved from Error! Hyperlink reference not valid.http:\/\/censusindia.gov.in\/pca\/Searchdata.aspx"},{"key":"JITR.2020070102-9","doi-asserted-by":"publisher","DOI":"10.1016\/j.future.2015.09.031"},{"key":"JITR.2020070102-10","doi-asserted-by":"publisher","DOI":"10.1016\/j.csi.2015.06.005"},{"key":"JITR.2020070102-11","doi-asserted-by":"crossref","unstructured":"Chou, D. C. (2015). Cloud computing: A value creation model. Computer Standards & Interfaces, 38, 72-77.","DOI":"10.1016\/j.csi.2014.10.001"},{"key":"JITR.2020070102-12","unstructured":"CSA. (2013). The Notorious Nine: Cloud Computing Top Threats in 2013. Retrieved from https:\/\/downloads.cloudsecurityalliance.org\/initiatives\/top_threats\/The_Notorious_Nine_Cloud_Computing_Top_Threats_in_2013.pdf"},{"key":"JITR.2020070102-13","unstructured":"Duncan, R. A. & Whittington, M. (2016). Enhancing cloud security and privacy: the power and the weakness of the audit trail. In Cloud Computing 2016. Academic Press."},{"key":"JITR.2020070102-14","article-title":"Creating an Immutable Database for Secure Cloud Audit Trail and System Logging.","author":"R. A.Duncan","year":"2017","journal-title":"Eighth International Conference on Cloud Computing, GRIDs, and Virtualization, 19 February 2017-23 February 2017, Athens, Greece."},{"key":"JITR.2020070102-15","doi-asserted-by":"publisher","DOI":"10.1016\/j.future.2014.10.023"},{"key":"JITR.2020070102-16","unstructured":"ENISA. (2009). Cloud Computing, Information Assurance Framework. Retrieved from http:\/\/www.enisa.europa.eu\/"},{"key":"JITR.2020070102-17","unstructured":"Ferris, J. M. (2015). Data compliance management associated with cloud migration events. Google Patents."},{"key":"JITR.2020070102-18","unstructured":"Gartner. (2008). Assessing the security risks of cloud computing."},{"key":"JITR.2020070102-19","unstructured":"Haeberlen, T., Liveri, D., & Lakka, M. (n.d.). Good Practice Guide for securely deploying Governmental Clouds."},{"key":"JITR.2020070102-20","unstructured":"ISO. (2014, 10). ISO\/IEC 17789:2014: Information technology -- Cloud computing -- Reference architecture. Retrieved from https:\/\/www.iso.org\/standard\/60545.html"},{"key":"JITR.2020070102-21","doi-asserted-by":"crossref","unstructured":"Jansen, W., & Grance, T. (2011). Guidelines on Security and Privacy in Public Cloud Computing. NIST.","DOI":"10.6028\/NIST.SP.800-144"},{"issue":"5","key":"JITR.2020070102-22","first-page":"987","article-title":"Cloud. security and compliance-A semantic approach in end to end security.","volume":"8","author":"R.Kalaiprasath","year":"2017","journal-title":"International Journal Of Mechanical Engineering And Technology"},{"key":"JITR.2020070102-23","doi-asserted-by":"publisher","DOI":"10.1016\/j.jnca.2016.05.010"},{"key":"JITR.2020070102-24","doi-asserted-by":"publisher","DOI":"10.1016\/j.future.2014.10.032"},{"key":"JITR.2020070102-25","doi-asserted-by":"publisher","DOI":"10.1016\/j.future.2014.10.014"},{"key":"JITR.2020070102-26","doi-asserted-by":"crossref","unstructured":"Mell, P. & Grance, T. (2011). The NIST definition of cloud computing.","DOI":"10.6028\/NIST.SP.800-145"},{"key":"JITR.2020070102-27","unstructured":"Microsoft. (2012, June). Compliance and the Cloud. Guiding principles and architecture for addressing Life Science compliance in the cloud. Microsoft Press."},{"key":"JITR.2020070102-28","unstructured":"OMG. (n.d.). Object Management Group. Retrieved from https:\/\/www.omg.org\/memberservices\/index.htm"},{"key":"JITR.2020070102-29","doi-asserted-by":"crossref","first-page":"167","DOI":"10.1016\/j.jss.2015.02.002","article-title":"A survey study on major technical barriers affecting the decision to adopt cloud services.","volume":"103","author":"N.Phaphooma","year":"2015","journal-title":"The Journal of Systems and Software"},{"key":"JITR.2020070102-30","doi-asserted-by":"publisher","DOI":"10.1016\/j.ijinfomgt.2013.11.002"},{"key":"JITR.2020070102-31","year":"2015","journal-title":"State of the cloud Report"},{"key":"JITR.2020070102-32","doi-asserted-by":"publisher","DOI":"10.1016\/S1353-4858(15)30058-1"},{"key":"JITR.2020070102-33","author":"J. W.Rittinghouse","year":"2016","journal-title":"Cloud computing: implementation, management, and security"},{"key":"JITR.2020070102-34","doi-asserted-by":"crossref","unstructured":"Ryan, M. D. (2013). Cloud computing security: The scientific challenge, and a survey of solutions. The Journal of Systems and Software, 86(9), 2263-2268.","DOI":"10.1016\/j.jss.2012.12.025"},{"key":"JITR.2020070102-35","first-page":"13","article-title":"How Commonwealth Bank of Australia Gained Benefits Using a Standards-Based, Multi-Provider Cloud Model.","author":"D.Schlagwein","year":"2014","journal-title":"MIS Quarterly Executive"},{"key":"JITR.2020070102-36","author":"M.Schrutt","year":"2013","journal-title":"IDC and TELUS Enterprise Cloud Study,2013:Capitalizing on Cloud\u2019s"},{"key":"JITR.2020070102-37","doi-asserted-by":"publisher","DOI":"10.1016\/j.ins.2013.04.028"},{"key":"JITR.2020070102-38","unstructured":"Singh, H. P., Bhisikar, A., & Singh, J. (2013). Innovative ICT Through Cloud Computing. IUP Journal of Computer Sciences, 7(1)."