Date Added: Mar 2012
Cloud computing providers' and customers' services are not only exposed to existing security risks, but, due to multi-tenancy, outsourcing the application and data, and virtualization, they are exposed to the emergent, as well. Therefore, both the cloud providers and customers must establish information security system and trustworthiness each other, as well as end users. In this paper, the authors analyze main international and industrial standards targeting information security and their conformity with cloud computing security challenges. They evaluate that almost all main cloud service providers (CSPs) are ISO 27001:2005 certified, at minimum.