Raid Khalid Hussein scite author profile

Abstract-The Internet of Things (IoT) has spread into multiple dimensions that incorporate different physical and virtual things. These things are connected together using different communication technologies to provide unlimited services. These services help not only to improve the quality of our daily lives, but also to provide a communication platform for increasing object collaboration and information sharing. Like all new technologies, the IoT has many security challenges that stand as a barrier to the successful implementation of IoT applications. These challenges are more complicated due to the dynamic and heterogeneous nature of IoT systems. However, authentication and access control models can be used to address the security issue in the IoT. To increase information sharing and availability, the IoT requires a dynamic access control model that takes not only access policies but also real-time contextual information into account when making access decisions. One of the dynamic features is the security risk. This paper proposes an Adaptive Risk-Based Access Control (AdRBAC) model for the IoT and discusses its validation using expert reviews. The proposed AdRBAC model conducts a risk analysis to estimate the security risk value associated with each access request when making an access decision. This model has four inputs/risk factors: user context, resource sensitivity, action severity and risk history. These risk factors are used to estimate a risk value associated with the access request to make the access decision. To provide the adaptive features, smart contracts will be used to monitor the user behaviour during access sessions to detect any malicious actions from the granted users. To validate and refine the proposed model, twenty IoT security experts from inside and outside the UK were interviewed. The experts have suggested valuable information that will help to specify the appropriate risk factors and risk estimation technique for implantation of the AdRBAC model.

show abstract

A Framework for Cloud Forensic Readiness in Organizations

Alenezi

Hussein

Walters

et al. 2017

View full text Add to dashboard Cite

Abstract-Many have argued that cloud computing is one of the fastest growing and most transformative technologies in the history of computing. It has radically changed the way in which information technologies can manage, access, deliver and create services. It has also brought numerous benefits to end-users and organizations. However, this rapid growth in cloud computing adoption has also seen it become a new arena for cybercrime. This has, in turn, led to new technical, legal and organizational challenges. In addition to the large number of attacks which affect cloud computing and the decentralized nature of data processing in the cloud, many concerns have been raised. One of these concerns is how to conduct a proper digital investigation in cloud environments and be ready to collect data proactively before an incident occurs in order to save time, money and effort. This paper proposes the technical, legal and organizational factors that influence digital forensic readiness for Infrastructure as a Service consumers.

show abstract

Toward Confirming a Framework for Securing the Virtual Machine Image in Cloud Computing

Hussein¹,

Alenezi²,

Atlam³

et al. 2017

Adv. sci. technol. eng. syst. j.

View full text Add to dashboard Cite

show abstract

A Framework to Secure the Virtual Machine Image in Cloud Computing

Hussein¹,

Alenezi²,

Wills³

et al. 2016

View full text Add to dashboard Cite

Threat Modelling for the Virtual Machine Image in Cloud Computing

Hussein¹,

Sassone²

2019

View full text Add to dashboard Cite

Cloud computing is one of the most smart technology in the era of computing as its capability to decrease the cost of data processing while increasing flexibility and scalability for computer processes. Security is one of the core concerns related to the cloud computing as it hinders the organizations to adopt this technology. Infrastructure as a service (IaaS) is one of the main services of cloud computing which uses virtualization to supply virtualized computing resources to its users through the internet. Virtual Machine Image is the key component in the cloud as it is used to run an instance. There are security issues related to the virtual machine image that need to be analysed as being an essential component related to the cloud computing. Some studies were conducted to provide countermeasure for the identify security threats. However, there is no study has attempted to synthesize security threats and corresponding vulnerabilities. In addition, these studies did not model and classified security threats to find their effect on the Virtual Machine Image. Therefore, this paper provides a threat modelling approach to identify threats that affect the virtual machine image. Furthermore, threat classification is carried out to each individual threat to find out their effects on the cloud computing. Potential attack was drawn to show how an adversary might exploit the weakness in the system to attack the Virtual Machine Image.

show abstract

scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.

Contact Info

customersupport@researchsolutions.com

10624 S. Eastern Ave., Ste. A-614

Henderson, NV 89052, USA

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Blog Terms and Conditions API Terms Privacy Policy Contact Cookie Preferences Do Not Sell or Share My Personal Information

Made with 💙 for researchers

Part of the Research Solutions Family.