ArticlePDF Available

Abstract and Figures

Cloud computing offers benefits in terms of availability and cost, but transfers the responsibility of information security management for the cloud service provider. Thus the consumer loses control over the security of their information and services. This factor has prevented the migration to cloud computing in many businesses. This paper proposes a model where the cloud consumer can perform risk analysis on providers before and after contracting the service. The proposed model establishes the responsibilities of three actors: Consumer, Provider and Security Labs. The inclusion of actor Security Labs provides more credibility to risk analysis making the results more consistent for the consumer.
Content may be subject to copyright.
Revista de Sistemas de Informação da FSMA
n. 17 (2016) pp. ??-??
http://www.fsma.edu.br/si/sistemas.html
RACLOUDS - Model for Clouds Risk Analysis in the
Information Assets Context
Paulo Fernando Silva, Carlos Becker Westphall, Carla Merkle Westphall
Networks and Management Laboratory
Post-Graduate Program in Computer Science
Federal University of Santa Catarina, Florianópolis, Brazil
Abstract Cloud computing offers benefits in terms of
availability and cost, but transfers the responsibility of
information security management for the cloud service provider.
Thus the consumer loses control over the security of their
information and services. This factor has prevented the
migration to cloud computing in many businesses. This paper
proposes a model where the cloud consumer can perform risk
analysis on providers before and after contracting the service.
The proposed model establishes the responsibilities of three
actors: Consumer, Provider and Security Labs. The inclusion of
actor Security Labs provides more credibility to risk analysis
making the results more consistent for the consumer.
Keywords – cloud computing; risk analysis;
I. I
NTRODUCTION
Cloud computing is a paradigm that provides the possibility
of access to applications and infrastructure software and
hardware as a service. The cloud structure is provided to Cloud
Consumers (CC) by a Cloud Service Provider (CSP) and is
usually classified in Software as a Service (SaaS), Platform as
a Service (PaaS) or Infrastructure as a Service (IaaS) [1].
The cloud computing paradigm has changed the
environment for technology companies. These companies are
migrating from an isolated environment with few servers and
applications to integrated environments with lots of different
applications and servers. This new reality of information
technology brings many security challenges for CSPs, and a lot
of mistrust for CCs [2][3].
Adopting a cloud service generates for the CCs a huge
challenge because unless cloud providers can readily disclose
their security controls and the scope of their implementation to
the client, so that he knows what controls are used to maintain
the security of his information, there is huge potential for poor
decisions and negative.
A new strategy for managing security challenges in cloud
computing is risk analysis. Risk analysis is the identification of
threats and vulnerabilities that can generate incidents, and the
quantification of the impact that these incidents may have on
the CC’s information assets [4].
This paper proposes a collaborative risk analysis model in
cloud computing. This new model combines the traditional
actors CSP and CC, while also adding a new actor, the
Information Security Laboratory – ISL. The ISL is responsible
for acting collaboratively in specifying information security
requirements for cloud computing. An ISL can be a laboratory
or public, private or academic information security group with
an interest in collaborating with information security in cloud
computing which will then serve as a third party with no vested
interests in the transaction, becoming able, then, to
independently access all the flaws and qualities of whichever
contract is defined.
The rest of this paper is organised as follows. Section 2
discusses the related works. The proposed model is presented
in Section 3. Section 4 describes results and discussions. We
conclude the paper and present future work in Section 5.
II. R
ELATED
W
ORK
Rot and Sobinska [5] discusses new information security
threats specifically applied in cloud computing environments.
The survey says that there are always new threats related to
cloud computing and the constant evaluation of these threats is
necessary to ensure the safety of information and services in
the cloud.
Bleikertz and Mastelic [6] mentions that although there are
several parties involved in providing cloud services, a cloud
client still has a hard time assessing threats, vulnerabilities and
risks of cloud environment that consumes. Hence, models are
needed that allow for the systematic evaluation of the CSP by
the CC. The authors also proposed a high-level model for CCs
to evaluate the safety of CSPs. The model is based on the
description of "what-if" scenarios and the systematic evaluation
of these scenarios in the cloud environment.
Ristov and Gusev [7] presents a safety assessment of the main cloud environments open source. The study analyzed the
Complete Reference: Silva, P. F; Westphall, C. B.; Westphall, C. M., "RACLOUDS - Model for Clouds Risk
Analysis in the Information Assets Context", Revista de Sistemas de Informação da FSMA n 17(2016) pp. ??-??
