Show simple item record

AuthorNhlabatsi A.
AuthorHong J.B.
AuthorKim D.S.
AuthorFernandez R.
AuthorFetais N.
AuthorKhan K.M.
Available date2020-03-18T08:10:08Z
Publication Date2018
Publication NameProceedings - 2018 IEEE 18th International Conference on Software Quality, Reliability, and Security, QRS 2018
ResourceScopus
URIhttp://dx.doi.org/10.1109/QRS.2018.00049
URIhttp://hdl.handle.net/10576/13315
AbstractConventional security risk assessment approaches for cloud infrastructures do not explicitly consider risk with respect to specific threats. This is a challenge for a cloud provider because it may apply the same risk assessment approach in assessing the risk of all of its clients. In practice, the threats faced by each client may vary depending on their security requirements. The cloud provider may also apply generic mitigation strategies that are not guaranteed to be effective in thwarting specific threats for different clients. This paper proposes a threat-specific risk assessment framework which evaluates the security risk with respect to specific threats by considering only those threats that are relevant to a particular cloud client. The risk assessment process is divided into three phases which have inter-related activities arranged in a spiral. An application of the framework to a cloud deployment case study shows that considering risk with respect to specific threats leads to a more accurate quantification of security risk. Although our framework is motivated by security risk assessment challenges in the cloud it can be applied in any network environment. ? 2018 IEEE.
SponsorACKNOWLEDGMENT This paper was made possible by Grant NPRP 8-531-1-111 from Qatar National Research Fund (QNRF). The statements made herein are solely the responsibility of the authors.
Languageen
PublisherInstitute of Electrical and Electronics Engineers Inc.
Subjectassessment framework
cloud
TitleSpiralSRA: A threat-specific security risk assessment framework for the cloud
TypeConference
Pagination367 - 374
dc.accessType Abstract Only


Files in this item

FilesSizeFormatView

There are no files associated with this item.

This item appears in the following Collection(s)

Show simple item record