R. N. Taylor, N. N. Medvidovi?, and E. M. Dashofy, Software architecture, Proceedings of the 7th joint meeting of the European software engineering conference and the ACM SIGSOFT symposium on The foundations of software engineering on European software engineering conference and foundations of software engineering symposium, ESEC/FSE '09, 2009.
DOI : 10.1145/1595696.1595754

URL : https://hal.archives-ouvertes.fr/hal-00444077

M. Shaw and D. Garlan, Software architecture: perspectives on an emerging discipline, 1996.

, NIST, p.2013

, National Informaiton Assurance (IA) Glossary. CNSS Instruction No. 4009, CNSS National Security Agency, 2003.

, Minimum Security Requirements for Federal Information and Information Systems, FIPS FEDERAL INFORMATION PROCESSING STANDARDS, 2006.

, Guide for Applying the Risk Management Framework (RMF) to Federal Information Systems: a Security Life Cycle Approach, National Institute of Standards and Technology, p.2010, 2014.

, Risk Management Framework forInformation Systems and Organizations: A System Life Cycle Approach for Security and Privacy (DISCUSSION DRAFT), 2017.

K. Dempsey, N. S. Chawla, A. Johnson, R. Johnston, A. C. Jones et al., Information Security Continuous Monitoring (ISCM) for Federal Information Systems and Organizations, National Institute of Standards and Technology, 2011.
DOI : 10.6028/NIST.SP.800-137

, Joint Task Force Transformation InitiativeGuide for Conducting Risk Assessments (NIST SP 800-30r1)," National Institute of Standards and Technology, 2012.

G. Stoneburner, A. Goguen, and A. Feringa, Risk Management Guide for Information Technology Systems, NIST -National Institute of Standards and Technology, 2002.
DOI : 10.6028/NIST.SP.800-30

J. Task, Security and Privacy Controls for Federal Information Systems and Organizations, National Institute of Standards and Technology, 2013.

, Network Functions Virtualisation (NFV) Architectural Framework, The European Telecommunications Standards Institute, 2013.

T. Dimitrakos, Security Challenges and Guidance for Protecting NFV on Cloud IaaS, ETSI NFV Security Week, 2017.

T. Dimitrakos, Towards a security reference architecture for Network Function Virtualisation: security challenges and security controls, NECS, 2017.

E. , Network Functions Virtualisation (NFV);. NFV Security;. Security and Trust Guidance The European Telecommunications Standards Institute, 2014.

, Network Function Virtualization, CSA CSA, 2016.

C. , Best Practices for Mitigating Risks in Virtualized Environments, 2015.

T. Dimitrakos, Service Oriented Infrastructures and Cloud Service Platforms for the Enterprise. A selection of common capabilities validated in real-life business trials, J. M

S. W. Dimitrakos, , 2009.

R. N. Taylor, N. Medvidovic, and E. M. Dashofy, Software Architecture: Foundations, Theory, and Practice, 2009.

, Risk Management Framework (RMF) Overview, 2016.

, Cloud Computing Benefits, risks and recommendations for information security, European Network and Information Security Agency, 2009.

, Cloud Computing: Information Assurance Framework, The European Network and Information Security Agency, 2009.

M. Abi-antoun and J. M. Barnes, Analyzing security architectures, Proceedings of the IEEE/ACM international conference on Automated software engineering, ASE '10, 2010.
DOI : 10.1145/1858996.1859001

R. A. Caralli, J. F. Stevens, L. R. Young, and W. R. Wilson, Introducing OCTAVE Allegro: Improving the Information Security Risk Assessment Process, 2007.
DOI : 10.21236/ADA470450

T. R. Peltier, Information Security Risk Analysis, 2010.

R. Fredriksen, M. Kristiansen, B. A. Gran, K. Stølen, T. A. Opperud et al., The CORAS Framework for a Model-Based Risk Management Process, International Conference on Computer Safety, Reliability, and Security (SAFECOMP), 2002.
DOI : 10.1007/3-540-45732-1_11

M. S. Lund and B. , Solhaug and K. Stolen, Model-driven risk analysis -The CORAS Approach, 2011.

T. European, . And, . Council, . The, and . Union, REGULATION (EU) 2016/679 Official Journal of the European Union, 2016.

T. European, . And, . Council, . The, and . Union, DIRECTIVE (EU) 2016/1148, Official Journal of the European Union, 2016.

K. Stine, R. Kissel, W. C. Barker, J. Fahlsing, and J. Gulick, Volume I: Guide for Mapping Types of Information and Information Systems to Security Categories, National Institute of Standards and Technology, 2008.

. Cloud-security-alliance, Available: https://cloudsecurityalliance, Cloud Controls Matrix, 2017.

, Architecture Conformance Available: https, Software Engineering Institute