Silva, P. F; Westphall, C. B.; Westphall, C. M. / Revista de Sistemas de Informação da FSMA 17 (2016) pp ??-??
environments OpenStack, Eucalyptus, OpenNebula and
CloudStack considering security aspects defined by ISO 27001
as: stability, implementation, operation, monitoring and review.
The study shows that all evaluated environments are not fully
compliant with most of the ISO 27001 requirements.
A cloud security assessment based on ISO 27001 is also
presented by [8]. The paper presents some security controls
ISO 27001 information applied to cloud computing, and
security metrics for such controls. The paper concludes that
many controls cited on ISO 27001 are also importants to cloud
computing cenarious.
Alebrahim, Hatebur and Goeke [9] states that information
security is a key issue for decision making on the acquisition of
cloud computing services and the ISO 27001 provides a
general standard for the treatment of this issue. The authors
also said that risk analysis is an essential part of ISO 27001
and, therefore, proposes a structured approach to the
identification of information assets, threats and vulnerabilities.
Cayirci, Garaga, Oliveira and Roudier [10] presents a
model for cloud risk assessment in which the customer can
carry out the assessment and analyze the risk of adopting a
particular cloud provider. The author notes that this is an
essential approach to the cloud customer to carry out the most
appropriate decision-making in relation to its risk profile.
In [11] authors states that information security-related
issues are among the top reasons for organizations to prevent
the adoption of cloud computing services. The paper presents a
model for CSP risk assessment considering the level of security
provided for a particular application allocated in their
environment, whose main benefit is a new model for risk
assessment on CSP
Gupta, Mulero, Matthews, Dominiak, Omerovic, Aranda
and Seycek [12] points out the amount of cloud service
providers available in the market is increasing, all of them
providing various types of services. This fact only complicates
the decision on the adoption of a particular cloud provider by
the customer. Therefore, there is an increasing amount of
research that aims to provide the CC information to support his
decision to choose his cloud provider. The author works in the
approach of decision support systems for risk analysis of the
particular cloud provider selection. Finally, as a proof of
concept of goal, the paper presents a prototype of the proposed
model.
The related works presented above discuss models and
definitions of requirements for risk analysis in cloud
computing, but they don’t comment on the definition of the
actors involved and their interactions during the execution of
risk analysis. They also have no possibility of upgrading or
evolving their security requirements, which are often described
statically.
The risk analysis solutions for cloud computing identified
in this section have different limitation levels in aspects of
scope, adherence and independence of the risk analysis. The
issue of scope relates to the definition of the scope of safety
requirements applied to risk analysis. The adherence aspect is
whether they consider the customer's business nature in the
calculation of risk analysis. The independence aspect is on
whether they carry out risk analysis so that its specification,
implementation and results are not influenced by the interests
of specific agents, such as CSP. These three aspects are the
main focus of this paper.
III. T
HE
RAC
LOUDS
A
RCHITECTURE
The risk analysis performed by RAClouds [13][14] is based
on concepts defined by ISO 27001. In this context, threats
exploit vulnerabilities that impact on information assets. The
probability of an event occurring is calculated from the degree
of exposure to a threat and the degree of disability of a
vulnerability. The risk is calculated from the probability that an
incident occurs and the impact of this incident.
In RACloud model the different existing resources in a
cloud computing environment are grouped into RCs (Resource
Category). Table 1 shows the 10 categories of cloud resources
RACloud model.
Table 1. Resource Categories.
Silva, P. F; Westphall, C. B.; Westphall, C. M. / Revista de Sistemas de Informação da FSMA 17 (2016) pp ??-??
A particular threat is correlated with a certain
vulnerability by RACloud model event correlation function
when their resource categories are equal and at least one of
its security properties is equal. This correlation between
threat and vulnerability generates information security
events, as shown in figure 5.
The RACloud model also organizes the different types of
information assets allocated for CC in a cloud computing
environment in four categories of assets (AC - Asset
Category): (i) File, (ii) Database (iii) CC-Software and (iv)
CSP-Software.
