Comparative Study of Information Security Risk Assessment Models for Cloud Computing systems

被引:10
作者
Jouini, Mouna [1 ]
Rabai, Latifa Ben Arfa [1 ]
机构
[1] Inst Super Gest, Lab SOIE, Tunis, Tunisia
来源
7TH INTERNATIONAL CONFERENCE ON AMBIENT SYSTEMS, NETWORKS AND TECHNOLOGIES (ANT 2016) / THE 6TH INTERNATIONAL CONFERENCE ON SUSTAINABLE ENERGY INFORMATION TECHNOLOGY (SEIT-2016) / AFFILIATED WORKSHOPS | 2016年 / 83卷
关键词
Cloud Computing; Cyber security; Quantitative risk assessment models; security risk assessment; Risk assessment models comparison; THREATS;
D O I
10.1016/j.procs.2016.04.227
中图分类号
TP301 [理论、方法];
学科分类号
081202 ;
摘要
This paper reviews the state of the art in cyber security risk assessment of Cloud Computing systems. We select and examine in detail the quantitative security risk assessment models developed for or applied especially in the context of a Cloud Computing system. We review and then analyze existing models in terms of aim; the stages of risk management addressed; key risk management concepts covered; and sources of probabilistic data. Based on the analysis, we propose as well a comparison between these models to pick out limits and advantages of every presented model. (C) 2016 The Authors. Published by Elsevier B.V.
引用
收藏
页码:1084 / 1089
页数:6
相关论文
共 18 条
[1]   Quantifying security threats and their potential impacts: a case study [J].
Ben Aissa, Anis ;
Abercrombie, Robert K. ;
Sheldon, Frederick T. ;
Mili, Ali .
INNOVATIONS IN SYSTEMS AND SOFTWARE ENGINEERING, 2010, 6 (04) :269-281
[2]  
Ben Arfa Rabai L, 2013, J KING SAUD U COMPUT
[3]  
Böhme R, 2008, LECT NOTES COMPUT SC, V4909, P176, DOI 10.1007/978-3-540-68947-8_15
[4]  
Demchenko Y, 2000, WEB SERVICES GRID SE
[5]  
Emam A., 2013, INT J SOFT COMPUT EN, V3, P110
[6]  
Hale M., 2012, P 8 IEEE WORLD C SER
[7]  
IDG Cloud Computing Survey, 2014, CLOUD CONT TRANSF BU
[8]  
ISO/IEC, 2007, 270052007 ISOIEC
[9]  
Jouini Mouna, 2014, International Journal of Organizational and Collective Intelligence, V4, P1, DOI 10.4018/ijoci.2014070101
[10]  
Jouini M., 2012, INT J CYBER SECURITY, V1, P265
12