An Architecture for Risk Analysis in Cloud

Silva, Paulo; Westphall, Carlos; Westphall, Carla; Mattos, Mauro; Santos, Daniel

Home // ICNS 2014, The Tenth International Conference on Networking and Services // View article

An Architecture for Risk Analysis in Cloud

Authors:
Paulo Silva
Carlos Westphall
Carla Westphall
Mauro Mattos
Daniel Santos

Keywords: cloud computing; information security; risk analysis

Abstract:
Cloud computing offers benefits in terms of availability and cost, but it transfers the responsibility of information security management to the cloud service provider. Thus, the consumer looses control over the security of their information and services. This factor has prevented the migration to cloud computing in many businesses. This paper proposes a model where the cloud consumer can perform risk analysis on providers before and after contracting the service. The proposed model establishes the responsibilities of three actors: Consumer, Provider and Security Labs. The inclusion of the Security Labs provides more credibility to risk analysis making the results more consistent for the consumer.

Pages: 29 to 33

Copyright: Copyright (c) IARIA, 2014

Publication date: April 20, 2014

Published in: conference

ISSN: 2308-4006

ISBN: 978-1-61208-330-8

Location: Chamonix, France

Dates: from April 20, 2014 to April 24, 2014