We’re sorry, something doesn't seem to be working properly.

Please try refreshing the page. If that doesn't work, please contact support so we can address the problem.

Novel Risk Assessment Method to Identify Information Security Threats in Cloud Computing Environment | SpringerLink
Skip to main content
SpringerLink
Log in

Novel Risk Assessment Method to Identify Information Security Threats in Cloud Computing Environment

  • Conference paper
  • First Online:
Recent Trends in Data Science and Soft Computing (IRICT 2018)

Part of the book series: Advances in Intelligent Systems and Computing ((AISC,volume 843))

Abstract

Cloud computing model brought many technical and economic benefits, however, there are many security issues. Most of the common traditional information security risk assessment methods such as ISO27005, NIST SP800-30 and AS/NZS 4360 are not fit for the cloud computing environment. Therefore, this study applies medical research approach to assess the information security threats in the cloud computing environment. This study has been conducted as a retrospective cohort study and the collected data has been analyzed by using the survival analysis method. The study has been conducted on the software as a service (SaaS) environment that has more than one thousand and seven hundred cloud customers. The survival analysis method is used to measure the significance of the risk factor level. The information security threats have been categorized into twenty-two categories. This study has proven that the medical research approach can be used to assess the security risk assessment in cloud computing environment to overcome the weaknesses that accompany the usage of the traditional information security risk assessment methods in cloud computing environment.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 169.00
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 219.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

  1. Amini, A., et al.: A fuzzy logic based risk assessment approach for evaluating and prioritizing risks in cloud computing environment. In: International Conference of Reliable Information and Communication Technology. Springer (2017)

    Google Scholar 

  2. Li, J., Li, Q.: Data security and risk assessment in cloud computing. In: ITM Web of Conferences. EDP Sciences (2018)

    Google Scholar 

  3. Ali, K.E., Mazen, S.A., Hassanein, E.E.: Assessment of cloud computing adoption models in e-government environment. Int. J. Comput. Intell. Stud. 7(1), 67–92 (2018)

    Article  Google Scholar 

  4. Bakkers, J.H., Eibisch, J.: Cloud Connectivity Services in Europe in Industry Developments and Models. International Data Corporation IDC (2015)

    Google Scholar 

  5. Xuan, Z., et al.: Information security risk management framework for the cloud computing environments. In: 10th IEEE International Conference on Computer and Information Technology (CIT 2010), Bradford (2010)

    Google Scholar 

  6. Fito, J.O., Macias, M., Guitart, J.: Toward business-driven risk management for cloud computing. In: 2010 International Conference on Network and Service Management (CNSM), Niagara Falls. IEEE (2010)

    Google Scholar 

  7. Tanimoto, S., et al.: A study of risk assessment quantification in cloud computing. In: 2014 International Conference on Network-Based Information Systems, Salerno (2014)

    Google Scholar 

  8. Mell, P., Grance, T.: The NIST definition of cloud computing. NIST Spec. Publ. 800(145), 7 (2011)

    Google Scholar 

  9. Zissis, D., Lekkas, D.: Addressing cloud computing security issues. Future Gener. Comput. Syst. 28(3), 583–592 (2012)

    Article  Google Scholar 

  10. Munir, K., Palaniappan, S.: Framework for secure cloud computing. Int. J. Cloud Comput. Serv. Archit. 3(2), 21–35 (2013)

    Google Scholar 

  11. Alruwaili, F.F., Gulliver, T.A.: Safeguarding the cloud an effective risk management framework for cloud computing services. Int. J. Comput. Commun. Netw. (IJCCN) 4(3), 6–16 (2014)

    Google Scholar 

  12. Al-Anzi, F.S., Yadav, S.K., Soni, J.: Cloud computing: security model comprising governance, risk management and compliance. In: International Conference on Data Mining and Intelligent Computing (ICDMIC), New Delhi (2014)

    Google Scholar 

  13. Jafarpour, S., Yousefi, A.: Security Risks in Cloud Computing: A Review (2016)

    Google Scholar 

  14. Almorsy, M., Grundy, J., Ibrahim, A.S.: Collaboration-based cloud computing security management framework. In: 2011 IEEE International Conference on Cloud Computing (CLOUD), Washington, DC (2011)

    Google Scholar 

  15. Zhao, G.: Holistic framework of security management for cloud service providers. In: 2012 10th IEEE International Conference on Industrial Informatics (INDIN), Beijing. IEEE (2012)

