ARISK MODEL FOR CLOUD PROCESSES

Q: How can I download an article?

To download an article from SID, first log in to the site, search for the article title, and click on the 'Download Article' option.

Q: How can I download an ISI article?

To download an ISI article on SID, enter the keyword or article title in the search bar, view the relevant results, click on the desired article, and select the 'Download Article' option.

Q: How can I access the SID database?

To access the SID database, visit SID.ir, create an account, and log in to access scientific resources.

Q: Is downloading articles from SID free?

Some articles on SID are available for free, while others require payment. Details are specified on the article's page.

DAMIANI ERNESTO; CIMATO STELVIO; GIANINI GABRIELE

مرکز اطلاعات علمی Scientific Information Database (SID) - Trusted Source for Research and Academic Resources

Journal Paper

Paper Information

Journal: THE ISC INTERNATIONAL JOURNAL OF INFORMATION SECURITY Year:2014 | Volume:6 | Issue:2 Page(s): 99-123

Download Full-Text

Persian Verion

View:

313

Download:

Cites:

Information Journal Paper

Title

ARISK MODEL FOR CLOUD PROCESSES

Author(s)

DAMIANI ERNESTO | CIMATO STELVIO | GIANINI GABRIELE | Issue Writer Certificate

Keywords

CLOUD COMPUTINGQ1

VALUE OF INFORMATIONQ2

RISK ASSESSMENTQ2

SECURE COMPUTATIONQ2

Abstract

Traditionally, RISK ASSESSMENT consists of evaluating the probability of \feared events", corresponding to known threats and attacks, as well as these events' severity, corresponding to their impact on one or more stakeholders. Assessing risks of cloud-based processes is particularly difficult due to lack of historical data on attacks, which has prevented frequency-based identification of \typical" threats and attack vectors. Also, the dynamic, multi-party nature of cloud-based processes makes severity assessment very dependent on the particular set of stakeholders involved in each process execution. In this paper, we tackle these problems by presenting a novel, process-oriented quantitative RISK ASSESSMENT methodology aimed at disclosure risks on CLOUD COMPUTING platforms. Key advantages of our methodology include (i) a fully quantitative and iterative approach, which enables stakeholders to compare alternative versions of cloud-based processes (e.g., with and without security controls) (ii) non-frequency-based probability estimates, which allow analyzing threats for which a detailed history is not available (iii) support for quick visual comparisons of risk profiles of alternative processes even when impact cannot be exactly quantified.

Cites

No record.

References

No record.

Cite

APA: Copy

. (2014). ARISK MODEL FOR CLOUD PROCESSES. THE ISC INTERNATIONAL JOURNAL OF INFORMATION SECURITY, 6(2 ), 99-123. SID. https://sid.ir/paper/241791/en

Vancouver: Copy

. ARISK MODEL FOR CLOUD PROCESSES. THE ISC INTERNATIONAL JOURNAL OF INFORMATION SECURITY[Internet]. 2014;6(2 ):99-123. Available from: https://sid.ir/paper/241791/en

IEEE: Copy

, “ARISK MODEL FOR CLOUD PROCESSES,” THE ISC INTERNATIONAL JOURNAL OF INFORMATION SECURITY, vol. 6, no. 2 , pp. 99–123, 2014, [Online]. Available: https://sid.ir/paper/241791/en

Related Journal Papers