Cloud Security Requirement Based Threat Analysis

被引:0
|
作者
Taha, Ahmed [1 ]
Lawall, Alexander [1 ]
Suri, Neeraj [2 ]
机构
[1] IUAS, Bad Honnef, Germany
[2] Univ Lancaster, Lancaster, England
来源
2023 INTERNATIONAL CONFERENCE ON COMPUTING, NETWORKING AND COMMUNICATIONS, ICNC | 2023年
关键词
Threat Analysis; Cloud Security; Service's dependencies;
D O I
10.1109/ICNC57223.2023.10074275
中图分类号
TP3 [计算技术、计算机技术];
学科分类号
0812 ;
摘要
Threat analysis (TA) is a process to identify, detect, and evaluate security vulnerabilities systematically. Specifically, the TA, which focuses on threats that can potentially violate the customer's data ownership requirements of security and performance, is named Requirement Based Threat Analysis (RBTA). Despite the importance of RBTA, the current manual RBTA process is both time intensive and makes no assurance of completeness of the analysis. Thus, we develop a systematic analytic technique that enumerates customers' requirements and then determines all possible direct/indirect dependencies across them to conduct a generalized threat analysis from their requirements. The approach is validated for its effectiveness on actual Cloud customer requirements and can be generalized to apply to other requirements.
引用
收藏
页码:506 / 510
页数:5
相关论文
共 50 条
  • [41] A Threat Analysis Methodology for Security Requirements Elicitation in Machine Learning Based Systems
    Wilhjelm, Carl
    Younis, Awad A.
    COMPANION OF THE 2020 IEEE 20TH INTERNATIONAL CONFERENCE ON SOFTWARE QUALITY, RELIABILITY, AND SECURITY (QRS-C 2020), 2020, : 426 - 433
  • [42] Requirement Analysis of IoT Security in Distributed Systems
    Mbanaso, U. M.
    Chukwudebe, G. A.
    2017 IEEE 3RD INTERNATIONAL CONFERENCE ON ELECTRO-TECHNOLOGY FOR NATIONAL DEVELOPMENT (NIGERCON), 2017, : 777 - 781
  • [43] An Analysis for Understanding Software Security Requirement Methodologies
    Du, Jing
    Yang, Ye
    Wang, Qing
    2009 THIRD IEEE INTERNATIONAL CONFERENCE ON SECURE SOFTWARE INTEGRATION AND RELIABILITY IMPROVEMENT, PROCEEDINGS, 2009, : 141 - 149
  • [44] Threat analysis for space information network based on network security attributes: a review
    Xuesong Wu
    Ye Du
    Tao Fan
    Junyan Guo
    Jie Ren
    Runfang Wu
    Tianshuai Zheng
    Complex & Intelligent Systems, 2023, 9 : 3429 - 3468
  • [45] Threat analysis for space information network based on network security attributes: a review
    Wu, Xuesong
    Du, Ye
    Fan, Tao
    Guo, Junyan
    Ren, Jie
    Wu, Runfang
    Zheng, Tianshuai
    COMPLEX & INTELLIGENT SYSTEMS, 2023, 9 (03) : 3429 - 3468
  • [46] Threat Scenario Dependency-Based Model of Information Security Risk Analysis
    Rahmad, Basuki
    Supangkat, Suhono H.
    Sembiring, Jaka
    Surendro, Kridanto
    INTERNATIONAL JOURNAL OF COMPUTER SCIENCE AND NETWORK SECURITY, 2010, 10 (08): : 93 - 102
  • [47] Dynamic Threat Weight of Network Security Communication Based on Multisource Data Analysis
    Yu, Zhihui
    Liu, Sitong
    Wang, Weimin
    WIRELESS COMMUNICATIONS & MOBILE COMPUTING, 2022, 2022
  • [48] Network Security Threat Situation Evaluation Based on Fusion Decision and Spread Analysis
    Cai, Xiangdong
    INTERNATIONAL JOURNAL OF SECURITY AND ITS APPLICATIONS, 2015, 9 (03): : 383 - 388
  • [49] Threat Analysis of Cyber Security Exercise for Reservoir Testbed Based on Attack Tree
    Tan, Su-Goan
    Liu, I-Hsien
    Li, Jung-Shian
    2022 TENTH INTERNATIONAL SYMPOSIUM ON COMPUTING AND NETWORKING WORKSHOPS, CANDARW, 2022, : 375 - 379
  • [50] Analysis on the security threat of caisson gravity wharf
    Dong Qi
    Tang Ting
    Wei Zhuo-bin
    PROCEEDINGS OF THE 2017 2ND INTERNATIONAL CONFERENCE ON MATERIALS SCIENCE, MACHINERY AND ENERGY ENGINEERING (MSMEE 2017), 2017, 123 : 500 - 505
12345