Four Dimensional Security and Vulnerability Matrix for Cloud (4-SVM)
Sharmistha Dey, Santanu Kumar Sen
DOI: http://dx.doi.org/10.15439/2017R41
Citation: Proceedings of the Second International Conference on Research in Intelligent and Computing in Engineering, Vijender Kumar Solanki, Vijay Bhasker Semwal, Rubén González Crespo, Vishwanath Bijalwan (eds). ACSIS, Vol. 10, pages 165–169 (2017)
Abstract. Cloud computing is a catchphrase for today's ICT world. The emerging trend of ``Everything as a service'' has made this rapid growing technology a very admired and highly demanding technology for a must adapted one. With the virtues of 24x7 service availability, multi tenancy, utility, speed, high productivity, agility, scalability of this technology, it has been proved as an emerging trend for the ICT industry as well as the academia. Today the rapid data analytics is changing the way companies try to win, and hence enabling them to generate instantaneous insights for supporting their most important business processes.In present technological era, cloud combining with IOT or Big Data, or highly popular commercial ERP solutions, namely SAP cloud, has touched the height of technological growth but one of the major reasons for the trepidation of its widespread adaptability is the security and authentication breach in cloud technology. Being used in highly commercial solutions, the security issues play a major role.Threat or vulnerability is more important to qualify rather than being quantified only. This paper is a proposal showing a quantifiable approach, focuses on several threats and security breaches and countermeasures their impact concentrating on a cloud based solutions, with the philosophy of the inevitability of testing on cloud security
References
- Santanu Kumar Sen,Sharmistha Dey,Debraj Roy, “ Design of Quantifiable Real-Life Security Matrix for Cloud Computing”,International Journal of Engineering Sciences and Research Technology, 3(5): May, 2014
- Ajey Singh, Dr. Maneesh Shrivastava “Overview of Attacks on Cloud Computing” published on International Journal of Engineering and Innovative Technology (IJEIT) Volume 1, Issue 4, April 2012.
- Sagar Tirodkar, Yazad Baldawala, Sagar Ulane, Ashok Jori, “Improved 3-Dimensional Security in Cloud Computing”, International Journal of Computer Trends and Technology (IJCTT), Volume 9, Number 5, March 2014
- B. Meena and et al., “ Cloud Computing Security Issues with Possible Solutions”, International Journal of Computer Science and Technology, 3(1), Jan. - March 2012.
- Kazi Zunnurhain and Susan V. Vrbsky, Department of Computer Science,The University of Alabama, “Security Attacks and Solutions in Clouds”
- “The treacherous 12-Cloud Computing Top Threats in 2016” , Draft published by Cloud Security Alliances, February 2016
- Nielsen, Fran. “Approaches to Security Metrics.” NIST and CSSPAB Workshop, Washington, D.C., 13-14 June 2000
- Dr. G. N. Purohit, Dr. M. P. Jaiswal, Ms. Surabhi Pandey, “Challenges Involved in Implementation of ERP on demand solution : Cloud Computing”, International Journal of Computer Science Issues, Vol. 9, Issue 4, No 2, July 2012
- Fumei Weng and Ming-Chien Hung, “Competition and Challenge on Adopting Cloud ERP”,International Journal of Innovation, Management and Technology, Vol. 5, No. 4, August 2014
- Rajeev Sharma, Dr. Bright Keswani , “Study of Cloud based ERP service for small and medium enterprises”, Revista de Sistemas de Informação da FSMA n. 13 (2014) pp. 2-10 (ISSN : 1983-5604)
- P. Mell and T. Grance, "Draft NIST working definition of cloud computing - v15," 21. Aug 2009
- Resse, Mather,“Cloud Application Architecture Building Applications and Infrastructure in the Cloud”, SPD O’Reilly publication, 2009
- Eyad Saleh, Christoph Meinel, “ HPISecure: Towards Data Confidentiality in Cloud”,13th IEEE/ACM International Symposium on Cluster, Cloud, and Grid Computing, Autumn 2013
- Meena,S, Daniel,E, “Survey on various data integrity attacks in cloud environment and the solutions”, International Conference on Circuits, Power and Computing Technologies (ICCPCT), 20-21 March, 2013
- Sagar Tirodkar, Yazad Baldawala, Sagar Ulane, Ashok Jori, “Improved 3-Dimensional Security in Cloud Computing”, International Journal of Computer Trends and Technology (IJCTT), Volume 9, Number 5, March 2014
- Stevenson, “Cloud Security and Privacy”, SPD O’Reilly, 2010
- Mohit Mathur, KLSI, “Cloud computing Black Book”, Wiley, 2012
- Wilder, “Cloud Architecture Patterns”, SPD O’Reilly, 2012.
- Geneal Terns and Conditions for SAP Cloud (“GTC”), enEG.v.8-2016, A Whitepaper released by SAP Labs
- First Report on Security Metrics and Assessment-“Enforceable Security in the Cloud to Uphold Data Ownership”, Swiss State Secretariat for Education, Research and Innovation , European Union’s Horizon 2020 research and innovation programme, January 2015 – December 2016
- Wes Sonnenreich, “Return On Security Investment (ROSI): A Practical Quantitative Model”, Sage Secure, LLC, NewYork,2006