The category File consists of any files belonging to the
CC and stored directly in the CSP file system. The second
category, Database, consists of information pertaining to CC
and stored in a database hosted on the CSP cloud
environment. The "CC-Software" consists of developed and
owned by CC systems, but running and available to users via
the CSP environment. CSP-Software consists of information
pertaining to CC and are stored in specific formats of the
CSP and software are accessed through such software
For the generation of information security risk items
RACloud the model performs the correlation between
information security events and information assets. Table 2
shows the correlation between events (using resource
categories) and information assets (using categories of
information assets). The relationships marked with "X"
means that the active information is always associated with
the resource, whereas relationships marked "O" means that
this relation is dependent on the context of information asset.
.
Table 2. Correlation between events and information assets.
Figure 1. Example vulnerability RDL.
.
Silva, P. F; Westphall, C. B.; Westphall, C. M. / Revista de Sistemas de Informação da FSMA 17 (2016) pp ??-??
The RACloud model provides a language for risk
specification, the RDL - Risk Definition Language. The
RDL is specified in XML Schema (XSD) and contains
information about threats, vulnerabilities and information
assets. Figure 1 shows an example of vulnerability RDL,
which describes all the information about the vulnerabilities
used in a given risk analysis. There is the WSRA information
(Web Service Risk Analysis), which defines the address for
the Risk Analysis Web Service.
RAClouds’ risk analysis is organized into two distinct
phases, the risk specification phase and the risk assessment
phase.
The RAClouds interacts with three main actors, which
have well-defined roles in the implementation of risk
analysis. The actors are: Cloud Consumer - CC, Cloud
Service Provider - CSP and Information Security Labs – ISL.
Now, let us explain how all these interactions take place in
each phase.
Figure 2 illustrates the flow of interactions between the
RAClouds components and the ISL, CSP and CC actors
during the specification phase. Initially each of the actors
must register in their respective registry component (Fig. 2a,
b, c), and subsequently interact with the risk specification
repositories.
In the risk specification phase, the ISL's role is to identify
threats and vulnerabilities (RDLs) to the security
requirements in cloud computing environments. From this
identification, the ISL also has the responsibility of
specifying the form of quantification of threats and
vulnerabilities (WSRA), defining how threats and
vulnerabilities will be quantified in a real cloud computing
environment.
Besides specifying one or more RDLs for each security
requirement, the ISL must also implement the form of
quantification of each risk. In order to model RAClouds, risk
quantification is implemented through a Web Service that
runs in an environment under the responsibility of the ISL.
After developing their RDLs and risk quantification Web
Services (WSRAs), the ISL exports the RDL records to the
RAClouds’ RDLs repository (Fig.2-d, e).
The role of the CSP in the risk specification phase is to
import the RDLs logged in the RAClouds and implement the
risk quantification Web Services calls, as defined in the RDL
specified by the ISL (Fig. 2-f, g). To meet the specific risk
assessment needs, the CSP has the responsibility of correctly
implementing and passing the data to the risk quantification
Web Services.
The identification of threats and vulnerabilities is the
responsibility of the ISL and the correct execution of the
quantification of threats and vulnerability is the
responsibility of the CSP, but identification of information
assets and quantification of impact on these assets is the
responsibility of the CC, as this is the actor best suited to
express the size of a loss in the event of an incident. For this,
the CC has a RDLs base of information assets (Fig. 2h).
This concludes the risk specification phase and the
RAClouds is able to initiate the risk assessment of a CSP
according to the requirements defined by the ISL and the
impacts defined by the CC.
Figure 3 illustrates the flow of interactions between the
RAClouds components and the ISL, the CSP and the CC
during risk assessment. The implementation of risk analysis
is distributed among components on all actors involved (CC,
CSP, ISL and RAClouds).
The RAClouds has the Analysis Manager component that
coordinates the interaction between external actors and other
components inside RAClouds. The RDL Manager
components store records of threats and vulnerabilities of
ISLs and information assets of CCs, respectively.
WSRA Evaluator is a component that contains the Web
Services assessment of threats and vulnerabilities identified
by an ISL. WSRA Proxy is a component of the CSP
deployed to handle the call of the Web Services responsible
for the assessment of threats and vulnerabilities. Through
this component the CSP invokes the threats and
vulnerabilities Web Services of the ISL, passing their data
about compliance to the security requirements or lack
thereof.
.
Figure 2. RAClouds specification phase.
Silva, P. F; Westphall, C. B.; Westphall, C. M. / Revista de Sistemas de Informação da FSMA 17 (2016) pp ??-??
.
The risk assessment begins with the CC accessing the
RAClouds and selecting the CSP to be analyzed (Fig. 3a, b).
