THE ASSESSMENT OF RISKS IN PUBLIC CLOUD ENVIRONMENT BY DEVELOPING MULTINOMINAL LOGISTIC REGRESSION MODEL
Main Article Content
Abstract
The public cloud information infrastructure is getting increasing complex and well-connected which, in parallel, increases the risks to the cloud assets. Hence it becomes the need of the hour to identify, analyze and mitigate the risks towards the information security systems and the data associated with it. In the current research work, a quantitative information security risk analysis methodology is proposed for public clouds. In the existing methodology, enterprises follow two approaches such as consolidated and detailed approach towards information security in which the former computes risk as single value for every asset, whereas, the threat-vulnerability pair responsible for a risk is identified and a risk factor corresponding to each security property for every asset is computed in latter approach. In the proposed methodology, the assets in the public cloud are studied in which the consolidated approach is used to find the risk factor of each of these assets. The assets are classified into three different risk zones namely high, medium and low risk zone. In case of high-risk assets, it becomes mandatory for the management to install high cost infrastructure to overcome the risk. For medium-risk assets, proper auditing and ensuring all policies, guidelines and procedures in place may reduce risks. For low-risk assets, there is no such need to invest much from the management.
Downloads
Download data is not yet available.
Article Details
Section
Articles
COPYRIGHT
Submission of a manuscript implies: that the work described has not been published before, that it is not under consideration for publication elsewhere; that if and when the manuscript is accepted for publication, the authors agree to automatic transfer of the copyright to the publisher.
Authors who publish with this journal agree to the following terms:
- Authors retain copyright and grant the journal right of first publication with the work simultaneously licensed under a Creative Commons Attribution License that allows others to share the work with an acknowledgment of the work's authorship and initial publication in this journal.
- Authors are able to enter into separate, additional contractual arrangements for the non-exclusive distribution of the journal's published version of the work (e.g., post it to an institutional repository or publish it in a book), with an acknowledgment of its initial publication in this journal.
- Authors are permitted and encouraged to post their work online (e.g., in institutional repositories or on their website) prior to and during the submission process, as it can lead to productive exchanges, as well as earlier and greater citation of published work
- The journal allows the author(s) to retain publishing rights without restrictions.
- The journal allows the author(s) to hold the copyright without restrictions.