A Methodology for Cloud Security Risks Management

2014 ◽  
pp. 75-104 ◽  
Author(s):  
Mariam Kiran
Keyword(s):  
Cloud Security ◽  
Security Risks

scholarly journals A Threat Computation Model using a Markov Chain and Common Vulnerability Scoring System and its Application to Cloud Security

2019 ◽  
Vol 7 (1) ◽  
pp. 37-56 ◽  
Author(s):  
Ngoc Thuy Le ◽  
Doan B. Hoang
Keyword(s):  
Markov Chain ◽  
Scoring System ◽  
Cloud Security ◽  
Security Threats ◽  
Security Threat ◽  
Security Risks ◽  
Security Metrics ◽  
Novel Approach ◽  
Compliance Checking ◽  
Iot Devices

Securing cyber infrastructures has become critical because they are increasingly exposed to attackers while accommodating a huge number of IoT devices and supporting numerous sophisticated emerging applications. Security metrics are essential for assessing the security risks and making effective decisions concerning system security. Many security metrics rely on mathematical models, but are mainly based on empirical data, qualitative methods, or compliance checking, and this renders the outcome far from satisfactory. Computing the probability of an attack, or more precisely a threat that materialises into an attack, forms an essential basis for a quantitative security metric. This paper proposes a novel approach to compute the probability distribution of cloud security threats based on a Markov chain and Common Vulnerability Scoring System. Moreover, the paper introduces the method to estimate the probability of security attacks. The use of the new security threat model and its computation is demonstrated through their application to estimating the probabilities of cloud threats and types of attacks.

Cloud Computing Security Issues and Mechanisms

2011 ◽  
Vol 225-226 ◽  
pp. 706-709 ◽  
Author(s):  
Shu Guo Yang
Keyword(s):  
Cloud Computing ◽  
Ad Hoc ◽  
Rapid Development ◽  
Cloud Security ◽  
General Purpose ◽  
Security Requirements ◽  
Security Issue ◽  
Security Risks ◽  
Security Issues ◽  
Lower Cloud

Cloud computing is regarded as one of the most enticing technologies and potential silver bullet in the IT industry. Because of open condition and general-purpose nature of cloud, security issue is becoming a bottle neck of rapid development and broad application of cloud computing. Firstly, this paper addresses cloud customers’ significant concerns about and requirements of cloud security. Secondly, cloud security risks and threats posed by the pervasive and ad hoc nature of the cloud are comprehensively analyzed. Finally, some effective and dependable security mechanisms are proposed to lower cloud security risks and meet security requirements of cloud customers. Especially, a novel scheme for integrity and copyright protection of customers’ works in the cloud is presented based on digital watermarking and digital signature.

Cloud Risk Resilience

2019 ◽  
Vol 8 (2) ◽  
pp. 66-92 ◽  
Author(s):  
Akhilesh Mahesh ◽  
Niranjali Suresh ◽  
Manish Gupta ◽  
Raj Sharman
Keyword(s):  
Cloud Computing ◽  
Cloud Security ◽  
Primary Objective ◽  
The Internet ◽  
Effective Management ◽  
Process Data ◽  
Security Risks ◽  
Security Issues ◽  
Computing Services ◽  
Minimal Effort

Cloud computing has been instrumental in transforming the way we store, access and process data. With mobility being the primary objective of the current market, cloud computing offers exactly that. Cloud offers convenient access to a shared pool of computing resources that can be configured and deployed with minimal effort which is used to deliver computing services over the internet. Exercising these advantages come with a plethora of security risks that need to be addressed. The security issues in cloud are complex due to the nature of implementation and regulations that govern them. In this article, we examine existing research on cloud risk and the various frameworks to manage risk. The objective is to map the risk with the audit control and technology that will help in mitigating the risk. We analysed the various cloud security solutions and came up with a list that best help in the effective management of the cloud risk and security issues.

scholarly journals Latest trends, challenges and Solutions in Security in the era of Cloud Computing and Software Defined Networks

2019 ◽  
Vol 8 (3) ◽  
pp. 162
Author(s):  
Wajid Hassan ◽  
Te-Shun Chou ◽  
Xiaoming Li ◽  
Patrick Appiah-Kubi ◽  
Omar Tamer
Keyword(s):  
Cloud Computing ◽  
Cost Effective ◽  
Cloud Security ◽  
Shared Environment ◽  
Security Risks ◽  
Development Models ◽  
Security Issues ◽  
Research Problems ◽  
Regulatory Bodies ◽  
Rapid Transition

The emergence of cloud computing has changed perception of all regarding software delivery, development models and infrastructure. Cloud computing has a potential of providing elastic, easily manageable, powerful and cost effective solutions. The rapid transition to cloud computing has fueled concerns on the security issues. The migration of the user’s data and applications in a shared environment of a cloud, where there is a collocation of several users increases security related concerns. Several research efforts have been made in evaluating challenges related to security faced by the cloud computing environments, a number of solutions of such problems have also been proposed. Integrated security solutions should be devised to deal with the increasing security risks. In this paper, a detailed cloud computing survey, key services and concepts are being presented.  This paper attempts to evaluate various security threats to cloud computing and a number of security solutions have also been discussed. Furthermore, a brief view of the cloud security regulatory bodies and compliance have also been presented. Despite the research efforts in cloud security field, there are still some open research problems and challenges which are discussed in this paper.

