Cloud Security Requirement Based Threat Analysis

被引:0
|
作者
Taha, Ahmed [1 ]
Lawall, Alexander [1 ]
Suri, Neeraj [2 ]
机构
[1] IUAS, Bad Honnef, Germany
[2] Univ Lancaster, Lancaster, England
来源
2023 INTERNATIONAL CONFERENCE ON COMPUTING, NETWORKING AND COMMUNICATIONS, ICNC | 2023年
关键词
Threat Analysis; Cloud Security; Service's dependencies;
D O I
10.1109/ICNC57223.2023.10074275
中图分类号
TP3 [计算技术、计算机技术];
学科分类号
0812 ;
摘要
Threat analysis (TA) is a process to identify, detect, and evaluate security vulnerabilities systematically. Specifically, the TA, which focuses on threats that can potentially violate the customer's data ownership requirements of security and performance, is named Requirement Based Threat Analysis (RBTA). Despite the importance of RBTA, the current manual RBTA process is both time intensive and makes no assurance of completeness of the analysis. Thus, we develop a systematic analytic technique that enumerates customers' requirements and then determines all possible direct/indirect dependencies across them to conduct a generalized threat analysis from their requirements. The approach is validated for its effectiveness on actual Cloud customer requirements and can be generalized to apply to other requirements.
引用
收藏
页码:506 / 510
页数:5
相关论文
共 50 条
  • [21] Analysis and Security Evaluation of Security Threat on Broadcasting Service
    Jong Han Lee
    Seung Joo Kim
    Wireless Personal Communications, 2017, 95 : 4149 - 4169
  • [22] Security analysis of access control model in hybrid cloud based on security entropy
    车天伟
    Ma Jianfeng
    Li Na
    Wang Chao
    HighTechnologyLetters, 2015, 21 (02) : 200 - 204
  • [23] Analysis and Security Evaluation of Security Threat on Broadcasting Service
    Lee, Jong Han
    Kim, Seung Joo
    WIRELESS PERSONAL COMMUNICATIONS, 2017, 95 (04) : 4149 - 4169
  • [24] Threat Modeling and Analysis for the Cloud Ecosystem
    Manzoor, Salman
    Zhang, Heng
    Suri, Neeraj
    2018 IEEE INTERNATIONAL CONFERENCE ON CLOUD ENGINEERING (IC2E 2018), 2018, : 278 - 281
  • [25] Lightweight threat awareness system based on combination of host and cloud analysis
    Peng G.
    Wang T.
    Liu Y.
    Zhang H.
    2016, Huazhong University of Science and Technology (44): : 17 - 21and27
  • [26] Security requirement analysis of business processes
    Herrmann P.
    Herrmann G.
    Electronic Commerce Research, 2006, 6 (3-4) : 305 - 335
  • [27] Security and Privacy Threat Analysis for Solid
    Mirzamohammadi, Omid
    Jannes, Kristof
    Sion, Laurens
    Van Landuyt, Dimitri
    Abidin, Aysajan
    Singelee, Dave
    2023 IEEE SECURE DEVELOPMENT CONFERENCE, SECDEV, 2023, : 196 - 206
  • [28] A Cloud Computing Security Framework Based on Cloud Security Trusted Authority
    Dawoud, Mohammed M.
    Ebrahim, Gamal A.
    Youssef, Sameh A.
    INTERNATIONAL CONFERENCE ON INFORMATICS AND SYSTEMS (INFOS 2016), 2016, : 133 - 138
  • [29] CloudI: Cloud Security based on Cloud Introspection
    Zhang, Jian
    Wang, Wenxu
    Gong, Liangyi
    Gu, Zhaojun
    PROCEEDINGS OF 2018 10TH INTERNATIONAL CONFERENCE ON MACHINE LEARNING AND COMPUTING (ICMLC 2018), 2018, : 341 - 346
  • [30] Enhancing Cloud Security-Proactive Threat Monitoring and Detection Using a SIEM-Based Approach
    Tuyishime, Emmanuel
    Balan, Titus C.
    Cotfas, Petru A.
    Cotfas, Daniel T.
    Rekeraho, Alexandre
    APPLIED SCIENCES-BASEL, 2023, 13 (22):
12345