TY - GEN
T1 - Measuring security for cloud service provider
T2 - 2013 International Conference on Electrical Information and Communication Technology, EICT 2013
AU - Whaiduzzaman, Md
AU - Gani, Abdullah
PY - 2014
Y1 - 2014
N2 - Cloud Computing (CC) is a new paradigm of utility computing and enormously growing phenomenon in the present IT industry hype. CC leverages low cost investment opportunity for the new business entrepreneur as well as business avenues for cloud service providers. As the number of the new Cloud Service Customer (CSC) increases, users require a secure, reliable and trustworthy Cloud Service Provider (CSP) from the market to store confidential data. However, a number of shortcomings in reliable monitoring and identifying security risks, threats are an immense concern in choosing the highly secure CSP for the wider cloud community. The secure CSP ranking system is currently a challenging aspect to gauge trust, privacy and security. In this paper, a Trusted Third Party (TTP) like credit rating agency is introduced for security ranking by identifying current assessable security risks. We propose an automated software scripting model by penetration testing for TTP to run on CSP side and identify the vulnerability and check security strength and fault tolerance capacity of the CSP. Using the results, several non-measurable metrics are added and provide the ranking system of secured trustworthy CSP ranking systems. Moreover, we propose a conceptual model for monitoring and maintaining such TTP cloud ranking providers worldwide called federated third party approach. Hence the model of federated third party cloud ranking and monitoring system assures and boosts up the confidence to make a feasible secure and trustworthy market of CSPs.
AB - Cloud Computing (CC) is a new paradigm of utility computing and enormously growing phenomenon in the present IT industry hype. CC leverages low cost investment opportunity for the new business entrepreneur as well as business avenues for cloud service providers. As the number of the new Cloud Service Customer (CSC) increases, users require a secure, reliable and trustworthy Cloud Service Provider (CSP) from the market to store confidential data. However, a number of shortcomings in reliable monitoring and identifying security risks, threats are an immense concern in choosing the highly secure CSP for the wider cloud community. The secure CSP ranking system is currently a challenging aspect to gauge trust, privacy and security. In this paper, a Trusted Third Party (TTP) like credit rating agency is introduced for security ranking by identifying current assessable security risks. We propose an automated software scripting model by penetration testing for TTP to run on CSP side and identify the vulnerability and check security strength and fault tolerance capacity of the CSP. Using the results, several non-measurable metrics are added and provide the ranking system of secured trustworthy CSP ranking systems. Moreover, we propose a conceptual model for monitoring and maintaining such TTP cloud ranking providers worldwide called federated third party approach. Hence the model of federated third party cloud ranking and monitoring system assures and boosts up the confidence to make a feasible secure and trustworthy market of CSPs.
KW - Cloud computing
KW - cloud security ranking
KW - cloud service provider
KW - trusted third party
UR - http://www.scopus.com/inward/record.url?scp=84899119272&partnerID=8YFLogxK
U2 - 10.1109/EICT.2014.6777855
DO - 10.1109/EICT.2014.6777855
M3 - Conference contribution
AN - SCOPUS:84899119272
SN - 9781479922994
T3 - 2013 International Conference on Electrical Information and Communication Technology, EICT 2013
BT - 2013 International Conference on Electrical Information and Communication Technology, EICT 2013
PB - IEEE Computer Society
Y2 - 13 February 2014 through 15 February 2014
ER -