Abstract
Cloud security is very challenging and is becoming a research hot topic. Thus, the adoption of the security assessment would be the key to evaluate and to enhance the cloud security level. The security assessment can be quantitative or qualitative. This paper proposes a cloud security quantitative assessment (CSQA) model. This proposed model evaluates the security of any cloud service (XaaS) exposed to attacks and vulnerabilities affecting its quality and specially its availability. It is based on mobile agent and web service interaction framework.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Cloud Adoption Practices & Priorities Survey Report. https://downloads.cloudsecurityalliance.org/initiatives/surveys/capp/Cloud_Adoption_Practices_Priorities_Survey_Final.pdf. Accessed 16 Feb 2016
Endsley, M.R.: Design and evaluation for situation awareness enhancement. In: Human Factors Society, 32nd Annual Meeting, Santa Monica, CA (1988)
Bass, T., et al.: A glimpse into the future of ID. http://www.usenix.org/publications/login/1999-9/features/future.html
Chen, X.Z., et al.: Quantitative hierarchical threat evaluation model for network security. J. Softw. 17(4), 885–897 (2006)
Jibao, L., et al.: Study of network security situation awareness model based on simple additive weight and grey theory. IEEE (2006)
Yong, Z., Xiaobin, T., Hongsheng, X.: A novel approach to network security situation awareness based on multiperspective analysis. In: 2007 International Conference on Computational Intelligence and Security, pp. 768–772. IEEE, December 2007
Xiaorong, C., Su, L., Mingxuan, L.: Research of network security situational assessment quantization based on mobile agent. Phys. Procedia 25, 1701–1707 (2012)
Dastjerdi, A.V., Bakar, K.A., Tabatabaei, S.G.H.: Distributed intrusion detection in clouds using mobile agents. In: 3rd International Conference on Advanced Engineering Computing and Applications in Sciences (2009)
Toumi, H., Eddaoui, A., Talea, M.: Cooperative intrusion detection system framework using mobile agents for cloud computing. J. Theor. Appl. Inf. Technol. 70(1) (2014)
Doelitzscher, F., et al.: An agent based business aware incident detection system for cloud environments. J. Cloud Comput. 1(1) (2012)
Zargar, S.T., Takabi, H., Joshi, J.B.D.: DCDIDP: a distributed, collaborative, and data-driven intrusion detection and prevention framework for cloud computing environments. In: International Conference on Collaborative Computing: Networking, Applications and Worksharing (CollaborateCom), Orlando, Florida (2011)
Kamongi, P., et al.: Vulcan: vulnerability assessment framework for cloud computing. In: 7th International Conference on Software Security and Reliability (SERE). IEEE (2013)
Saripalli, P., Walters, B.: QUIRC: a quantitative impact and risk assessment framework for cloud security. In: 2010 IEEE 3rd International Conference on Cloud Computing (CLOUD). IEEE (2010)
Albakri, S.H., et al.: Security risk assessment framework for cloud computing environments. Secur. Commun. Netw. 7(11), 2114–2124 (2014)
Sen, A., Madria, S.: Off-line risk assessment of cloud service provider. In: 2014 IEEE World Congress on Services (SERVICES). IEEE (2014)
Mell, P., Grance, T.: The NIST definition of cloud computing. NIST Special Publication 800–145 (Draft) (2011). Accessed 11 Oct 2015
Schaffer, H.E.: X as a service, cloud computing, and the need for good judgment. IT Prof. 11(5), 4–5 (2009)
DoD Directive 3600.1, Information Operations, December 1996
Lange, D., Oshima, M.: Seven good reasons for mobile agents. Commun. ACM (1999)
Lemahieu, W.: Web service description, advertising and discovery: WSDL and beyond. In: Vandenbulcke, J., Snoeck, M. (eds.) Leuven University Press (2001)
Khaldi, A., Karoui, K., Tanabene, N., Ben Ghzala, H.: A secure cloud computing architecture design. In: 2nd IEEE International Conference on Mobile Cloud Computing, Services, and Engineering (MobileCloud), pp. 289–294. IEEE (2014)
Snort, January 2016. http://www.snort.org/
Aglet, January 2016. http://aglets.sourceforge.net/
Ben Ftima, F., Karoui, K.: Interaction mobile agents - web services. In: Encyclopedia of Multimedia Technology and Networking, 2 edn., pp. 717–725 (2007)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2016 Springer International Publishing AG
About this paper
Cite this paper
Khaldi, A., Karoui, K., Ben Ghezala, H. (2016). Cloud Security Quantitative Assessment Based on Mobile Agent and Web Service Interaction. In: Boumerdassi, S., Renault, É., Bouzefrane, S. (eds) Mobile, Secure, and Programmable Networking. MSPN 2016. Lecture Notes in Computer Science(), vol 10026. Springer, Cham. https://doi.org/10.1007/978-3-319-50463-6_13
Download citation
DOI: https://doi.org/10.1007/978-3-319-50463-6_13
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-50462-9
Online ISBN: 978-3-319-50463-6
eBook Packages: Computer ScienceComputer Science (R0)