Threat modeling for cloud data center infrastructures

Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)

Volumn 10128 LNCS, Issue , 2017, Pages 302-319

  Alhebaishi, Nawaf ^a,b   Wang, Lingyu ^a   Jajodia, Sushil ^c   Singhal, Anoop ^d  

^a Concordia University ^*  (Canada)

^b KING ABDULAZIZ UNIVERSITY   (Saudi Arabia)

^c George Mason University   (United States)

^d NATIONAL INSTITUTE OF STANDARDS AND TECHNOLOGY   (United States)

Author keywords

[No Author keywords available]

Indexed keywords

FORESTRY; PLATFORM AS A SERVICE (PAAS);

CLOUD DATA CENTERS; CLOUD INFRASTRUCTURES; CLOUD PROVIDERS; CORRESPONDING SOLUTIONS; POTENTIAL THREATS; RAPID EXPANSION; SECURITY METRICS; TRADITIONAL DATA CENTERS;

TREES (MATHEMATICS);

EID: 85009446386     PISSN: 03029743     EISSN: 16113349     Source Type: Book Series    
DOI: 10.1007/978-3-319-51966-1_20     Document Type: Conference Paper

References (24)

1. National vulnerability database. http://www.nvd.org. Accessed 20 Feb 2015
2. National Institute of Standards and Technology: Cloud Computing Service Metrics Description (2015). http://www.nist.gov/itl/cloud/upload/RATAXCloudServiceMetricsDescription-DRAFT-20141111.pdf. Accessed 17 June 2015
3. Adler, B.: Google Compute Engine Performance Test with RightScale and Apica (2013). http://www.rightscale.com/blog/cloud-industry-insights/google-computeengine-performance-test-rightscale-and-apica. Accessed 26 March 2016
4. Bakshi, K.: Cisco cloud computing-data center strategy, architecture, and solutions (2009). http://www.cisco.com/web/strategy/docs/gov/CiscoCloudComputingWP.pdf
5. Barr, J.: Building three-tier architectures with security groups (2010). https://aws.amazon.com/blogs/aws/building-three-tier-architectures-with-security-groups/. Accessed 28 March 2016
6. Dahbur, K., Mohammad, B., Tarakji, A.B.: A survey of risks, threats and vulnerabilities in cloud computing. In: Proceedings of the 2011 International Conference on Intelligent Semantic Web-Services and Applications, ISWSA 2011, New York, NY, USA, pp. 12: 1-12: 6. ACM (2011)
7. Dewri, R., Ray, I., Poolsappasit, N., Whitley, D.: Optimal security hardening on attack tree models of networks: a cost-benefit analysis. Int. J. Inf. Secur. 11(3), 167-188 (2012)
8. Edge, K.S., Dalton, G.C., Raines, R.A., Mills, R.F.: Using attack and protection trees to analyze threats and defenses to homeland security. In: MILCOM 2006-2006 IEEE Military Communications conference, pp. 1-7, October 2006
9. Frigault, M., Wang, L.: Measuring network security using Bayesian network-based attack graphs. In: 32nd Annual IEEE International Computer Software and Applications, COMPSAC 2008, pp. 698-703, July 2008
10. Grobauer, B., Walloschek, T., Stöcker, E.: Understanding cloud computing vulnerabilities. IEEE Secur. Priv. 9(2), 50-57 (2011)
11. Gruschka, N., Jensen, M.: Attack surfaces: a taxonomy for attacks on cloud services. In: 2010 IEEE 3rd International Conference on Cloud Computing, pp. 276-279, July 2010
12. Hany, M.: VMware VSphere in the Enterprise. http://www.hypervizor.com/diags/HyperViZor-Diags-VMW-vS4-Enterprise-v1-0.pdf. Accessed 05 Feb 2015
13. Ingalsbe, J.A., Shoemaker, D., Mead, N.R.: Threat modeling the cloud computing, mobile device toting, consumerized enterprise-an overview of considerations. In: AMCIS (2011)
14. Luna, J., Ghani, H., Germanus, D., Suri, N.: A security metrics framework for the cloud. In: 2011 Proceedings of the International Conference on Security and Cryptography (SECRYPT), pp. 245-250, July 2011
15. Manadhata, P., Wing, J.: An attack surface metric. IEEE Trans. Softw. Eng. 37(3), 371-386 (2011)
16. Mell, P., Scarfone, K., Romanosky, S.: Common vulnerability scoring system. IEEE Secur. Priv. 4(6), 85-89 (2006)
17. Openstack. Openstack Operations Guide. http://docs.openstack.org/openstackops/content/openstack-ops preface.html. Accessed 27 Aug 2015
18. Ray, I., Poolsapassit, N.: Using attack trees to identify malicious attacks from authorized insiders. In: Vimercati, S.C., Syverson, P., Gollmann, D. (eds.) ESORICS 2005. LNCS, vol. 3679, pp. 231-246. Springer, Heidelberg (2005). doi:10.1007/11555827_14
19. Saripalli, P., Walters, B.: Quirc: a quantitative impact and risk assessment framework for cloud security. In: 2010 IEEE 3rd International Conference on Cloud Computing, pp. 280-288, July 2010
20. Schneier, B.: Attack trees. Dr. Dobb’s J. 24(12), 21-29 (1999)
21. Shaikh, F.B., Haider, S.: Security threats in cloud computing. In: 2011 International Conference for Internet Technology and Secured Transactions (ICITST), pp. 214-219, December 2011
22. Sheyner, O., Haines, J., Jha, S., Lippmann, R., Wing, J.M.: Automated generation and analysis of attack graphs. In: Proceedings of the 2002 IEEE Symposium on Security and Privacy, pp. 273-284 (2002)
23. Squillace, R.: Azure infrastructure services implementation guidelines (2015). https://azure.microsoft.com/en-us/documentation/articles/virtual-machineslinux-infrastructure-service-guidelines/. Accessed 28 March 2016
24. Wang, L., Islam, T., Long, T., Singhal, A., Jajodia, S.: An attack graph-based probabilistic security metric. In: Atluri, V. (ed.) DBSec 2008. LNCS, vol. 5094, pp. 283-296. Springer, Heidelberg (2008). doi:10.1007/978-3-540-70567-3_22