Then the RAClouds accesses the RDL Manager (Fig.3c) and
for each recorded risk passes to the WSRA Proxy its risk
information (Fig.3d). The CSP then invokes the Web Service
risk assessment from the ISL, according to information
received from the RAClouds (Fig.3d). The Web Service risk
assessment is performed by the ISL and returns the
quantification of threat or vulnerability according to the
parameters passed by the CSP (Fig.3d). The steps "c" and
"d" in Figure 3 are executed for each record in RDL
Repository.
After obtaining a quantification of all impacts (consulting
information assets RDLs, Fig.3e), the RAClouds is able to
perform the risk calculation. Therefore, all records of
quantification of threats, vulnerabilities and impacts of
information assets are correlated and returned to the CC as a
result of risk RDL (Fig.3f), according to the example shown
in figure 5.
.
Figure 3. RAClouds assessment phase.
Figure 4. Evaluation of risk.
IV. RESULTS
AND
DISCUSSION
For testing purposes and discussion, we developed a
prototype RACloud model. From the prototype were
performed phases of risk specification and risk evaluation in
a controlled environment for testing.
In the risk of specification phase, were specified 20 RDL
records vulnerabilities and 20 RDL records threats and 10
RDL records of information assets. The RDL records of
threats and vulnerabilities were specified as threats and
vulnerabilities found in CVE -. Common Vulnerabilities,
Exposures. Also WSRAs and WSRAs Proxy have been
developed for the 40 records of threats and vulnerabilities
specified.
In the risk evaluation phase, the WSRAs Proxy and
WSRAs were performed, quantifing each vulnerability and
threat record. The records of vulnerabilities and threats were
correlated by Analysis Manager component generates 20
events, which were correlated with the records of
information assets, generating 20 risk scenarios.
Figure 4 shows the result of calculation of risk for the 20
risk scenarios (R1 to R20) specified in the prototype.
The lower risk identified was the R16 risk scenario, with
risk of 18.33%. This scenario specifies as information asset
the file transfer service, as vulnerability the unencrypted
password and as threat the unauthorized access.
The greatest risk identified was the risk scenario R14,
Silva, P. F; Westphall, C. B.; Westphall, C. M. / Revista de Sistemas de Informação da FSMA 17 (2016) pp ??-??
with risk of 70.33%. This risk scenario specifies as
information asset the e-mail service, as vulnerability the
weak encryption protocol and as threat the DDoS.
With the risk analysis of the resulting information the CC
may decide to allocate or not their information assets in a
given CSP, or remove their systems of a CSP to present great
risks.
The proposed model aims to reduce the three major
deficiencies presented by current models of cloud risk
analysis: deficiency in scope, deficiency in the adherence
and deficiency in independence of results.
The reduction of the deficiency in the adherence criterion
occurs when the proposed model includes the CC as a key
entity in the risk analysis process. In the model RACloud,
the CC entity acts in active mode on risk analysis, defining
information assets and quantifying impacts on these assets.
The CC is the entity most capable of defining the impacts
and is also the entity that best knows the relevance of each
information asset within its area of operation. Therefore, it is
CC's responsibility to say what the impact will be whether a
system file or database has its integrity, confidentiality or
availability impaired. The CSP and ISL entities have no
automy to identify or quantify impacts on information assets,
because they are not experts in CC business area.
The RACloud model works to reduce the deficiency in
the scope criterion in that it introduces the ISL entity. As the
ISL an entity specialized to information security is the entity
best placed to define security requirements, threats and
vulnerabilities (specification of RDLs) and set as the threats
and vulnerabilities should be quantified (specification of
WSRAs).
The reduction of the deficiency in the independence of
the results criretions comes from the fact that in the model
RACloud the CSP has more restricted responsibilities than in
the models traditionally presented by related work.
Traditionally, the CSP is responsible for defining security
requirements and the tests that are applied to risk assessment
of their own environment. In this scenario the risk
assessment may be biased to the CSP. Including the ISL
entity removes responsibilities traditionally assigned to the
CSP, as identification and quantification of threats and
vulnerabilities, thus making it more reliable the result of risk
analysis.
The proposed model allows multiple ISLs to act in the
definition of RDLs and WSRAs together. Thus the risk
definitions can come from different sources and can be
constantly updated dynamic and collaborative way, forming
a risk settings based on extensive and independent cloud.