    Google Scholar 

  16. Samy, G.N.: Analysing information security threats in healthcare information systems using survival analysis method. Faculty of Computer Science and Information Systems Universiti Teknologi Malaysia (2012)

    Google Scholar 

  17. Ma, Z., Krings, A.W.: Competing risks analysis of reliability, survivability, and prognostics and health management (PHM). In: 2008 IEEE Aerospace Conference. IEEE (2008)

    Google Scholar 

  18. Röhrig, B., et al.: Types of study in medical research: part 3 of a series on evaluation of scientific publications. Deutsches Arzteblatt Int. 106(15), 262–268 (2009)

    Google Scholar 

  19. Allen, L.A., Horney, J.A.: Methods: study designs in disaster epidemiology. In: Disaster Epidemiology, pp. 65–74. Elsevier (2018)

    Google Scholar 

  20. Bhopal, R.S.: Concepts of Epidemiology an Integrated Introduction to the Ideas, Theories, Principles and Methods of Epidemiology, vol. 38, 1st edn. Oxford University Press, New York (2002)

    Google Scholar 

  21. Kleinbaum, D.G., Klein, M.: Survival Analysis: A Self-Learning Text, 3rd edn. Springer, Cham (2012)

    Book  Google Scholar 

  22. Van Stralen, K.J., et al.: Case-control studies—an efficient observational study design. Nephron Clin. Pract. 114(1), c1–c4 (2009)

    Article  Google Scholar 

  23. Cox, D.R.: Analysis of Survival Data. Routledge, Abingdon (2018)

    Google Scholar 

  24. Albakri, S.H., et al.: Security risk assessment framework for cloud computing environments. Secur. Commun. Netw. (2014)

    Google Scholar 

  25. BS.ISO/IEC27005:2011: Information Technology-Security Techniques-Information Security Risk Management: The British Standards Institution (2011)

    Google Scholar 

  26. Owasp, T.: The Ten Most Critical Web Application Security Risks (2013)

    Google Scholar 

  27. ENISA: Cloud computing: benefits, risks and recommendations for information security. The European Network and Information Security Agency (ENISA) (2009)

    Google Scholar 

Download references

Acknowledgements

The authors would like to thank Universiti Teknologi Malaysia (UTM) for supporting this work through the Tier 1 GUP Grant Scheme under Grant vote number Q.K130000.2538.14H18.

Author information

Authors and Affiliations

  1. Advanced Informatics Department, Razak Faculty of Technology and Informatics, Universiti Teknologi Malaysia, Kuala Lumpur, Malaysia

    Ganthan Narayana Samy, Sameer Hasan Albakri, Nurazean Maarop, Pritheega Magalingam & Doris Hooi-Ten Wong

  2. School of Engineering and Information Technology, Charles Darwin University, Casuarina, Australia

    Bharanidharan Shanmugam

  3. Faculty of Science and Technology, Universiti Sains Islam Malaysia, Nilai, Malaysia

    Sundresan Perumal

Authors
  1. Ganthan Narayana Samy
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Sameer Hasan Albakri
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Nurazean Maarop
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Pritheega Magalingam
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Doris Hooi-Ten Wong
    View author publications

    You can also search for this author in PubMed Google Scholar

  6. Bharanidharan Shanmugam
    View author publications

    You can also search for this author in PubMed Google Scholar

  7. Sundresan Perumal
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Ganthan Narayana Samy .

Editor information

Editors and Affiliations

  1. College of Computer Science and Engineering, Taibah University, Medina, Saudi Arabia

    Faisal Saeed

  2. Information Systems Department, Faculty of Computing, Universiti Teknologi Malaysia, Skudai, Malaysia

    Nadhmi Gazem

  3. Information Technology Department, Faculty of Engineering and Information Technology, Taiz University, Taiz, Yemen

    Fathey Mohammed

  4. Information Systems Department, Faculty of Computing, Universiti Teknologi Malaysia, Skudai, Malaysia

    Abdelsalam Busalim

Rights and permissions

Reprints and permissions

Copyright information

© 2019 Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Narayana Samy, G. et al. (2019). Novel Risk Assessment Method to Identify Information Security Threats in Cloud Computing Environment. In: Saeed, F., Gazem, N., Mohammed, F., Busalim, A. (eds) Recent Trends in Data Science and Soft Computing. IRICT 2018. Advances in Intelligent Systems and Computing, vol 843. Springer, Cham. https://doi.org/10.1007/978-3-319-99007-1_53

Download citation

Publish with us

Policies and ethics

Search

Navigation