How to Manage Information Security in Cloud Computing

Abstract

The debut of the Cloud Computing generation has made information security managing a most significant and critical issue. However, the successful management of information security in cloud computing requires certain factors. This study aims to collect Key Success Factors (KSFs) that determine the management information security in cloud computing through literature review and design of a questionnaire survey. This comprises four major aspects: (1) External dimension, (2) Internal dimension, (3) Technology dimension, and (4) Execution dimension. Based on these, we proceed with categorization and analysis using Fuzzy Analytic Hierarchy Process (Fuzzy AHP or FAHP), which we applied in this study to overcome the seeming failure of general Analytical Hierarchy Process (AHP) in dealing with respondents' impersonal differences in paired comparison. The objectives under each aspect ranked in order from security function, system, organization, operation, market, legislation, human resource, to mechanism. The results sifted from the FAHP approach suggest six top key success factors: "Authentication", "Disclosure Preventing", "Encryption", "Service Model", "Interface", and "Customer". Different to conventional information security, security in cloud computing emphasizes more market-oriented factors.