Show simple item record

AdvisorKhan, Khaled
AuthorHussein, Alaa Sayed Ahmed
Available date2019-02-28T08:01:31Z
Publication Date2018-06
URIhttp://hdl.handle.net/10576/11358
AbstractWith the spread of using cloud computing; both as organizations and individual, it has become a target for attackers. The cloud environment has several weaknesses that pose threats to its users’ assets. To assess any type of attacks, security administrators must regularly apply threat modelling techniques and run risk evaluation on cloud infrastructures. This allows them to identify risky assets and identify appropriate security controls to mitigate the risks. One of the key challenges with current risk evaluation approaches is that they do not distinguish the risks posed by different threats. The computation of the risk value compounds all threats. In this project, we propose a threat-specific risk evaluation tool for security administrators. The tool allows security administrators to model topologies of their organization’s networks. Then, using specific formulas, the tool will calculate the risk values for the entire system and for each component of the system with respect to specific threats based on Microsoft’s STRIDE threat categorization. The key features of the tool are demonstrated through its application to cloud deployment example.
Languageen
SubjectThreat Modelling
STRIDE Threat Model
TitleA Threat-Specific Risk Evaluation Tool For Cloud Environments
TypeProfessional Masters Project
DepartmentComputing
dc.accessType Open Access


Files in this item

Thumbnail

This item appears in the following Collection(s)

Show simple item record