The way WSRAs are specified is also a feature that
impacts the improvement scope. The use of Web Services to
specify security requirements allows them to be platform
independent and can be ordered by any CSP. It also allows
the use of a wide variety of techniques for quantification of
threats and vulnerabilities, because the limit is defined only
by the programming language chosen for implementation of
WSRA.
The related works of cloud risk analysis did not consider
the role of CC entity in the risk analysis. These works
usually aim on the vulnerability assessment by the CSP
itself, without considering the impact that the vulnerability
will cause on the different CC information assets. By
assigning the responsibility for identifying and quantifying
the impact of the CC are sharing the risk variables among
different entities, so the responsibility for the quantification
of risk analysis variables is not centralized in one specific
entity.
The CSP is the entity that will be the analyzed then it
doesn’t have the autonomy to set any of the values of risk
analysis, as this could make unreliable risk analysis. The role
of CSP is only inform the data requested by ISL, so that ISL
itself makes the quantification of security requirements.
With RACloud model CC can perform analyzes in
several CSPs before deciding to purchase a cloud computing
service. The CC can also carry out regular reviews of your
current provider and compare them with other providers,
opting for changing its CSP.
The figure below shows the evaluation RDL to the risks
discussed in this section .
Figure 5. Result Risk RDL.
Silva, P. F; Westphall, C. B.; Westphall, C. M. / Revista de Sistemas de Informação da FSMA 17 (2016) pp ??-??
V. C
ONCLUSION
This paper presented a model for risk analysis in cloud
computing environments.
The proposed model changes the generally current
paradigm in research on cloud risk analysis, in which the
CSP entity is responsible for the specification of security
requirements and analysis of these requirements in its own
environment, so the only entity responsible for the results
risk analysis.
To reduce excess CSP responsibility for risk analysis, the
proposed model includes two new entities with active
participation in risk analysis, the CC entity and the ISL
entity.
The model presented in this paper is an initiative of the
CC itself can perform risk analysis on its current or future
CSP. And that this risk analysis is adherent, comprehensive
and independent of the CSP interests.
The characteristics presented in this paper are intended to
generate a more reliable risk analysis for CC, so that it can
choose its CSP based on more consistent information,
specified and analyzed by an exempt entity interests, ISL.
Several papers on cloud computing indicate lack of
confidence from the CC in relation to the CSP as a great
motivator for not acquiring cloud computing services. An
independent risk analysis can act to reduce this mistrust and
promote the acquisition of cloud computing services.
The prototype and the results show the specification and
implementation of an adherent risk analysis, comprehensive
and independent, because the analysis is not centered in the
CSP. The identification and quantification of threats and
vulnerabilities can be performed by many security
laboratories and the impact on the information assets is
defined by the CC itself.
Several future works can be developed from the
RACloud model. There is a need to extend this work to
suggest the controls or countermeasures for CSPs can
mitigate its risks. Searches can be developed on the
reliability of the data reported by the CSP to the ISL for risk
analysis and the specification of risk definition language can
be further explored in specific researches.
R
EFERENCES
[1]
P. Mell and T. Grance, “The NIST Definition of Cloud
Computing,” NIST Special Publication 800-145 (draft), Jan.
2011, pp. 1–7.
[2]
H. Yu et al., “Cloud computing and security challenges”.
ACM-SE '12: Proceedings of the 50th Annual Southeast
Regional Conference. March 2012.
[3]
C. Wang et al., "Toward Secure and Dependable Storage
Services in Cloud Computing," Services Computing, IEEE
Transactions on , vol.5, no.2, pp.220,232, April-June 2012
doi: 10.1109/TSC.2011.24.
[4]
ISO/IEC 27005:2011, Information Security Risk
Management. [Online]. Available: http://www.iso.org.
[5]
A. Rot, and M. Sobinska, “IT security threats in cloud
computing sourcing model”, Computer Science and
Information Systems (Fedcsis), 2013, Federated Conference
On, Publication Year: 2013, Pp. 1153- 1156.
[6]
Bleikertz, S.; Mastelic, T.; Pape, S.; Pieters, W.; Dimkov, T.,
“Defining The Cloud Battlefield - Supporting Security
Assessments By Cloud Customers”, Cloud Engineering
(Ic2e), 2013 Ieee International Conference On, Digital Object
Identifier: 10.1109/Ic2e.2013.31, Publication Year: 2013,
Page(S): 78- 87.
