A risk assessment model for selecting cloud service providers

被引：34

作者：

Cayirci, Erdal ^{[1
]}

Garaga, Alexandr ^{[2
,3
]}

de Oliveira, Anderson Santana ^{[2
]}

Roudier, Yves ^{[3
]}

机构：

[1] Univ Stavanger, Elect & Comp Engn Dept, Stavanger, Norway

[2] SAP Labs France, Mougins, France

[3] Eurecom, Network Secur Team, Biot, France

来源：

JOURNAL OF CLOUD COMPUTING-ADVANCES SYSTEMS AND APPLICATIONS | 2016年 / 5卷

关键词：

Risk assessment; Cloud computing; Security; Privacy;

D O I：

10.1186/s13677-016-0064-x

中图分类号：

TP [自动化技术、计算机技术];

学科分类号：

0812 ;

摘要：

The Cloud Adoption Risk Assessment Model is designed to help cloud customers in assessing the risks that they face by selecting a specific cloud service provider. It evaluates background information obtained from cloud customers and cloud service providers to analyze various risk scenarios. This facilitates decision making an selecting the cloud service provider with the most preferable risk profile based on aggregated risks to security, privacy, and service delivery. Based on this model we developed a prototype using machine learning to automatically analyze the risks of representative cloud service providers from the Cloud Security Alliance Security, Trust & Assurance Registry.

引用

页数：12

共 22 条

[11] Cayirci E, 2013, WINT SIMUL C PROC, P1347, DOI 10.1109/WSC.2013.6721521
[12] Cloud Security Alliance, SEC CSA TRUST ASS RE
[13] Probabilistic Risk Analysis and Terrorism Risk
Ezell, Barry Charles
Bennett, Steven P.
von Winterfeldt, Detlof
Sokolowski, John
Collins, Andrew J.
[J]. RISK ANALYSIS, 2010, 30 (04) : 575 - 589
[14] Garaga A, 2014, TECHNICAL REPORT
[15] A Trust-aware Framework for Evaluating Security Controls of Service Providers in Cloud Marketplaces
Habib, Sheikh Mahbub
Varadharajan, Vijay
Muehlhaeuser, Max
[J]. 2013 12TH IEEE INTERNATIONAL CONFERENCE ON TRUST, SECURITY AND PRIVACY IN COMPUTING AND COMMUNICATIONS (TRUSTCOM 2013), 2013, : 459 - 468
[16] Towards a Trust Management System for Cloud Computing
Habib, Sheikh Mahbub
Ries, Sebastian
Muehlhaeuser, Max
[J]. TRUSTCOM 2011: 2011 INTERNATIONAL JOINT CONFERENCE OF IEEE TRUSTCOM-11/IEEE ICESS-11/FCST-11, 2011, : 933 - 939
[17] Kaplan S., RISK ANAL, V1, P11, DOI [10.1111/j.1539-6924.1981.tb01350.x, DOI 10.1111/J.1539-6924.1981.TB01350.X]
[18] Luna Garcia J., 2012, Proceedings of the 2012 ACM Workshop on Cloud computing security workshop, P103, DOI [DOI 10.1145/2381913.2381932, 10.1145/2381913.2381932]
[19] Luna J, 2011, QUANTITATIVE ASSESSM
[20] Luna JA, 2015, INCULTURACION DE LA IGLESIA EN EL PUEBLO INDIGENA DE RIOBAMBA, P1

← 1 2 3 →