SecureCloud: Towards a Comprehensive Security Framework for Cloud Computing Environments

Takabi, Hassan; Joshi, James; Ahn, Gail-Joon

doi:10.1109/compsacw.2010.74

Cited by 116 publications

(54 citation statements)

References 12 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Well-known static models include the 7-layer security model [2], SACS mode l [3], trust-based model [4], and so on. Dynamic models mainly include authentication-monitor model [5] and service composition model [6].…”

Section: A Security Modelsmentioning

confidence: 99%

Job Security in the Cloud Computing

Tuo¹,

Xu²,

Xu³

et al. 2015

IJFCC

View full text Add to dashboard Cite

Abstract-Cloud computing is a burgeoning Internet computing paradigm. The convenient, cheap and elastic resources in the cloud are attracting the users to migrate their assets (data, computing and software, etc.) into it. However, cloud also caused the serious worry about the security of those assets, since the resources are not under the control of the users. Traditional security mechanisms are usually aimed at single autonomous domain and are not suitable for protection of those assets migrating between autonomous domains. This paper caters to the security of aforesaid migrated assets, defines them as job, studies their security demands, analyses the security threats to them, and proposes the essential protecting mechanisms for it. Our work is from the point of view of the users, and thus will be more suitable for solving the security problem of their assets. 

show abstract

Section: A Security Modelsmentioning

confidence: 99%

Job Security in the Cloud Computing

Tuo¹,

Xu²,

Xu³

et al. 2015

IJFCC

View full text Add to dashboard Cite

show abstract

“…Its unavailability may occur in a physical way, as the failure of critical network components, power disruptions, and physical plant disruptions, either malicious or natural (Firesmith 2004;Takabi et al 2010). Availability can also be impacted in a logical way, in the form of improper addressing or routing, and through the use of DenialOf-Service attacks, which are the deliberate insertion of unwanted data into the network (Brock and Goscinski 2010).…”

Section: Availabilitymentioning

confidence: 99%

“…Several frameworks have addressed cloud security in general (Brock and Goscinski 2010;Firesmith 2004;Takabi et al 2010;Zissis and Lekkas 2012), and cloud storage in particular (Mapp et al 2014). Researchers have also applied security components as specific objectives.…”

Section: Cloud Security Frameworkmentioning

confidence: 99%

“…These industry-accepted standards, guidelines and best practice are reviewed and mapped against the security requirements discussed in the previous section (Brock and Goscinski 2010;Firesmith 2004;Mapp et al 2014;Takabi et al 2010;Zissis and Lekkas 2012). The Cloud Control Matrix (CCM) has been used as a reference document to crosscheck with other standards.…”

Section: Reliabilitymentioning

confidence: 99%

See 1 more Smart Citation

Using Goal-Question-Metric (GQM) Approach to Assess Security in Cloud Storage

Yahya

Walters

Wills

2017

Enterprise Security

View full text Add to dashboard Cite

Abstract. Assessing the security of data stored in cloud storage can be carried out by developing goal-based measurement items. The measurement items can be utilized to construct a security assessment model based on practical needs. The measurement items can assist in acquiring support decision making on the implementation of a security frameworks. This paper discusses the GoalQuestion-Metrics (GQM) approach and its application towards constructing measurement items for a security metric. It also attempts to provide practical guidance and example of measurements using GQM. An application of the GQM paradigm towards the development of a security metric is presented. The metrics obtained will assist organizations to meet their requirements for a cloud storage security framework.

show abstract

“…For example, Zhang et al [1] propose their Usage-Based Security Framework (UBSF) which can consolidate guidelines and policies with their framework, architecture and digital certificates. Takabi et al [2] describe their comprehensive security framework by presenting a model to explain how to work with different service integrators and service providers. Zia and Zomaya [3] present their wireless sensor networks model with their algorithms and a software engineering approach.…”

Section: Introductionmentioning

confidence: 99%

Cloud computing adoption framework: A security framework for business clouds

Chang

Kuo

Ramachandran

2016

Future Generation Computer Systems

265

100

View full text Add to dashboard Cite

This paper presents a Cloud Computing Adoption Framework (CCAF) security suitable for business clouds. CCAF multi-layered security is based on the development and integration of three major security technologies: firewall, identity management and encryption based on the development of Enterprise File Sync and Share technologies. This paper presents our motivation, related work and our views on security framework. Core technologies have been explained in details and experiments were designed to demonstrate the robustness of the CCAF multi-layered security. In penetration testing, CCAF multi-layered security could detect and block 99.95% viruses and trojans and could maintain 85% and above of blocking for 100 hours of continuous attacks. Detection and blocking took less than 0.012 second per trojan and viruses. A full CCAF multi-layered security protection could block all SQL injection providing real protection to data. CCAF multi-layered security had 100% rate of not reporting false alarm. All F-measures for CCAF test results were 99.75% and above. How CCAF multi-layered security can blend with policy, real services and blend with business activities have been illustrated. Research contributions have been justified and CCAF multi-layered security can offer added value for volume, velocity and veracity for Big Data services operated in the Cloud.

show abstract

SecureCloud: Towards a Comprehensive Security Framework for Cloud Computing Environments

Cited by 116 publications

References 12 publications

Job Security in the Cloud Computing

Job Security in the Cloud Computing

Using Goal-Question-Metric (GQM) Approach to Assess Security in Cloud Storage

Cloud computing adoption framework: A security framework for business clouds

Contact Info

Product

Resources

About