},{"key":"JITR.2020070102-39","first-page":"78","article-title":"Cyber-attacks in cloud computing: A case study.","author":"J.Singh","year":"2014"},{"key":"JITR.2020070102-40","doi-asserted-by":"publisher","DOI":"10.17781\/P001294"},{"key":"JITR.2020070102-41","first-page":"78","article-title":"Cyber-Attacks in Cloud Computing: A Case Study.","author":"J.Singh","year":"2014 c"},{"key":"JITR.2020070102-42","doi-asserted-by":"publisher","DOI":"10.5815\/ijmecs.2017.03.03"},{"key":"JITR.2020070102-43","first-page":"180","article-title":"Assessment of security risk in cloud computing environment.","volume":"7","author":"J.Singh","year":"2011","journal-title":"Asia Pacific Business Review"},{"issue":"4","key":"JITR.2020070102-44","first-page":"180","article-title":"Assessment of security risks in merging the private and public cloud.","volume":"7","author":"J.Singh","year":"2011","journal-title":"Asia Pacific Business Review"},{"key":"JITR.2020070102-45","doi-asserted-by":"publisher","DOI":"10.4018\/978-1-4666-4209-6.ch006"},{"key":"JITR.2020070102-46","doi-asserted-by":"publisher","DOI":"10.4018\/ijcac.2013100102"},{"key":"JITR.2020070102-47","doi-asserted-by":"publisher","DOI":"10.4018\/jitr.2014070103"},{"key":"JITR.2020070102-48","unstructured":"Singh, J., & Kumar, V. (2014). Virtual Appliances-Based Framework for Regulatory Compliances in Cloud Data Centers. IUP Journal of Information Technology, 10."},{"key":"JITR.2020070102-49","unstructured":"Singh, J., Powles, J., Pasquier, T., & Bacon, J. (2015). Seeing through the clouds: Management, control and compliance for cloud computing. Cloud Computing, 1-12."},{"key":"JITR.2020070102-50","author":"J.Singh","year":"2017","journal-title":"Study on the Development of Cloud Security"},{"key":"JITR.2020070102-51","unstructured":"singh, j. (2014). Cloud computing for Beginner to researcher. New York: CS an Amazon Company."},{"key":"JITR.2020070102-52","doi-asserted-by":"crossref","unstructured":"Singh, J. (2016). Democratizing IT: A Cloud Computing Framework. International Journal of Education and Management Engineering, 6(2), 1-13.","DOI":"10.5815\/ijeme.2016.02.01"},{"key":"JITR.2020070102-53","unstructured":"SNIA. (n.d.). Open Grid Form. Retrieved from https:\/\/www.snia.org\/about\/alliances\/ogf"},{"key":"JITR.2020070102-54","doi-asserted-by":"publisher","DOI":"10.1109\/MCC.2015.14"},{"key":"JITR.2020070102-55","doi-asserted-by":"publisher","DOI":"10.1016\/j.ins.2013.04.028"},{"key":"JITR.2020070102-56","doi-asserted-by":"publisher","DOI":"10.1016\/j.future.2013.05.005"},{"key":"JITR.2020070102-57","doi-asserted-by":"publisher","DOI":"10.1016\/j.future.2013.05.005"},{"key":"JITR.2020070102-58","doi-asserted-by":"publisher","DOI":"10.1016\/S1353-4858(15)70011-5"},{"key":"JITR.2020070102-59","doi-asserted-by":"publisher","DOI":"10.1007\/s13174-010-0007-6"},{"key":"JITR.2020070102-60","doi-asserted-by":"publisher","DOI":"10.1145\/2382196.2382230"},{"key":"JITR.2020070102-61","doi-asserted-by":"publisher","DOI":"10.1016\/j.future.2010.12.006"}],"container-title":["Journal of Information Technology Research"],"original-title":[],"language":"ng","link":[{"URL":"https:\/\/www.igi-global.com\/viewtitle.aspx?TitleId=258831","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2022,5,7]],"date-time":"2022-05-07T01:46:46Z","timestamp":1651888006000},"score":1,"resource":{"primary":{"URL":"https:\/\/services.igi-global.com\/resolvedoi\/resolve.aspx?doi=10.4018\/JITR.2020070102"}},"subtitle":["A Centrally Driven Technique for Subscribers"],"short-title":[],"issued":{"date-parts":[[2020,7,1]]},"references-count":62,"journal-issue":{"issue":"3","published-print":{"date-parts":[[2020,7]]}},"URL":"https:\/\/doi.org\/10.4018\/jitr.2020070102","relation":{},"ISSN":["1938-7857","1938-7865"],"issn-type":[{"value":"1938-7857","type":"print"},{"value":"1938-7865","type":"electronic"}],"subject":[],"published":{"date-parts":[[2020,7,1]]}}}