[7]
S. Ristov, And M. Gusev. “Security Evaluation Of Open
Source Clouds”, Eurocon, 2013 Ieee, Digital Object
Identifier: 10.1109/Eurocon. 2013.6624968, Publication Year:
2013, Page(S): 73- 80.
[8]
O. Mirkovic, “Security Evaluation In Cloud”, Information &
Communication Technology Electronics & Microelectronics
(Mipro), 2013 36th International Convention On, Publication
Year: 2013 , Page(S): 1088-1093.
[9]
Alebrahim, A.; Hatebur, D.; Goeke, L., "Pattern-Based And
Iso 27001 Compliant Risk Analysis For Cloud Systems,"
Evolving Security And Privacy Requirements Engineering
(Espre), 2014 Ieee 1st Workshop On , Vol., No., Pp.42,47,
25-25 Aug. 2014.
[10]
Cayirci, E.; Garaga, A.; Santana De Oliveira, A.; Roudier, Y.,
"A Cloud Adoption Risk Assessment Model," Utility And
Cloud Computing (Ucc), 2014 Ieee/Acm 7th International
Conference On , Vol., No., Pp.908,913, 8-11 Dec. 2014.
[11]
M Madria, S.; Sen, A., "Offline Risk Assessment Of Cloud
Service Providers," Cloud Computing, Ieee , Vol.2, No.3,
Pp.50,57, May-June 2015. Doi: 10.1109/Mcc.2015.63.
[12]
Gupta, S.; Muntes-Mulero, V.; Matthews, P.; Dominiak, J.;
Omerovic, A.; Aranda, J.; Seycek, S., "Risk-Driven
Framework For Decision Support In Cloud Service
Selection," Cluster, Cloud And Grid Computing (Ccgrid),
2015 15th Ieee/Acm International Symposium On , Vol., No.,
Pp.545,554, 4-7 May 2015. Doi: 10.1109/Ccgrid.2015.111
[13]
Silva, P. F.; Westphall, C. B.; Westphall, C. M.; Mattos, M.
M. “An Architecture For Risk Analysis In Cloud”. The Tenth
International Conference On Networking And Services.
Infosys 2014. Icns 2014.Charmonix, France. 2014.
[14]
Silva, P. F.; Westphall, C. B.; Westphall, C. M.; Mattos, M.
M. “Model For Cloud Computing Risk Analysis”. The
Fourteenth International Conference On Networks. Icn 2015.
Barcelona, Espanha. 2015.
ResearchGate has not been able to resolve any citations for this publication.
Conference Paper
Full-text available
Several risk analysis solutions have been proposed for cloud computing environments. But these solutions are usually centered on the Cloud Service Provider, have limited scope and do not consider the business requirements of the Cloud Consumer. These features reduce the confiability of the results of a cloud computing risk analysis. This paper proposes a model for cloud computing risk analysis in which responsibilities are not centered in the Cloud Service Provider. The proposed model makes the Cloud Consumer an active entity in risk analysis and includes the Information Security Laboratory entity. A prototype developed from the proposed model demonstrates performing a risk analysis in the cloud with shared responsibilities between the Cloud Service Provider, Cloud Consumer and Information Security Laboratory entities.
Conference Paper
Full-text available
For accepting clouds and using cloud services by companies, security plays a decisive role. For cloud providers, one way to obtain customers’ confidence is to establish security mechanisms when using clouds. The ISO 27001 standard provides general concepts for establishing information security in an organization. Risk analysis is an essential part in the ISO 27001 standard for achieving information security. This standard, however, contains ambiguous descriptions. In addition, it does not stipulate any method to identify assets, threats, and vulnerabilities. In this paper, we present a structured and pattern-based method to conduct risk analysis for cloud computing systems. It is tailored to SMEs. Our method addresses the requirements of the ISO 27001. We make use of the cloud system analysis pattern, security requirement patterns, threat patterns, and control patterns for conducting the risk analysis. The method is illustrated by a cloud logistics application example.
