UNIVERSITY OF KOBLENZ
Universitätsstraße 1
56070 Koblenz
Project in the "IKT.NRW" competition of the state of NRW 2010, TU Dortmund University. In cooperation with ITESYS Institut für technische Systeme GmbH, LinogistiX ¨ GmbH, TUV-IT and Univ. Duisburg-Essen.
The goal is to support the security and compliance certification of cloud computing systems by developing an open source tool for the documentation and analysis of clouds and the relevant business processes. For security modeling, a standard notation from software engineering (UML) is used, which is suitably extended for this purpose. The approach supports documentation and assessment according to relevant standards, such as ISO 27002 and BSI Grundschutzhandbuch, but also future standards to be expected in this area due to its flexibility. The tool then performs an automatic analysis against security requirements