Information Security Risk Management Framework for the Cloud Computing Environments

Zhang, Xuan; Wuwong, Nattapong; Li, Hao; Zhang, Xuejie

doi:10.1109/cit.2010.501

Cited by 106 publications

(55 citation statements)

References 2 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Risk assessment in distributed computing has been extensively studied in the literature, either as a general methodology [2], [3], [4] or focusing on a specific type of risk, such as security and SLA fulfilment [5], [6]. These projects have included objectives ranging from information protection, evaluation /prediction of QoS and probability of SLA failures [2], [20].…”

Section: Related Workmentioning

confidence: 99%

“…Risk assessment has been introduced into utility computing such as Grids and clouds either as a general methodology [2], [3], [4] or focusing on a specific type of risk, such as security and SLA fulfilment [5], [6]. However, the aim of this paper is to propose a risk assessment framework for cloud service provision, in terms of assessing and improving the reliability and productivity of fulfilling an SLA in a cloud environment.…”

Section: Introductionmentioning

confidence: 99%

See 1 more Smart Citation

A Risk Assessment Framework for Cloud Computing

Djemame

Armstrong

Guitart

et al. 2016

IEEE Trans. Cloud Comput.

View full text Add to dashboard Cite

Abstract-Cloud service providers offer access to their resources through formal Service Level Agreements (SLA), and need wellbalanced infrastructures so that they can maximise the Quality of Service (QoS) they offer and minimise the number of SLA violations. This paper focuses on a specific aspect of risk assesment as applied in cloud computing: methods within a framework that can be used by cloud service providers and service consumers to assess risk during service deployment and operation. It describes the various stages in the service lifecycle wheres risk assessment takes place, and the corresponding risk models that have been designed and implemented. The impact of risk on architectural components, with special emphasis on holistic management support at service operation, is also described. The risk assessor is shown to be effective through the experimental evaluation of the implementation, and is already integrated in a cloud computing toolkit.

show abstract

Section: Related Workmentioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%

A Risk Assessment Framework for Cloud Computing

Djemame

Armstrong

Guitart

et al. 2016

IEEE Trans. Cloud Comput.

View full text Add to dashboard Cite

show abstract

“…By now, the risk evaluating for the cloud is directly derived from the traditional one, such as [9], [10]. They all make the cloud platforms as the evaluating objects but the users' assets.…”

Section: Risk Evaluatingmentioning

confidence: 99%

Job Security in the Cloud Computing

Tuo¹,

Xu²,

Xu³

et al. 2015

IJFCC

View full text Add to dashboard Cite

Abstract-Cloud computing is a burgeoning Internet computing paradigm. The convenient, cheap and elastic resources in the cloud are attracting the users to migrate their assets (data, computing and software, etc.) into it. However, cloud also caused the serious worry about the security of those assets, since the resources are not under the control of the users. Traditional security mechanisms are usually aimed at single autonomous domain and are not suitable for protection of those assets migrating between autonomous domains. This paper caters to the security of aforesaid migrated assets, defines them as job, studies their security demands, analyses the security threats to them, and proposes the essential protecting mechanisms for it. Our work is from the point of view of the users, and thus will be more suitable for solving the security problem of their assets. 

show abstract

“…Miller (1992) presented a framework for categorizing the uncertainties as are faced by the companies and highlights risk management responses from both financial and strategic point of views. Zhang et al (2010) proposed an information risk management framework for better understanding within the business domain of cloud computing. This framework supports identifying a threat in cloud computing environment and to identifying vulnerability.…”

Section: Literature Reviewmentioning

confidence: 99%

Quantitative risk management in gas injection project: a case study from Oman oil and gas industry

2017

View full text Add to dashboard Cite

The purpose of this research was to study the recognition, application and quantification of the risks associated in managing projects. In this research, the management of risks in an oil and gas project is studied and implemented within a case company in Oman. In this study, at first, the qualitative data related to risks in the project were identified through field visits and extensive interviews. These data were then translated into numerical values based on the expert's opinion. Further, the numerical data were used as an input to Monte Carlo simulation. RiskyProject Professional TM software was used to simulate the system based on the identified risks. The simulation result predicted a delay of about 2 years as a worse case with no chance of meeting the project's on stream date. Also, it has predicted 8% chance of exceeding the total estimated budget. The result of numerical analysis from the proposed model is validated by comparing it with the result of qualitative analysis, which was obtained through discussion with various project managers of company.

show abstract

Information Security Risk Management Framework for the Cloud Computing Environments

Cited by 106 publications

References 2 publications

A Risk Assessment Framework for Cloud Computing

A Risk Assessment Framework for Cloud Computing

Job Security in the Cloud Computing

Quantitative risk management in gas injection project: a case study from Oman oil and gas industry

Contact Info

Product

Resources

About