Welcome to the InfoSci Platform
Reference Hub9
A Goal-Driven Risk Management Approach to Support Security and Privacy Analysis of Cloud-Based System

A Goal-Driven Risk Management Approach to Support Security and Privacy Analysis of Cloud-Based System

Shareeful Islam, Haralambos Mouratidis, Edgar R. Weippl
Copyright: © 2013 |Pages: 26
ISBN13: 9781466621251|ISBN10: 1466621257|EISBN13: 9781466621268
DOI: 10.4018/978-1-4666-2125-1.ch006
Cite Chapter Cite Chapter

MLA

Islam, Shareeful, et al. "A Goal-Driven Risk Management Approach to Support Security and Privacy Analysis of Cloud-Based System." Security Engineering for Cloud Computing: Approaches and Tools, edited by David G. Rosado, et al., IGI Global, 2013, pp. 97-122. https://doi.org/10.4018/978-1-4666-2125-1.ch006

APA

Islam, S., Mouratidis, H., & Weippl, E. R. (2013). A Goal-Driven Risk Management Approach to Support Security and Privacy Analysis of Cloud-Based System. In D. Rosado, D. Mellado, E. Fernandez-Medina, & M. Piattini (Eds.), Security Engineering for Cloud Computing: Approaches and Tools (pp. 97-122). IGI Global. https://doi.org/10.4018/978-1-4666-2125-1.ch006

Chicago

Islam, Shareeful, Haralambos Mouratidis, and Edgar R. Weippl. "A Goal-Driven Risk Management Approach to Support Security and Privacy Analysis of Cloud-Based System." In Security Engineering for Cloud Computing: Approaches and Tools, edited by David G. Rosado, et al., 97-122. Hershey, PA: IGI Global, 2013. https://doi.org/10.4018/978-1-4666-2125-1.ch006

Export Reference

Mendeley
Favorite

Abstract

Cloud Computing is a rapidly evolving paradigm that is radically changing the way humans use their computers. Despite the many advantages, such as economic benefit, a rapid elastic resource pool, and on-demand service, the paradigm also creates challenges for both users and providers. There are issues, such as unauthorized access, loss of privacy, data replication, and regulatory violation that require adequate attention. A lack of appropriate solutions to such challenges might cause risks, which may outweigh the expected benefits of using the paradigm. In order to address the challenges and associated risks, a systematic risk management practice is necessary that guides users to analyze both benefits and risks related to cloud based systems. In this chapter the authors propose a goal-driven risk management modeling (GSRM) framework to assess and manage risks that supports analysis from the early stages of the cloud-based systems development. The approach explicitly identifies the goals that the system must fulfill and the potential risk factors that obstruct the goals so that suitable control actions can be identified to control such risks. The authors provide an illustrative example of the application of the proposed approach in an industrial case study where a cloud service is deployed to share data amongst project partners.

Request Access

You do not own this content. Please login to recommend this title to your institution's librarian or purchase it from the IGI Global bookstore.