Mean privacy: A metric for security of computer systems

Almasizadeh, Jaafar; Azgomi, Mohammad Abdollahi

doi:10.1016/j.comcom.2014.06.009

Cited by 12 publications

(3 citation statements)

References 24 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Attack trees can also be used in security hardening to determine the best options to increase security within a budget [29]. Using attack trees can help to understand what kind of attackers may follow an attack path [9,30,31]. Attack graphs can be automatically generated by modeling the network and vulnerabilities, and many useful analyses may be performed using attack graphs [10,32,33].…”

Section: Related Workmentioning

confidence: 99%

Threat Modeling for Cloud Infrastructures

Alhebaishi¹,

Wang²,

Singhal³

2019

ICST Transactions on Security and Safety

View full text Add to dashboard Cite

Today's businesses are increasingly relying on the cloud as an alternative IT solution due to its flexibility and lower cost. Compared to traditional enterprise networks, a cloud infrastructure is typically much larger and more complex. Understanding the potential security threats in such infrastructures is naturally more challenging than in traditional networks. This is evidenced by the fact that there are limited efforts on threat modeling for cloud infrastructures. In this paper, we conduct comprehensive threat modeling exercises based on two representative cloud infrastructures using several popular threat modeling methods, including attack surface, attack trees, attack graphs, and security metrics based on attack trees and attack graphs, respectively. Those threat modeling efforts may provide cloud providers useful lessons toward better understanding and improving the security of their cloud infrastructures. In addition, we show how hardening solution can be applied based on the threat models and security metrics through extended exercises. Such results may not only benefit the cloud provider but also embed more confidence in cloud tenants by providing them a clearer picture of the potential threats and mitigation solutions.This section briefly reviews several popular threat models and existing security metrics that will be applied in this paper, including attack surface, attack tree, attack graph, attack tree-based metric (ATM), and Bayesian network (BN)-based metric.-Attack surface: Originally proposed as a metric for software security, an attack surface captures software components that may lead to potential vulnerabilities, including entry and exit points (i.e., methods in a software program that either take user inputs or generate outputs), communication channels (e.g., TCP or UDP), and untrusted data items (e.g., configuration files or registry keys read by the software) [7]. Since the attack surface requires examining the source code of a software, due to the complexity of such a task, most existing work applies the concept in a high-level and intuitive manner. For example, six attack surfaces are said to exist between an end user, the cloud provider, and cloud services [8], although the exact meaning of such attack surface is not specified.-Attack tree: While the attack surface focuses on what may provide attackers initial privileges or accesses to a system, attack trees demonstrate the possible attack paths which may be followed by the attacker to further infiltrate the system [9].

show abstract

Section: Related Workmentioning

confidence: 99%

Threat Modeling for Cloud Infrastructures

Alhebaishi¹,

Wang²,

Singhal³

2019

ICST Transactions on Security and Safety

View full text Add to dashboard Cite

show abstract

“…Jamar and Almasizadeh [10] introduced the mean privacy approach to intuitively quantify how attackers behave and their predictability. This metric can be considered an appropriate indicator for quantifying the security level of computer systems, which was quantified by an information theoretic.…”

Section: Related Workmentioning

confidence: 99%

“…where T 1 (D m , D n ) represents the direct trust degree from D m to D n according to formula (10), level is the level of the feedback trust. For example in Fig.…”

Section: ) Weight Calculationmentioning

confidence: 99%

Research on the Tradeoff Between Privacy and Trust in Cloud Computing

Sun¹

2019

IEEE Access

View full text Add to dashboard Cite

Promoting cloud services must consider the privacy requirements between the user and the provider. Both privacy and trust are related to knowledge about an entity; however, there is an inherent conflict between trust and privacy. In this paper, we research the relationship between privacy and trust in the cloud computing. First, we construct a trust model based on multiple factors, such as direct trust, trust risk, reward-punishment, and feedback trust; the weight of trust factor is determined by class diversity and information entropy theory. Second, we propose a novel privacy metric model with multiple factors, such as privacy preference, credential attribute, interaction history, and privacy feedback, and the weight of privacy factor is based on the maximum dispersion. Third, we propose a tradeoff between privacy and trust; both user and the provider can choose privacy protection or trust establishment priority by personal preference and requirement. Fourth, we demonstrate and compare the tradeoff between privacy and trust, interaction success rate, trust evaluation accuracy, and privacy disclosure rate by different experiments; these simulation results show that the privacy of each partner can be effectively protected.

show abstract