• A
  • A
  • A
  • ABC
  • ABC
  • ABC
  • А
  • А
  • А
  • А
  • А
Regular version of the site

Student
Title
Supervisor
Faculty
Educational Programme
Final Grade
Year of Graduation
Katerina Arinarkina
Ensuring Information Security Regime Using Cloud Services
Information Security Management
(Master’s programme)
2016
This thesis is devoted to the concept of information security regime for companies that use cloud services.

The main goal of this thesis is the analysis of information security threats in systems that use the cloud-computing technology to process data with different levels of confidentiality, the paper also observes current information security methods in case of using cloud services.

According to the targets of the thesis, the subject of the research is methods of information security for systems that are implemented as cloud-based service models PaaS, SaaS, IaaS.

The object of the study are cloud services based on ABS “CFR-Bank”, which are presented in several banks.

The following tasks were carried out to achieve the main goal:

• reviewed the overall functioning and cloud deployment models;

• analyzed the problems of information security in case cloud services using, taking into account relevant legal and regulatory framework;

• Listed some examples of the most popular cloud services;

• carried out the analysis of security threats in the cloud-based networks;

• analyzed the safety of cloud service by the example of a specific banking enterprise, and provided recommendations for the technical and organizational measures to protect it assets.

As the result of the thesis, it was found that information security measures provided by the supplier of cloud services are insufficient for the banking business. In addition, the use of an intermediary to access bank’s own data adds new risks due to the fact that the specific business processes of the bank become out of control of the bank. Thus, according to the results of the research, not only the methods and means of protection offered by the provider of cloud services were analyzed, but also were suggested specific actions to ensure the safety of bank’s data that should be taken directly by bank.

Student Theses at HSE must be completed in accordance with the University Rules and regulations specified by each educational programme.

Summaries of all theses must be published and made freely available on the HSE website.

The full text of a thesis can be published in open access on the HSE website only if the authoring student (copyright holder) agrees, or, if the thesis was written by a team of students, if all the co-authors (copyright holders) agree. After a thesis is published on the HSE website, it obtains the status of an online publication.

Student theses are objects of copyright and their use is subject to limitations in accordance with the Russian Federation’s law on intellectual property.

In the event that a thesis is quoted or otherwise used, reference to the author’s name and the source of quotation is required.

Search all student theses