A Quantitative Methodology for Cloud Security Risk Assessment

被引：4

作者：

Basu, Srijita ^{[1
]}

Sengupta, Anirban ^{[1
]}

Mazumdar, Chandan ^{[2
]}

机构：

[1] Jadavpur Univ, Ctr Distributed Comp, 188 Raja SC Mullick Rd, Kolkata, India

[2] Jadavpur Univ, Dept Comp Sci & Engn, 188 Raja SC Mullick Rd, Kolkata, India

来源：

CLOSER: PROCEEDINGS OF THE 7TH INTERNATIONAL CONFERENCE ON CLOUD COMPUTING AND SERVICES SCIENCE | 2017年

关键词：

Asset Dependency; Cloud Security; Cloud Service Provider; Risk Assessment; Security Concern;

D O I：

10.5220/0006294401200131

中图分类号：

TP [自动化技术、计算机技术];

学科分类号：

0812 ;

摘要：

Assets of Cloud stakeholders (Service Providers, Consumers and Third Parties) are the essential elements required to carry out necessary functions / services of the cloud system. Assets usually contain vulnerabilities that may be exploited by threats to jeopardize the functioning of the cloud system. Therefore a proper risk assessment methodology is required to determine the asset-specific and stakeholder-specific risks so as to be able to control them. Existing methodologies fail to comprehensively evaluate various risk elements like asset value, vulnerabilities and threats. This paper is an attempt to quantitatively model all risk elements and devise a methodology to assess risks to assets and stakeholders of a cloud system.

引用

页码：92 / 103

页数：12

共 50 条

[31] A new quantitative approach for information security risk assessment
Asosheh, Abbas
Dehmoubed, Bijan
Khani, Amir
ISI: 2009 IEEE INTERNATIONAL CONFERENCE ON INTELLIGENCE AND SECURITY INFORMATICS, 2009, : 229 - 229
[32] Theory and methodology of research on cloud security
Hai JIN
Weiqi DAI
Deqing ZOU
Science China(Information Sciences), 2016, 59 (05) : 15 - 17
[33] Security risk assessment methodology for communities (RAM-C)
Jaeger, C
IEEE AEROSPACE AND ELECTRONIC SYSTEMS MAGAZINE, 2005, 20 (06) : 15 - 17
[34] Security risk assessment methodology for communities (RAM-C™)
Jaeger, C
PROBABILISTIC SAFETY ASSESSMENT AND MANAGEMENT, VOL 1- 6, 2004, : 1328 - 1332
[35] Security risk assessment methodology for communities (RAM-C)
Jaeger, C
38TH ANNUAL 2004 INTERNATIONAL CARNAHAN CONFERENCE ON SECURITY TECHNOLOGY, PROCEEDINGS, 2004, : 106 - 110
[36] Security Risk Assessment of Cloud Computing Services in a Networked Environment
Weintraub, Eli
Cohen, Yuval
INTERNATIONAL JOURNAL OF ADVANCED COMPUTER SCIENCE AND APPLICATIONS, 2016, 7 (11) : 79 - 90
[37] Risk Assessment for Big Data in Cloud: Security, Privacy and Trust
Ali, Hazirah Bee Bt Yusof
Abdullah, Lili Marziana Bt
Kartiwi, Mira
Nordin, Azlin
PROCEEDINGS OF 2018 ARTIFICIAL INTELLIGENCE AND CLOUD COMPUTING CONFERENCE (AICCC 2018), 2018, : 63 - 67
[38] A Research on The Indicator System of Cloud Computing Security Risk Assessment
Zhang, Jijun
Sun, Dejian
Zhai, Donghang
2012 INTERNATIONAL CONFERENCE ON QUALITY, RELIABILITY, RISK, MAINTENANCE, AND SAFETY ENGINEERING (ICQR2MSE), 2012, : 121 - 123
[39] Empirical Assessment for Security Risk and Availability in Public Cloud Frameworks
El-Attar, Noha E.
Awad, Wael A.
Omara, Fatma A.
PROCEEDINGS OF 2016 11TH INTERNATIONAL CONFERENCE ON COMPUTER ENGINEERING & SYSTEMS (ICCES), 2016, : 17 - 25
[40] The Application of Cloud Matter - element in Information Security Risk Assessment
Dai Zong-you
Zhang Wen-long
Shen Yan-an
Wang Hai-tao
2017 3RD INTERNATIONAL CONFERENCE ON INFORMATION MANAGEMENT (ICIM 2017), 2017, : 218 - 222

← 1 2 3 4 5 →