Game Theoretic Approaches to Mitigate Cloud Security Risks: An Initial Insight

2021 ◽  
pp. 335-347
Author(s):  
Abdelkarim Ait Temghart ◽  
Driss Ait Omar ◽  
M’hamed Outanoute ◽  
Mbarek Marwan
Keyword(s):  
Cloud Security ◽  
Security Risks ◽  
Game Theoretic

Governance and Risk Management in the Cloud with Cloud Controls Matrix V3 and ISO/IEC 38500:2008

2016 ◽  
pp. 139-159
Author(s):  
Abhik Chaudhuri
Keyword(s):  
Cloud Computing ◽  
Risk Management ◽  
Cloud Security ◽  
Green Computing ◽  
Cloud Services ◽  
It Services ◽  
Security Risks ◽  
Business Leadership ◽  
Effective Governance ◽  
Management Domain

Cloud based services are gaining popularity across the globe and there is a growing interest to adopt the cloud for operational efficiency, green computing initiatives and service agility. However, concerns of security and risks in the Cloud are important constraints to reaping the benefits of Cloud Computing. Controlling the threats and vulnerabilities of Cloud based IT Services are prime necessities with proper policies and guidance from the Business Leadership or Board. While Business is concentrating on cost reduction as a primary enabler for adopting Cloud based Services, there is a growing need for exercising effective Governance and Risk Management to mitigate security risks and to exercise control over data in the Cloud. This chapter discusses how Governance and Risk Management domain (GRM) of Cloud Controls Matrix (CSA CCM) V3 Framework from Cloud Security Alliance (CSA) and the ISO/IEC 38500:2008 standard for IT Governance can be utilized together for an effective Governance and Risk Management of Cloud Services.

Governance and Risk Management in the Cloud with Cloud Controls Matrix V3 and ISO/IEC 38500:2008

2015 ◽  
pp. 80-101
Author(s):  
Abhik Chaudhuri
Keyword(s):  
Cloud Computing ◽  
Risk Management ◽  
Cloud Security ◽  
Green Computing ◽  
Cloud Services ◽  
It Services ◽  
Security Risks ◽  
Business Leadership ◽  
Effective Governance ◽  
Management Domain

Cloud based services are gaining popularity across the globe and there is a growing interest to adopt the cloud for operational efficiency, green computing initiatives and service agility. However, concerns of security and risks in the Cloud are important constraints to reaping the benefits of Cloud Computing. Controlling the threats and vulnerabilities of Cloud based IT Services are prime necessities with proper policies and guidance from the Business Leadership or Board. While Business is concentrating on cost reduction as a primary enabler for adopting Cloud based Services, there is a growing need for exercising effective Governance and Risk Management to mitigate security risks and to exercise control over data in the Cloud. This chapter discusses how Governance and Risk Management domain (GRM) of Cloud Controls Matrix (CSA CCM) V3 Framework from Cloud Security Alliance (CSA) and the ISO/IEC 38500:2008 standard for IT Governance can be utilized together for an effective Governance and Risk Management of Cloud Services.

Cloud Risk Resilience

2020 ◽  
pp. 1518-1548
Author(s):  
Akhilesh Mahesh ◽  
Niranjali Suresh ◽  
Manish Gupta ◽  
Raj Sharman
Keyword(s):  
Cloud Computing ◽  
Cloud Security ◽  
Primary Objective ◽  
The Internet ◽  
Effective Management ◽  
Process Data ◽  
Security Risks ◽  
Security Issues ◽  
Computing Services ◽  
Minimal Effort

Cloud computing has been instrumental in transforming the way we store, access and process data. With mobility being the primary objective of the current market, cloud computing offers exactly that. Cloud offers convenient access to a shared pool of computing resources that can be configured and deployed with minimal effort which is used to deliver computing services over the internet. Exercising these advantages come with a plethora of security risks that need to be addressed. The security issues in cloud are complex due to the nature of implementation and regulations that govern them. In this article, we examine existing research on cloud risk and the various frameworks to manage risk. The objective is to map the risk with the audit control and technology that will help in mitigating the risk. We analysed the various cloud security solutions and came up with a list that best help in the effective management of the cloud risk and security issues.

scholarly journals A Survey of Emerging Threats in Cloud Security

2021 ◽  
Vol 9 (8) ◽  
pp. 2943-2945
Author(s):  
Darshan Bagrao
Keyword(s):  
Cloud Computing ◽  
Distributed Systems ◽  
Cloud Security ◽  
Communication Media ◽  
Security Threats ◽  
Security Risks ◽  
Web Based ◽  
Client Server ◽  
Potential Gain

Abstract: The original aim of the research was to investigate the conceptual dimensions of cloud security threats and vulnerabilities. Cloud computing has changed the whole picture from centralized (client-server not web-based) to distributed systems and now we are getting back to virtual centralization (cloud computing). Although potential gain achieved from cloud computing but still model security is questionable. . The cloud computing concept offers dynamically scalable resources and so it uses internet as a communication media. This paper proposes survey on emerging threats of cloud and also discussed the existing threat report and their remediation. The result and analysis show that solution of this work will be helpful in summarizing the main security risks of cloud computing from different organizations. Keywords: Threat, vulnerabilities, model security.

Sign in / Sign up

Export Citation Format

Share Document