Automated API framework tools for evaluating cloud resources (IAM, S3, KMS) for compliance with ISO 27001 case study AWS

Trudy-Ann Campbell 1, *, Samson Eromonsei 1 and Olusegun Afolabi 2

1 School of Engineering Prairie View A&M University Prairie View, Texas USA.
2 Department of Information Systems and Business Analysis, Aston Business School, Aston University, Birmingham, UK.
 
Research Article
Global Journal of Engineering and Technology Advances, 2024, 20(01), 131–149.
Article DOI: 10.30574/gjeta.2024.20.1.0126
Publication history: 
Received on 09 June 2024; revised on 17 July 2024; accepted on 20 July 2024
 
Abstract: 
CLOUD— computing's advancements has provided scalability and adaptability but has also given rise to data security concerns. ISO 27001 is vital for cloud information security, yet compliance in dynamic settings poses challenges. Automated API framework tools automate ISO 27001 compliance checks for IAM, S3, and KMS services in AWS, boosting efficiency and minimizing errors. This study investigates the effectiveness of these frameworks, focusing on AWS environments. It explores advantages, difficulties, and practical considerations of automation in cloud compliance. Insights aim to enhance understanding of how automation reinforces security and regulatory adherence. Previous studies highlight the need for adaptable monitoring solutions in cloud setups. Recent research demonstrates the potential of programming languages like Python to streamline compliance processes effectively. This study contributes by examining the efficiency of automated compliance frameworks in AWS, offering perspectives on their practical application in cloud settings.
 
Keywords: 
Cloud Computing; ISO 27001 Compliance; Automated Compliance Frameworks; AWS Services (IAM; S3; KMS); Security Management Systems; Regulatory Compliance; Data Security; Automation in Cloud Computing; Information Security; Cloud Security
 
Full text article in PDF: