A Quantitative Methodology for Cloud Security Risk Assessment

被引:4
|
作者
Basu, Srijita [1 ]
Sengupta, Anirban [1 ]
Mazumdar, Chandan [2 ]
机构
[1] Jadavpur Univ, Ctr Distributed Comp, 188 Raja SC Mullick Rd, Kolkata, India
[2] Jadavpur Univ, Dept Comp Sci & Engn, 188 Raja SC Mullick Rd, Kolkata, India
来源
CLOSER: PROCEEDINGS OF THE 7TH INTERNATIONAL CONFERENCE ON CLOUD COMPUTING AND SERVICES SCIENCE | 2017年
关键词
Asset Dependency; Cloud Security; Cloud Service Provider; Risk Assessment; Security Concern;
D O I
10.5220/0006294401200131
中图分类号
TP [自动化技术、计算机技术];
学科分类号
0812 ;
摘要
Assets of Cloud stakeholders (Service Providers, Consumers and Third Parties) are the essential elements required to carry out necessary functions / services of the cloud system. Assets usually contain vulnerabilities that may be exploited by threats to jeopardize the functioning of the cloud system. Therefore a proper risk assessment methodology is required to determine the asset-specific and stakeholder-specific risks so as to be able to control them. Existing methodologies fail to comprehensively evaluate various risk elements like asset value, vulnerabilities and threats. This paper is an attempt to quantitatively model all risk elements and devise a methodology to assess risks to assets and stakeholders of a cloud system.
引用
收藏
页码:92 / 103
页数:12
相关论文
共 50 条
  • [11] Data security and risk assessment in cloud computing
    Li, Jing
    Li, Qinyuan
    4TH ANNUAL INTERNATIONAL CONFERENCE ON WIRELESS COMMUNICATION AND SENSOR NETWORK (WCSN 2017), 2018, 17
  • [12] A quantitative risk assessment methodology for construction project
    Vishal Kumar Gupta
    Jitesh J Thakkar
    Sādhanā, 2018, 43
  • [13] A quantitative risk assessment methodology for construction project
    Gupta, Vishal Kumar
    Thakkar, Jitesh J.
    SADHANA-ACADEMY PROCEEDINGS IN ENGINEERING SCIENCES, 2018, 43 (07):
  • [14] Security risk vector for quantitative asset assessment
    Chung, YJ
    Kim, I
    Lee, N
    Lee, T
    In, HP
    COMPUTATIONAL SCIENCE AND ITS APPLICATIONS - ICCSA 2005, PT 2, 2005, 3481 : 274 - 283
  • [15] Quantitative Software Security Risk Assessment Model
    Mkpong-Ruffin, Idongesit
    Umphress, David
    Hamilton, John
    Gilbert, Juan
    QOP'07: PROCEEDINGS OF THE 2007 ACM WORKSHOP ON QUALITY OF PROTECTION, 2007, : 31 - 33
  • [16] A Method of the Cloud Computing Security Management Risk Assessment
    Wang, Hongbing
    Liu, Feng
    Liu, Heng
    ADVANCES IN COMPUTER SCIENCE AND ENGINEERING, 2012, 141 : 609 - +
  • [17] Research on the Security Risk Assessment and the Solutions of Cloud Computing
    Ding, Wen
    INTELLIGENCE COMPUTATION AND EVOLUTIONARY COMPUTATION, 2013, 180 : 481 - 486
  • [18] Overall cloud computing security risk assessment analysis
    Liu, Heng
    Wang, Hongbing
    Wang, Yong
    Qinghua Daxue Xuebao/Journal of Tsinghua University, 2010, 50 (SUPPL. 1): : 1521 - 1528
  • [19] Security Risk Assessment Methodology for the petroleum and petrochemical industries
    Moore, David A.
    JOURNAL OF LOSS PREVENTION IN THE PROCESS INDUSTRIES, 2013, 26 (06) : 1685 - 1689
  • [20] A Review of Security Risk Assessment Methods in Cloud Computing
    Alturkistani, Fatimah M.
    Emam, Ahmed Z.
    NEW PERSPECTIVES IN INFORMATION SYSTEMS AND TECHNOLOGIES, VOL 1, 2014, 275 : 443 - 453
12345