Cloud computing: Security model comprising governance, risk management and compliance

Cloud computing is a growing technology used by several organizations because it presents a cost effective policy to manage and control Information Technology (IT). It delivers computing services as a public utility rather than a personal one. However, despite these benefits, it presents many challenges including access control and security problems. In order to assess security risks, the paper gives an overview of security risk management metrics. Then, it illustrates the use of a cyber security measure to describe an economic security model for cloud computing system. Moreover, it proposes a cloud provider business model for security issues. Finally, the paper shows a solution related to the vulnerabilities in cloud systems using a new quantitative metric to reduce the probability that an architectural components fails. The main aim of this article is to quantify security threats in cloud computing environments due to security breaches using a new security metric.

Download Full-text

A Security Risk Management Metric for Cloud Computing Systems

Standards and Standardization ◽

10.4018/978-1-4666-8111-8.ch037 ◽

2015 ◽

pp. 788-808

Author(s):

Mouna Jouini ◽

Latifa Ben Arfa Rabai

Keyword(s):

Cloud Computing ◽

Risk Management ◽

Cyber Security ◽

Computing System ◽

Cloud Provider ◽

Security Model ◽

Security Risk ◽

Security Breaches ◽

Security Issues ◽

Security Risk Management

Cloud computing is a growing technology used by several organizations because it presents a cost effective policy to manage and control Information Technology (IT). It delivers computing services as a public utility rather than a personal one. However, despite these benefits, it presents many challenges including access control and security problems. In order to assess security risks, the paper gives an overview of security risk management metrics. Then, it illustrates the use of a cyber security measure to describe an economic security model for cloud computing system. Moreover, it proposes a cloud provider business model for security issues. Finally, the paper shows a solution related to the vulnerabilities in cloud systems using a new quantitative metric to reduce the probability that an architectural components fails. The main aim of this article is to quantify security threats in cloud computing environments due to security breaches using a new security metric.

Download Full-text

The Research on Cloud Computing Security Model and Countermeasures

Applied Mechanics and Materials ◽

10.4028/www.scientific.net/amm.511-512.1196 ◽

2014 ◽

Vol 511-512 ◽

pp. 1196-1200

Author(s):

Jian Gang Tang

Keyword(s):

Cloud Computing ◽

Cloud Services ◽

Security Requirements ◽

Security Model ◽

Cloud Computing Security ◽

Resource Pooling ◽

Security Issues ◽

Computing Model ◽

Computing Services ◽

Regulatory Approach

Cloud computing is an open structure which have complexity, on-demand services, virtualization, resource pooling, rapid elasticity and multi-tenant architecture, etc. The security issues have become a bottleneck restricting the development of cloud computing. This paper analyzes the characteristics of cloud computing services, security requirements and security issues, given security strategies and a cloud computing model. It requires the use of cloud computing architecture data centers, virtualization platforms, cloud services, cloud terminal interfaces and cloud terminal to establish a secure cloud computing model. It needs considerations from prevention, surveillance and response to ensure the implementation and management. Cloud computing security is not just technical issues, it also involves many standardization, regulatory approach, laws and regulations and follow the existing security best practices can enhance the security of cloud computing.

Download Full-text