Abstract
The European Union (EU) has drafted legislation on cybersecurity called the Network and Information Security 2 Directive (NIS2). Cloud Service Providers have been labelled as a vital industry. Hence, they will not be governed by the to be derived national law, but by the European Implementing Acts which will be covered by a European Cybersecurity Certification Scheme for Cloud Services (EUCS).This report provides a method to model capabilities for a Cloud Service Provider to be eligible for EUCS certification. It analyses the EUCS certification scheme from which one requirement is chosen to derive concepts from. These concepts provide the basis for modelling value stream (stage(s)), serving capabilities and associated business objects. These business objects are executed through protocol modelling making the associated capabilities verifiable and therefor eligible for certification.
| Date of Award | 19 Jan 2025 |
|---|---|
| Original language | English |
| Supervisor | Ella Roubtsova (Examiner) & Ben Roelens (Co-assessor) |
Keywords
- NIS2
- EUCS
- cybersecurity
- cloud computing service providers
- capability map
- value chain
- protocol modelling
Master's Degree
- Master Business Process management & IT (BPMIT)