Fraud Threats Disclosure through Cloud Information Security Framework

The Cloud Computing (CC) paradigm introduces a highly efficient environment based on the aggregation of novel technologies. The cloud-based services are characterized by enhanced behavior and unique features due to the capabilities facilitated by the particularities of the CC environment such as the scalability. However, because of these particularities, new threats and vectors of attacks emerge. This surface of cloud attacks, is distributed and covered in nature, which can be utilized to stage fraudulent activities. The cyber-incidents that entail fraudulent activities lead to negative effects such as the nefarious usage of CC resources and the abuse of the cloud-based services. To this end, the information security challenges, which are associated to fraud, lead to restrictions and barriers concerning the operational as well as the financial activities performed by the Cloud Service Provider (CSP). To counterbalance these security challenges, a Cloud Information Security (InfoSec) Framework should be incorporated in the operation of the CSPs' infrastructure. The proposed framework imposes the implementation of a series of phases oriented towards the entanglement with fraud threats so as to mitigate them and therefore secure the provision of the end-services, as well as protect the collected data.