AHP-Based Quantitative Approach for Assessing and Comparing Cloud Security

“…Improvement of the state of the art methodology: The first contribution is a major simplification of the well-known Cloud security assessment methodology QHP [2]. We take into account properties of the methodology, apply some basic mathematical principles, and provide greatly simplified derivative termed fast QHP (fQHP) which shows a significant reduction in computational complexity.…”

“…The QPT was used as the foundation of another methodology, namely the Quantitative Hierarchical Process (QHP) [2] described in Section 4.1. The QHP solves the issue previously highlighted for the QPT by allowing CSCs to define qualitative requirements at any level of the SecSLA hierarchy.…”

“…The Quantitative Hierarchy Process (QHP), originally introduced in [2], is an assessment technique that enables ranking of CSPs with respect to CSC's requirements expressed at different levels of the SecSLA hierarchy (CSPs' offers and requirements from the CSC are represented in the form of a SecSLA introduced in Section 3). The assessment is conducted in progressive stages as already discussed in Section 3.…”

“…The last element of the final PV is the score for the CSC SecSLA and serves as the benchmark. For more details on the methodology see [2,19], or use cases considered in Section 6.…”

“…Moreover, in order to compare different SecSLAs offered by CSPs, we need a clear way to quantify the security attributes included in SecSLAs. To this end, researchers have developed a set of methodologies (e.g., Quantitative Hierarchical Process (QHP) [2], Quantitative Policy Trees (QPT) [3], Reference Evaluation Methodology (REM) [4]) to evaluate security levels guaranteed by CSPs and rank them, by quantifying and comparing their SecSLAs.…”

Novel efficient techniques for real-time cloud security assessment

“…Improvement of the state of the art methodology: The first contribution is a major simplification of the well-known Cloud security assessment methodology QHP [2]. We take into account properties of the methodology, apply some basic mathematical principles, and provide greatly simplified derivative termed fast QHP (fQHP) which shows a significant reduction in computational complexity.…”

“…The QPT was used as the foundation of another methodology, namely the Quantitative Hierarchical Process (QHP) [2] described in Section 4.1. The QHP solves the issue previously highlighted for the QPT by allowing CSCs to define qualitative requirements at any level of the SecSLA hierarchy.…”

“…The Quantitative Hierarchy Process (QHP), originally introduced in [2], is an assessment technique that enables ranking of CSPs with respect to CSC's requirements expressed at different levels of the SecSLA hierarchy (CSPs' offers and requirements from the CSC are represented in the form of a SecSLA introduced in Section 3). The assessment is conducted in progressive stages as already discussed in Section 3.…”

“…The last element of the final PV is the score for the CSC SecSLA and serves as the benchmark. For more details on the methodology see [2,19], or use cases considered in Section 6.…”

“…Moreover, in order to compare different SecSLAs offered by CSPs, we need a clear way to quantify the security attributes included in SecSLAs. To this end, researchers have developed a set of methodologies (e.g., Quantitative Hierarchical Process (QHP) [2], Quantitative Policy Trees (QPT) [3], Reference Evaluation Methodology (REM) [4]) to evaluate security levels guaranteed by CSPs and rank them, by quantifying and comparing their SecSLAs.…”

Novel efficient techniques for real-time cloud security assessment

POM: A Trust-Based AHP-Like Methodology to Solve Conflict Requirements for the IoT

Similarity Measure for Security Policies in Service Provider Selection