Home // ICN 2015, The Fourteenth International Conference on Networks // View article

Model for Cloud Computing Risk Analysis

Authors:
Paulo Fernando Silva
Carlos Becker Westphall
Carla Merkle Westphall
Mauro Marcelo Mattos

Keywords: ISO 27005; cloud computing; risk analysis;

Abstract:
Several risk analysis solutions have been proposed for cloud computing environments. But these solutions are usually centered on the Cloud Service Provider, have limited scope and do not consider the business requirements of the Cloud Consumer. These features reduce the reliability of the results of a cloud computing risk analysis. This paper proposes a model for cloud computing risk analysis in which responsibilities are not centered in the Cloud Service Provider. The proposed model makes the Cloud Consumer an active entity in risk analysis and includes the Information Security Laboratory entity. A prototype developed from the proposed model demonstrates performing a risk analysis in the cloud with shared responsibilities between the Cloud Service Provider, Cloud Consumer and Information Security Laboratory entities.

Pages: 140 to 146

Copyright: Copyright (c) IARIA, 2015

Publication date: April 19, 2015

Published in: conference

ISSN: 2308-4413

ISBN: 978-1-61208-398-8

Location: Barcelona, Spain

Dates: from April 19, 2015 to April 24, 2015