Measuring Security for Applications Hosted in Cloud
Nitin Singh Chauhan, Ashutosh Saxena, J.V.R. Murthy1
1Nitin Singh Chauhan, Jawahar Lal Nehru Technological University, Kakinada, India.
2Dr. Ashutosh Saxena, CRRAO-AIMSCS, UoH Campus, Hyderabad, India.
3Dr. J.V.R Murthy, CSE Dept., Jawahar Lal Nehru Technological University, Kakinada, India.
Manuscript received on 15 August 2019 | Revised Manuscript received on 21 August 2019 | Manuscript published on 30 August 2019 | PP: 2957-2963 | Volume-8 Issue-10, August 2019 | Retrieval Number: J11250881019/2019©BEIESP | DOI: 10.35940/ijitee.J1125.0881019
Open Access | Ethics and Policies | Cite | Mendeley | Indexing and Abstracting
© The Authors. Blue Eyes Intelligence Engineering and Sciences Publication (BEIESP). This is an open access article under the CC-BY-NC-ND license (http://creativecommons.org/licenses/by-nc-nd/4.0/)
Abstract: Despite the numerous benefits of cloud computing, concerns around security, trust and privacy are holding back the cloud adoption. Lack of visibility and tangible measurement of the security posture of any cloud hosted application is a disadvantage to cloud service customers. Decision to migrate workloads on the Cloud requires thoughtful analysis about security implications and ability to measure the security controls after hosting. In this paper, we propose a framework to quantitatively measure different aspects of information security for Cloud applications. This framework has a system through which we can define applications specific controls, gather information on control implementation, calculate the security levels for applications and present them to stakeholders through dashboards. Framework also includes detailed method to quantify the security of a Cloud application considering different aspects of security, control criticalities, stakeholder responsibilities and cloud service models. System and method provide visibility to Cloud customer on the security posture of their cloud hosted applications.
Index Terms: Cloud, Security, Authentication, Privacy, Security Metrics.
Scope of the Article: Cloud, Sensor Cloud and Mobile Cloud Security