Cardiff University | Prifysgol Caerdydd ORCA
Online Research @ Cardiff 
WelshClear Cookie - decide language by browser settings

Assessing data breach risk in cloud systems

Rahulamathavan, Yogachandran, Rajarajan, Muttukrishnan, Rana, Omer Farooq ORCID: https://orcid.org/0000-0003-3597-2646, Awan, Malik, Burnap, Peter ORCID: https://orcid.org/0000-0003-0396-633X and Das, Sajal K. 2015. Assessing data breach risk in cloud systems. Presented at: 7th International Conference on Cloud Computing Technology and Science (CloudCom), Vancouver, BC, Canada, 30 Nov-3 Dec 2015. 2015 IEEE 7th International Conference on Cloud Computing Technology and Science (CloudCom). IEEE, pp. 363-370. 10.1109/CloudCom.2015.58

Full text not available from this repository.

Abstract

The emerging cloud market introduces a multitude of cloud service providers, making it difficult for consumers to select providers who are likely to be a low risk from a security perspective. Recently, significant emphasis has arisen on the need to specify Service Level Agreements that address security concerns of consumers (referred to as SecSLAs) -- these are intended to clarify security support in addition to Quality of Service characteristics associated with services. It has been found that such SecSLAs are not consistent among providers, even though they offer services with similar functionality. However, measuring security service levels and the associated risk plays an important role when choosing a cloud provider. Data breaches have been identified as a high priority threat influencing the adoption of cloud computing. This paper proposes a general analysis framework which can compute risk associated with data breaches based on pre-agreed SecSLAs for different cloud providers. The framework exploits a tree based structure to identify possible attack scenarios that can lead to data breaches in the cloud and a means of assessing the use of potential mitigation strategies to reduce such breaches.

Item Type: Conference or Workshop Item (Paper)
Date Type: Publication
Status: Published
Schools: Computer Science & Informatics
Subjects: Q Science > QA Mathematics > QA75 Electronic computers. Computer science
Publisher: IEEE
Funders: Engineering and Physical Sciences Research Council
Last Modified: 18 Nov 2022 03:42
URI: https://orca.cardiff.ac.uk/id/eprint/87608

Citation Data

Cited 4 times in Scopus. View in Scopus. Powered By Scopus® Data

Actions (repository staff only)

Edit Item Edit Item