Threat-specific security risk evaluation in the cloud

Armstrong Nhlabatsi, Jin Bum Hong, Dong Seong Kim, Rachael Fernandez, Alaa Hussein, Noora Fetais, Khaled M.D. Khan

Research output: Contribution to journalArticle

5 Citations (Scopus)

Abstract

Existing security risk evaluation approaches (e.g., asset-based) do not consider specific security requirements of individual cloud computing clients in the security risk evaluation. In this paper, we propose a threat-specific risk evaluation approach that uses various security attributes of the cloud (e.g., vulnerability information, the probability of an attack, and the impact of each attack associated with the identified threat(s)) as well as the client-specific security requirements in the cloud. Our approach allows a security administrator of the cloud provider to make fine-grained decisions for selecting mitigation strategies in order to protect the outsourced computing assets of individual clients based on their specific security needs against specific threats. This is different from the existing asset-based approaches where they do not have the functionalities to provide the security evaluation of the cloud with respect to specific threats. On the other hand, the proposed approach enables security administrators to compute a range of more effective client-specific countermeasures with respect to the importance of security requirements and threats. The experimental evaluation results demonstrate that effective security solutions vary due to specific threats prioritized by different clients for an application in the cloud. Further, the proposed approach is not limited to only the cloud-based systems, but can easily be adopted to other networked systems. We have also developed a software tool to support the proposed approach.
Original languageEnglish
JournalIEEE Transactions on Cloud Computing
DOIs
Publication statusE-pub ahead of print - 23 Nov 2018

Fingerprint Dive into the research topics of 'Threat-specific security risk evaluation in the cloud'. Together they form a unique fingerprint.

Cite this