International Journal of Scientific & Technology Research

Home About Us Scope Editorial Board Blog/Latest News Contact Us
10th percentile
Powered by  Scopus
Scopus coverage:
Nov 2018 to May 2020


IJSTR >> Volume 9 - Issue 1, January 2020 Edition

International Journal of Scientific & Technology Research  
International Journal of Scientific & Technology Research

Website: http://www.ijstr.org

ISSN 2277-8616

An Inside Attack Assessment Model For Infrastructure As A Service In Cloud Trust

[Full Text]



Jasdeep Singh, Manoj Kumar, Sukhwinder Singh Sran



Cloud Computing, Assessment Models, Security, Threats, Attacks.



In these days Cloud computing is providing us a suitable choice of computing and storage of the resources mainly for the business in which user “pay per usage”. But most of the organizations are not using the cloud due to the lack of the trust on the service provider. Nowadays data breaches in cloud services are also increasing year-by-year by the hackers which are trying to compromise the security of the cloud. In this work, we have performed a depth analysis of cloud trust models for the existing functional and non-functional aspects to accurately evaluate the trust of the cloud provider and the theory of assessment of the security level of insider threats. We describe the modelling methodology which captures several aspects of insider threats and shows threat assessment methodology to reveal the possible attack strategies of an insider.



[1] Te-Shun Chou, “Security threats on cloud computing vulnerabilities” International Journal of Computer Science & Information Technology (IJCSIT) Vol 5, No 3, 2013
[2] Mohammed M. Alani, “Securing the Cloud: Threats, Attacks and Mitigation Techniques” International Journal of Computer Science & Information Technology (IJCSIT) Vol 5, No 3, 2013
[3] Gerhard Eschelbeck et al. “Security Threat Report” Sophos and Sophos, 2012.
[4] Ramkumar.et.al, “Towards A Theory of Insider Threat Assessment”, IEEE International Conference on Dependable Systems and Networks 2005.
[5] Shital P. Adkine, “Security Analysis of Cloud Computing” International Journal of Computer Science and Informatics Vol 1, No 4, 2012
[6] Makhdoom Muhammad Naeem, et al. “An overview of virtualization and cloud computing” Science international Vol 4, No 28, 2016
[7] Seccombe A, et al. “Security guidance for critical areas of focus in cloud computing” v2.1. Cloud Security Alliance, 2009.
[8] Attanasio CR, “Virtual machines and data security” Proceedings of the workshop on virtual computer systems. USA: 1973. Pages. 206–209.
[9] Descher M, et al. “Retaining data control to the client in infrastructure clouds”. IEEE International conference on availability, reliability and security, 2009.
[10] Dan Hubbard, Websence “Top threats to cloud computing” Cloud security alliance Version 1.0, 2010
[11] Gonzales D et al. “Cloud-Trust - a Security Assessment Model for Infrastructure as a Service Clouds”, IEEE Transactions on Cloud Computing, 2015.
[12] Xiao Yong Li, Li Tao Zhou, Yong Shi, and Yu Guo, "A trusted computing environment model in cloud architecture," 9th International Conference on Machine Learning and Cybernetics (ICMLC), vol. 6, Qingdao, China, 2010, Pages. 2843-2848.
[13] Alessandro et al. “Report on Cloud Computing Security Risk Assessment. risk-assessment” The European Network and Information Security Agency, 2009
[14] Prasad Saripalli, et.al, “QUIRC: A Quantitative Impact and Risk Assessment Framework for Cloud Security” IEEE 3rd International Conference on Cloud Computing, 2010.
[15] Rizwana Shaikh et al. “Trust Model for Measuring Security Strength of Cloud Computing Service” International Conference on Advanced Computing Technologies and Applications, 2015
[16] Sudharsan Sundararajan et al. “Preventing Insider Attacks in the Cloud” Part I, CCIS 190, pp. 488–500, 2011.