Conference Paper
Full-text available
Cloud computing is becoming more and more popular, but security concerns overshadow its technical and economic benefits. In particular, insider attacks and malicious insiders are considered as one of the major threats and risks in cloud computing. As physical boundaries disappear and a variety of parties are involved in cloud services, it is becoming harder to define a security perimeter that divides insiders from outsiders, therefore making security assessments by cloud customers more difficult. In this paper, we propose a model that combines a comprehensive system model of infrastructure clouds with a security model that captures security requirements of cloud customers as well as characteristics of attackers. This combination provides a powerful tool for systematically analyzing attacks in cloud environments, supporting cloud customers in their security assessment by providing a better understanding of existing attacks and threats. Furthermore, we use the model to construct "what-if" scenarios that could possible lead to new attacks and to raise concerns about unknown threats among cloud customers.
Conference Paper
Full-text available
New information technologies have been developing nowadays at an amazing speed, affecting the functioning of organizations significantly. Due to the development of new technologies, especially mobile ones, borders in the functioning of modern organizations diminish and models of running business change. Almost all organizations are involved in some way in sourcing activities, and each of them develops a sourcing relationship that suits its particular needs. In this article different kinds of outsourcing models were discussed, which are applied in the contemporary management, with particular emphasis put on cloud computing. The main aim of this article is to present the most important risks related to the introduction of management models based on the most recent IT technologies, e.g. cloud computing, and emphasizing the role of appropriate IT security management in the times of globalization of organization virtualization.
Article
The growth in the number of cloud computing users has led to the availability of a variety of cloud based services provided by different vendors. This has made the task of selecting suitable set of services quite difficult. There has been a lot of research towards the development of suitable decision support system (DSS) to assist users in making an optimal selection of cloud services. However, existing decision support systems cannot address two crucial issues: firstly, the involvement of both business and technical perspectives in decision making simultaneously and, secondly, the multiple-clouds services based selection using single DSS. In this paper, we tackle these issues in the light of solving the problem of cloud service discovery. In particular, we present the following novel contributions: Firstly, we present critical analysis of the state-of-the-art in decision support systems. Based on our analysis, we identify critical shortcomings in the existent tools and develop the set of requirements which should be met by a potential DSS. Secondly, we present a new holistic framework for the development of DSS which allows a pragmatic description of user requirements. Additionally, the data gathering and analysis is studied as an integral part of the proposedDSS and therefore, we present concrete algorithms to assess the data for an optimal service discovery. Thirdly, we assess our framework for applicability to cloud service selection using an industrial case study. We also demonstrate the implementation and performance of our proposed framework using a prototype which serves as a proof of concept. Overall, this paper provides novel and holistic framework for development of a multiple cloud service discovery based decision support system.
Article
Cloud Adoption Risk Assessment Model is designed for cloud customers to assess the risks that they face by selecting a specific cloud service provider. It is an expert system to evaluate various background information obtained from cloud customers, cloud service providers and other public external sources, and to analyze various risk scenarios. This would facilitate cloud customers in making informed decision to select the cloud service provider with the most preferable risk profile.
Article
The acceptance of the cloud as an infrastructure to host applications is a growing trend. Facilitating and hosting applications on the cloud reduces support and maintenance costs. However, concerns about the security of these applications is one of the primary reasons organizations avoid complete adoption of cloud services. Although cloud service providers (CSPs) offer standard security, they don't address security with respect to application's security requirements. This article proposes an offline risk-assessment framework to evaluate the security offered by a CSP from the perspective of an application to be migrated to it. Once the most secure CSP is identified for a given application, the proposed framework performs a cost-benefit tradeoff analysis in terms of the security dispensed and service costs to support the formation of an ideal cloud migration plan.
Conference Paper
Cloud Computing recently emerged as a promising solution to information technology (IT) management. IT managers look to cloud computing as a means to maintain a flexible and scalable IT infrastructure that enables business agility. In this paper Cloud Computing services including data storage service, cloud computing operating system and software as a service will be introduced, Cloud Computing security challenges will be discussed and Cisco Secure Cloud Data Center Framework will be presented.
Conference Paper
In this paper we analyze most common open source cloud architectures. We installed OpenStack, Eucalyptus, Open-Nebula, and CloudStack and evaluated the security aspects of their architecture and their compliance with security requirements defined by the ISO 27001:2005 standard which specifies the requirements for establishing, implementing, operating, monitoring, reviewing, maintaining and improving a documented Information Security Management System within the context of the organization's overall business risks. Although the analyzed open source cloud solutions offer scalable and flexible platforms for IaaS and provide a lot of security measures, still our research results show security incompliance with several ISO 27001:2005 controls and control objectives that directly depend on cloud software solutions.