Logo PTI
Polish Information Processing Society
Logo RICE

Annals of Computer Science and Information Systems, Volume 10

Proceedings of the Second International Conference on Research in Intelligent and Computing in Engineering

Four Dimensional Security and Vulnerability Matrix for Cloud (4-SVM)

,

DOI: http://dx.doi.org/10.15439/2017R41

Citation: Proceedings of the Second International Conference on Research in Intelligent and Computing in Engineering, Vijender Kumar Solanki, Vijay Bhasker Semwal, Rubén González Crespo, Vishwanath Bijalwan (eds). ACSIS, Vol. 10, pages 165169 ()

Full text

Abstract. Cloud computing is a catchphrase for today's ICT world. The emerging trend of ``Everything as a service'' has made this rapid growing technology a very admired and highly demanding technology for a must adapted one. With the virtues of 24x7 service availability, multi tenancy, utility, speed, high productivity, agility, scalability of this technology, it has been proved as an emerging trend for the ICT industry as well as the academia. Today the rapid data analytics is changing the way companies try to win, and hence enabling them to generate instantaneous insights for supporting their most important business processes.In present technological era, cloud combining with IOT or Big Data, or highly popular commercial ERP solutions, namely SAP cloud, has touched the height of technological growth but one of the major reasons for the trepidation of its widespread adaptability is the security and authentication breach in cloud technology. Being used in highly commercial solutions, the security issues play a major role.Threat or vulnerability is more important to qualify rather than being quantified only. This paper is a proposal showing a quantifiable approach, focuses on several threats and security breaches and countermeasures their impact concentrating on a cloud based solutions, with the philosophy of the inevitability of testing on cloud security

References

  1. Santanu Kumar Sen,Sharmistha Dey,Debraj Roy, “ Design of Quantifiable Real-Life Security Matrix for Cloud Computing”,International Journal of Engineering Sciences and Research Technology, 3(5): May, 2014
  2. Ajey Singh, Dr. Maneesh Shrivastava “Overview of Attacks on Cloud Computing” published on International Journal of Engineering and Innovative Technology (IJEIT) Volume 1, Issue 4, April 2012.
  3. Sagar Tirodkar, Yazad Baldawala, Sagar Ulane, Ashok Jori, “Improved 3-Dimensional Security in Cloud Computing”, International Journal of Computer Trends and Technology (IJCTT), Volume 9, Number 5, March 2014
  4. B. Meena and et al., “ Cloud Computing Security Issues with Possible Solutions”, International Journal of Computer Science and Technology, 3(1), Jan. - March 2012.
  5. Kazi Zunnurhain and Susan V. Vrbsky, Department of Computer Science,The University of Alabama, “Security Attacks and Solutions in Clouds”
  6. “The treacherous 12-Cloud Computing Top Threats in 2016” , Draft published by Cloud Security Alliances, February 2016
  7. Nielsen, Fran. “Approaches to Security Metrics.” NIST and CSSPAB Workshop, Washington, D.C., 13-14 June 2000
  8. Dr. G. N. Purohit, Dr. M. P. Jaiswal, Ms. Surabhi Pandey, “Challenges Involved in Implementation of ERP on demand solution : Cloud Computing”, International Journal of Computer Science Issues, Vol. 9, Issue 4, No 2, July 2012
  9. Fumei Weng and Ming-Chien Hung, “Competition and Challenge on Adopting Cloud ERP”,International Journal of Innovation, Management and Technology, Vol. 5, No. 4, August 2014
  10. Rajeev Sharma, Dr. Bright Keswani , “Study of Cloud based ERP service for small and medium enterprises”, Revista de Sistemas de Informação da FSMA n. 13 (2014) pp. 2-10 (ISSN : 1983-5604)
  11. P. Mell and T. Grance, "Draft NIST working definition of cloud computing - v15," 21. Aug 2009
  12. Resse, Mather,“Cloud Application Architecture Building Applications and Infrastructure in the Cloud”, SPD O’Reilly publication, 2009
  13. Eyad Saleh, Christoph Meinel, “ HPISecure: Towards Data Confidentiality in Cloud”,13th IEEE/ACM International Symposium on Cluster, Cloud, and Grid Computing, Autumn 2013
  14. Meena,S, Daniel,E, “Survey on various data integrity attacks in cloud environment and the solutions”, International Conference on Circuits, Power and Computing Technologies (ICCPCT), 20-21 March, 2013
  15. Sagar Tirodkar, Yazad Baldawala, Sagar Ulane, Ashok Jori, “Improved 3-Dimensional Security in Cloud Computing”, International Journal of Computer Trends and Technology (IJCTT), Volume 9, Number 5, March 2014
  16. Stevenson, “Cloud Security and Privacy”, SPD O’Reilly, 2010
  17. Mohit Mathur, KLSI, “Cloud computing Black Book”, Wiley, 2012
  18. Wilder, “Cloud Architecture Patterns”, SPD O’Reilly, 2012.
  19. Geneal Terns and Conditions for SAP Cloud (“GTC”), enEG.v.8-2016, A Whitepaper released by SAP Labs
  20. First Report on Security Metrics and Assessment-“Enforceable Security in the Cloud to Uphold Data Ownership”, Swiss State Secretariat for Education, Research and Innovation , European Union’s Horizon 2020 research and innovation programme, January 2015 – December 2016
  21. Wes Sonnenreich, “Return On Security Investment (ROSI): A Prac­tical Quantitative Model”, Sage Secure, LLC, NewYork,2006