Middle-East Journal of Scientific Research 23 (8): 1797-1803, 2015 ISSN 1990-9233 © IDOSI Publications, 2015 DOI: 10.5829/idosi.mejsr.2015.23.08.22482 Corresponding Author: T.N. Ravi, Department of Computer Science and Engineering, B.S.Abdur Rahman University, Chennai, India. 1797 Measuring the Security Compliance Using Cloud Control Matrix T.N. Ravi and Sharmila Sankar Department of Computer Science and Engineering, B.S.Abdur Rahman University, Chennai, India Abstract: Cloud computing has been identified as a promising and developing technology that provides development of large-scale, on demand, flexible computing infrastructures- hard ware and software. Globally number of Organizations today grapple with the expansion of distributed computing, increased online collaboration, explosive data growth and heterogeneous IT environments—all issues that make information security more critical, yet more complex than ever. Cloud computing has significant potential to improve security and resilience The Cloud provider must ensure that their infrastructure is secure and that their clients’ data and applications are protected while the user must take measures to fortify their application and use strong passwords and authentication measures. There are different models / methods / standards are developed to provide guidance for implementing information security system for the clouds service providers. This research paper provides an overview for the implementation of cloud security alliance model Cloud control matrix (CCM). CCM provides the various controls needs to be implemented by the service provider to avoid / reduce / mitigate the risks related to the service provided. This helps in building the trust between the service provider and consumer on using the cloud services Key words: Cloud security Cloud customer Cloud provider Cloud security alliance Cloud control matrix INTRODUCTION recognize that the cloud introduces a number of issues Cloud computing is an evolutionary outgrowth of level agreements and data architecture that must be previous computing approaches, which builds upon addressed. Therefore, the adoption of cloud services is existing and new technologies. As per Winkler, "Securing being tempered by a significant level of uncertainty. the Cloud, Cloud Computer Security Techniques and Efficient search is also an important concern in clouds. Tactics"[1], Cloud computing represents a paradigm shift User privacy is also required so that the cloud or other for delivering resources and services; this results in users do not know the identity of the user. The validity of important benefits for both cloud providers and cloud the user who stores the data is also verified [3]. Different consumers. From how we build IT systems and how we cloud deployment models-public, private, or use them to how we organize and structure IT resources, hybrid—have different security vulnerabilities and risks. cloud is refactoring the IT landscape. Faraz Fatemi Generally, risk increases from greater degrees of Moghaddam, Shiva Gerayeli Moghaddam [2] explains that multitenancy among increasingly unknown participants the cloud computing change the Internet into a new Organizations use the Cloud in a variety of different computing platform, is a business model that achieves service models (SaaS, PaaS and IaaS) and deployment purchase on-demand and pay-per-use in network, has a models (Private, Public, Hybrid and Community). [1] broad development prospects. Unlimited storage for Cloud consumer / user choose the needed service customers is one of the major benefits of cloud computing based on various quality / process metrics for each that reduce the concerns about the amount of remaining services provide by the cloud provider. Numerous memory significantly. The advantage of the cloud is surveys indicate that the top concerns for moving to the appealing: reduced costs, greater agility, flexibility, cloud are: 1) security, 2) performance and 3) availability scalability, reduced cost of ownership and potentially are the security concern about. Confidentiality, integrity greater security. At the same time, IT organizations and availability of information that is stored in the cloud. related to security, data integrity, compliance, service