A Security Risk Management Metric for Cloud Computing Systems

2015 ◽  
pp. 788-808
Author(s):  
Mouna Jouini ◽  
Latifa Ben Arfa Rabai
Keyword(s):  
Cloud Computing ◽  
Risk Management ◽  
Cyber Security ◽  
Computing System ◽  
Cloud Provider ◽  
Security Model ◽  
Security Risk ◽  
Security Breaches ◽  
Security Issues ◽  
Security Risk Management

Cloud computing is a growing technology used by several organizations because it presents a cost effective policy to manage and control Information Technology (IT). It delivers computing services as a public utility rather than a personal one. However, despite these benefits, it presents many challenges including access control and security problems. In order to assess security risks, the paper gives an overview of security risk management metrics. Then, it illustrates the use of a cyber security measure to describe an economic security model for cloud computing system. Moreover, it proposes a cloud provider business model for security issues. Finally, the paper shows a solution related to the vulnerabilities in cloud systems using a new quantitative metric to reduce the probability that an architectural components fails. The main aim of this article is to quantify security threats in cloud computing environments due to security breaches using a new security metric.

A Security Risk Management Metric for Cloud Computing Systems

2014 ◽  
Vol 4 (3) ◽  
pp. 1-21 ◽  
Author(s):  
Mouna Jouini ◽  
Latifa Ben Arfa Rabai
Keyword(s):  
Cloud Computing ◽  
Risk Management ◽  
Cyber Security ◽  
Economic Security ◽  
Public Utility ◽  
Cloud Provider ◽  
Security Model ◽  
Security Risk ◽  
Cloud Computing System ◽  
Security Risk Management

Cloud computing is a growing technology used by several organizations because it presents a cost effective policy to manage and control Information Technology (IT). It delivers computing services as a public utility rather than a personal one. However, despite these benefits, it presents many challenges including access control and security problems. In order to assess security risks, the paper gives an overview of security risk management metrics. Then, it illustrates the use of a cyber security measure to describe an economic security model for cloud computing system. Moreover, it proposes a cloud provider business model for security issues. Finally, the paper shows a solution related to the vulnerabilities in cloud systems using a new quantitative metric to reduce the probability that an architectural components fails. The main aim of this article is to quantify security threats in cloud computing environments due to security breaches using a new security metric.

The Rigorous Security Risk Management Model

2018 ◽  
pp. 1299-1317
Author(s):  
Neila Rjaibi ◽  
Latifa Ben Arfa Rabai
Keyword(s):  
Risk Management ◽  
Cyber Security ◽  
Linear Models ◽  
Management Model ◽  
Security Risk ◽  
Security Threat ◽  
Risk Management Process ◽  
Failure Cost ◽  
The Mean ◽  
Security Risk Management

This chapter presents the security concepts terminologies (threat, risk, security risk management, security risk management process, security threat model) and present the state of the art of security risk management models, compare and discuss strengths and weaknesses of such models. Then it presents the Mean Failure Cost (MFC) model for quantifying security threats as a rigorous measure of cyber security, and as a cascade of linear models in order to estimate the system security using the loss of a given stakeholders as a result of security breakdown. Finally it presents an overview of the applicability of the MFC measure to e-systems. In the conclusion, the chapter criticizes the MFC Cyber Security Measure and presents an overview of different perspectives.

Real-Time Cyber Security Risk Management

ITNOW ◽  
2015 ◽  
Vol 57 (4) ◽  
pp. 26-27 ◽  
Author(s):  
S. Marvell
Keyword(s):  
Risk Management ◽  
Real Time ◽  
Cyber Security ◽  
Security Risk ◽  
Security Risk Management

IT Security Risk Management Model for Cloud Computing

2013 ◽  
Vol 4 (4) ◽  
pp. 1-19 ◽  
Author(s):  
Gunnar Wahlgren ◽  
Stewart Kowalski
Keyword(s):  
Cloud Computing ◽  
Risk Management ◽  
It Security ◽  
Maturity Model ◽  
Security Risk ◽  
Cloud Computing Environment ◽  
New Approach ◽  
Capability Maturity ◽  
Security Risk Management ◽  
Security Incidents

The authors combined ISO 27005 framework for IT Security Risk Management with NIST Multitier framework. With this combined framework the authors create a new approach to IT Security Risk Management where IT Security Risk Management is place at the strategic, tactical and operational levels of an organizational. In this paper the authors concentrate on the monitoring and communication steps of IT Security Risk Management and especially escalation of new IT Security Incidents. The authors present a first draft to an IT Security Risk Escalation Capability Maturity Model based on ISACA´s Risk IT Framework. Finally the authors apply the approach to typical cloud computing environment as a first step to evaluate this new approach.

The Rigorous Security Risk Management Model

2018 ◽  
pp. 452-470
Author(s):  
Neila Rjaibi ◽  
Latifa Ben Arfa Rabai
Keyword(s):  
Risk Management ◽  
Cyber Security ◽  
Linear Models ◽  
Management Model ◽  
Security Risk ◽  
Security Threat ◽  
Risk Management Process ◽  
Failure Cost ◽  
The Mean ◽  
Security Risk Management

This chapter presents the security concepts terminologies (threat, risk, security risk management, security risk management process, security threat model) and present the state of the art of security risk management models, compare and discuss strengths and weaknesses of such models. Then it presents the Mean Failure Cost (MFC) model for quantifying security threats as a rigorous measure of cyber security, and as a cascade of linear models in order to estimate the system security using the loss of a given stakeholders as a result of security breakdown. Finally it presents an overview of the applicability of the MFC measure to e-systems. In the conclusion, the chapter criticizes the MFC Cyber Security Measure and presents an overview of different perspectives.

Sign in / Sign up

Export Citation Format

Share Document