عرض بسيط للتسجيلة

المؤلفHong J.B.
المؤلفNhlabatsi A.
المؤلفKim D.S.
المؤلفHussein A.
المؤلفFetais N.
المؤلفKhan K.M.
تاريخ الإتاحة2020-04-25T01:02:19Z
تاريخ النشر2019
اسم المنشورComputer Networks
المصدرScopus
الرقم المعياري الدولي للكتاب13891286
معرّف المصادر الموحدhttp://dx.doi.org/10.1016/j.comnet.2018.12.009
معرّف المصادر الموحدhttp://hdl.handle.net/10576/14425
الملخصWhen a vulnerability is discovered in a system, some key questions often asked by the security analyst are what threat(s) does it pose, what attacks may exploit it, and which parts of the system it affects. Answers to those questions provide the necessary information for the security assessment and to implement effective countermeasures. In the cloud, this problem is more challenging due to the dynamic characteristics, such as elasticity, virtualization, and migration - changing the attack surface over time. This survey explores threats to the cloud by investigating the linkages between threats, attacks and vulnerabilities, and propose a method to identify threats systematically in the cloud using the threat classifications. First, we trace vulnerabilities to threats by relating vulnerabilities-to-attacks, and then relating attacks-to-threats. We have established the traceability through an extensive literature review and synthesis that resulted in a classification of attacks in the cloud, where we use the Microsoft STRIDE threat modeling approach as a guide for relating attacks to threats. Our approach is the genesis towards a concrete method for systematically identifying potential threats to assets provisioned and managed through the cloud. We demonstrate the approach through its application using a cloud deployment case study scenario.
راعي المشروعThis paper was made possible by Grant NPRP8-531-1-111 from Qatar National Research Fund (QNRF)
اللغةen
الناشرElsevier B.V.
الموضوعAttack classification
Cloud computing
Threat identification
Threats classification
Vulnerabilities
العنوانSystematic identification of threats in the cloud: A Survey
النوعArticle
الصفحات46-69
رقم المجلد150
dc.accessType Abstract Only


الملفات في هذه التسجيلة

الملفاتالحجمالصيغةالعرض

لا توجد ملفات لها صلة بهذه التسجيلة.

هذه التسجيلة تظهر في المجموعات التالية

عرض بسيط للتسجيلة