A Methodology for the Assessment of Security Risk in Cloud Computing

Abstract

Cloud computing has been one of the major emerging technologies in recent years. However, cloud computing presents an added level of risk because essential services are often outsourced to a third party, which makes it harder to maintain data security and privacy, support data and service availability, and demonstrate compliance. Moreover, cloud computing comprises of various technologies like virtualization, transaction management etc., so it also inherits their security issues. The cloud computing technology introduces new security risks that need to be assessed and mitigated. However, a traditional security risk assessment methodology is not suitable to cloud computing due to its several characteristics. Recently, several risk assessment methods and models have been proposed to assess the security risk in cloud computing. None of these methods is fully quantitative. Moreover, none of them are scenarios based to fit the dynamic nature of the cloud computing environment. Therefore, assessing the security risk in cloud computing is still an open research issue. In this thesis we present a scenario-based methodology to assess security risk in cloud computing. This methodology enables the provider to assess the security risk in cloud computing applications. This methodology is based on the National Institute of Standards and Technology (NIST) Risk Management Framework. In this framework the risk is derived by multiplying the ratings assigned for threat likelihood and the threat impact. We propose using Bayesian networks to determine the likelihood which enables us to compute the probability of failures over variables of interest given the evidence for the certain scenario of usage for the application. In addition, we propose two methods to specify the impact factor. The first is to categorize impact by expert assessment according to MIL-STD-882E standard severity categories. The second method is using the worst case sensitivity analysis to assess the threat impact. To validate the proposed methodology we use two case studies, the Ecommerce application, and a Live VM Migration scenario. As we compare the proposed method with the existing methods base on assessing risk in the dynamic scenarios. Furthermore, we apply security controls on a case study and the result show significant reduction in risk values and mitigation for significant risk.