Total views : 406

Analyzing Impacts of Cloud Computing Threats in Attack based Classification Models

Affiliations

  • Amity University, Mumbai - 410206, Maharashtra, India
  • K. J. Somaiya Institute of Management Studies and Research, Mumbai - 400077, Maharashtra, India

Abstract


Objective: This paper makes an attempt to analyze the threats and vulnerabilities of a cloud based system and propose a threat modeling and process associating with. Different models can help policy makers to evaluate common criteria which in turn can help to create threat specific plan to have a customized solution. Methods/Analysis: This paper is an attempt to contribute to the existing research in the area of cloud security. It also analyzes the impact of threats and usage of threat models to improve the security aspects of data in transit and storage. This research uses an analytical research methodology. It tries to analyze various models in terms of their impact and usage to various organizations to combat threats on their data and networks. Existing literature has been studied and analyzed on various parameters to further study the recovery procedures and contingency planning. Findings: Different models can help policy makers to evaluate common criteria which in turn can help to create threat specific plan to have a customized solution. Applications: Cloud computing is an upcoming technology which is fascinating varied type of organizations. Even though it is widely adopted positively by different set of organizations, it also has its own security issues at different levels. To create a better security plan for an organization, precise calculation of attacks at different levels need to be determined and the impact should be estimated. To enable the same, well-accepted methods are to be determined which can help the users to map their systems with the solutions to have a better visualization.

Keywords

Cloud Computing, Model, STRIDE, Security, Threats.

Full Text:

 |  (PDF views: 354)

References


  • Gartner Highlights Five Attributes of Cloud Computing. 2015. Available from: http://www.gartner.com/newsroom/ id/1035013
  • Kirubakaramoorthi R, Arivazhagan D, Helen D. Analysis of cloud computing technology. Indian Journal of Science and Technology. 2015 Sep; 8(21). doi no:10.17485/ijst/2015/ v8i21/79144.
  • Vulnerability (computing). 2015. Available from: https:// en.wikipedia.org/wiki/Vulnerability_(computing)
  • Vulnerabilities, Threats and Attacks. 2015. Available from: http://ptgmedia.pearsoncmg.com/images/1587131625/ samplechapter/1587131625content.pdf
  • Bertino E, et al. Web Services Threats, Vulnerabilities and Counter Measures. Security for Web Services and ServiceOriented Architectures. Berlin Heidelberg: Springer-Verlag; 2010. Doi no: 10.1007/978-3-540-87742-43
  • Threat (computer). 2015. Available from: https:// en.m.wikipedia.org/wiki/Threat_agent
  • Network security types of attacks. 2015. Available from: http://computernetworkingnotes.com/network-securityaccesslists-standards-and-extended/types-of-attack.html
  • Jouini M, Ben Arfa Rabai L, Ben Aissa A. Classification of security threats in information systems. 5th International Conference on Ambient Systems, Networks and Technologies (ANT2014); 2014.
  • Gordon LA, Loeb MP, Lucyshyn W, Richardson R. CSI/FBI Computer Crime and Security Survey – 2006. 11th Annual CSI/FBI Computer Crime and Security Survey; 2006.
  • McCue A. Beware the insider security threat. CIO Jury; 2008. Available from: http://www.silicon.com/ management/cio-insights/2008/04/17/bewaretheinsidersecuritythreat-39188671/
  • Rehausser P, Zimmer W, Gliesche O-S. Threat modeling for re-architecting security in cloud computing. 2015.
  • Microsoft MSDN. 2015. Threat modeling, Chapter 3. Available from: https://msdn.microsoft.com/en-us/library/ ff648644.aspx
  • Ruf L, Thorn A, Christen T. Gruber B, Suisse AG, Portmann R, Luzer H. Threat modeling in security architecture - The nature of threats. ISSS Working Group on Security Architectures.
  • Sandrogeric, Zeljkohutinski. Information system security threats classifications. Journal of Information and Organizational Sciences. 2007; 31(1).
  • Alhabeeb M, Almuhaideb A, Le P, Srinivasan B. Information security threats classification pyramid. 24th IEEE International Conference on Advanced Information Networking and Applications Workshops; 2010. p. 208-13.
  • Kamongi P, Gomathisankaran M, Kavi K. Nemesis: Automated architecture for threat modeling and risk assessment for cloud computing. 2014.
  • Jouinia M, Ben Arfa Rabaia L, Ben Aissa A. Classification of security threats info system. 5th International Conference on Ambient Systems, Networks and Technologies (ANT-2014); 2014.
  • Reisman B, Ruebush M. MCSE: Windows server 2003 network security design study guide: Exam 70-298; Chapter 2. Identifying and designing potential threats.
  • The STRIDE Threat Model. 2015. Available from: https:// msdn.microsoft.com/en-us/library/ee823878(v=cs.20% 29.aspx

Refbacks

  • There are currently no refbacks.


Creative Commons License
This work is licensed under a Creative Commons Attribution 3.0 License.