Cloud Security Requirement Based Threat Analysis

被引:0
|
作者
Taha, Ahmed [1 ]
Lawall, Alexander [1 ]
Suri, Neeraj [2 ]
机构
[1] IUAS, Bad Honnef, Germany
[2] Univ Lancaster, Lancaster, England
来源
2023 INTERNATIONAL CONFERENCE ON COMPUTING, NETWORKING AND COMMUNICATIONS, ICNC | 2023年
关键词
Threat Analysis; Cloud Security; Service's dependencies;
D O I
10.1109/ICNC57223.2023.10074275
中图分类号
TP3 [计算技术、计算机技术];
学科分类号
0812 ;
摘要
Threat analysis (TA) is a process to identify, detect, and evaluate security vulnerabilities systematically. Specifically, the TA, which focuses on threats that can potentially violate the customer's data ownership requirements of security and performance, is named Requirement Based Threat Analysis (RBTA). Despite the importance of RBTA, the current manual RBTA process is both time intensive and makes no assurance of completeness of the analysis. Thus, we develop a systematic analytic technique that enumerates customers' requirements and then determines all possible direct/indirect dependencies across them to conduct a generalized threat analysis from their requirements. The approach is validated for its effectiveness on actual Cloud customer requirements and can be generalized to apply to other requirements.
引用
收藏
页码:506 / 510
页数:5
相关论文
共 50 条
  • [1] Threat risk analysis for cloud security based on Attack-Defense Trees
    Wang, Ping
    Lin, Hui-Tang
    Wang, Tzu Chia
    Lin, Wen-Hui
    Kuo, Pu-Tsun
    International Journal of Advancements in Computing Technology, 2012, 4 (17) : 607 - 617
  • [2] Cloud Threat Defense - a Threat Protection and Security Compliance Solution
    Bharadwaj, Deepak R.
    Bhattacharya, Anamika
    Chakkaravarthy, Manivannan
    2018 SEVENTH IEEE INTERNATIONAL CONFERENCE ON CLOUD COMPUTING IN EMERGING MARKETS (CCEM), 2018, : 95 - 99
  • [3] A Hybrid Threat Model for Software Security Requirement Specification
    Omotunde, Habeeb
    Ibrahim, Rosziati
    2016 INTERNATIONAL CONFERENCE ON INFORMATION SCIENCE AND SECURITY (ICISS), 2014, : 56 - 59
  • [4] Data-Driven Threat Analysis for Ensuring Security in Cloud Enabled Systems
    Alwaheidi, Mohammed K. S.
    Islam, Shareeful
    SENSORS, 2022, 22 (15)
  • [5] Network Security Analysis Based on Consolidated Threat Resources
    Garasym, Oleg
    Chyrun, Liliya
    Chcrnovol, Nadija
    Gazhyj, Aleksandr
    Gozhyj, Victor
    Kalinina, Irina
    Rusyn, Bohdan
    Pohreliuk, Liubomyr
    Korobchynskyi, Maksym
    COMPUTATIONAL LINGUISTICS AND INTELLIGENT SYSTEMS (COLINS 2020), VOL I: MAIN CONFERENCE, 2020, 2604
  • [6] Threat-based Security Analysis for the Internet of Things
    Atamli, Ahmad W.
    Martin, Andrew
    2014 INTERNATIONAL WORKSHOP ON SECURE INTERNET OF THINGS (SIOT), 2014, : 35 - 43
  • [7] Cloud Security Analysis Based on Virtualization Technology
    Zhang, Jiaxing
    2022 INTERNATIONAL CONFERENCE ON BIG DATA, INFORMATION AND COMPUTER NETWORK (BDICN 2022), 2022, : 519 - 522
  • [8] Threat as a Service? Virtualization's Impact on Cloud Security
    Tsai, Hsin-Yi
    Siebenhaar, Melanie
    Miede, Andre
    Huang, Yu-Lun
    Steinmetz, Ralf
    IT PROFESSIONAL, 2012, 14 (01) : 32 - 37
  • [9] Threat-Specific Security Risk Evaluation in the Cloud
    Nhlabatsi, Armstrong
    Hong, Jin B.
    Kim, Dong Seong
    Fernandez, Rachael
    Hussein, Alaa
    Fetais, Noora
    Khan, Khaled M.
    IEEE TRANSACTIONS ON CLOUD COMPUTING, 2021, 9 (02) : 793 - 806
  • [10] Threat-Specific Security Risk Evaluation in the Cloud
    Roobini, M. S.
    TejaSatyanrayana, B.
    SaiVenkataGirish, B.
    Sridevi, N.
    Pothumani, S.
    2024 INTERNATIONAL CONFERENCE ON ADVANCES IN COMPUTING, COMMUNICATION AND APPLIED INFORMATICS, ACCAI 2024, 2024,
12345