Home > Research > Publications & Outputs > AHP-based quantitative approach for assessing a...

Links

Text available via DOI:

View graph of relations

AHP-based quantitative approach for assessing and comparing cloud security

Research output: Contribution in Book/Report/Proceedings - With ISBN/ISSNConference contribution/Paper

Published

Standard

AHP-based quantitative approach for assessing and comparing cloud security. / Taha, A.; Trapero, R.; Luna, J.; Suri, Neeraj.

2014 IEEE 13th International Conference on Trust, Security and Privacy in Computing and Communications. IEEE, 2014. p. 284-291.

Research output: Contribution in Book/Report/Proceedings - With ISBN/ISSNConference contribution/Paper

Harvard

Taha, A, Trapero, R, Luna, J & Suri, N 2014, AHP-based quantitative approach for assessing and comparing cloud security. in 2014 IEEE 13th International Conference on Trust, Security and Privacy in Computing and Communications. IEEE, pp. 284-291. https://doi.org/10.1109/TrustCom.2014.39

APA

Taha, A., Trapero, R., Luna, J., & Suri, N. (2014). AHP-based quantitative approach for assessing and comparing cloud security. In 2014 IEEE 13th International Conference on Trust, Security and Privacy in Computing and Communications (pp. 284-291). IEEE. https://doi.org/10.1109/TrustCom.2014.39

Vancouver

Taha A, Trapero R, Luna J, Suri N. AHP-based quantitative approach for assessing and comparing cloud security. In 2014 IEEE 13th International Conference on Trust, Security and Privacy in Computing and Communications. IEEE. 2014. p. 284-291 https://doi.org/10.1109/TrustCom.2014.39

Author

Taha, A. ; Trapero, R. ; Luna, J. ; Suri, Neeraj. / AHP-based quantitative approach for assessing and comparing cloud security. 2014 IEEE 13th International Conference on Trust, Security and Privacy in Computing and Communications. IEEE, 2014. pp. 284-291

Bibtex

@inproceedings{b10aa6f7a9144134a747f215a5e03d45,
title = "AHP-based quantitative approach for assessing and comparing cloud security",
abstract = "While Cloud usage increasingly involves security considerations, there is still a conspicuous lack of techniques for users to assess/ensure that the security level advertised by the Cloud Service Provider (CSP) is actually delivered. Recent efforts have proposed extending existing Cloud Service Level Agreements (SLAs) to the security domain, by creating Security SLAs (SecLAs) along with attempts to quantify and reason about the security assurance provided by CSPs. However, both technical and usability issues limit their adoption in practice. In this paper we introduce a new technique for conducting quantitative and qualitative analysis of the security level provided by CSPs. Our methodology significantly improves upon contemporary security assessment approaches by creating a novel decision making technique based on the Analytic Hierarchy Process (AHP) that allows the comparison and benchmarking of the security provided by a CSP based on its SecLA. Furthermore, our technique improves security requirements specifications by introducing a flexible and simple methodology that allows users to identify their specific security needs. The proposed technique is demonstrated with real-world CSP data obtained from the Cloud Security Alliance's Security, Trust and Assurance Registry. {\textcopyright} 2014 IEEE.",
keywords = "Analytic hierarchy process, Decision making, Distributed database systems, Hierarchical systems, Analytic hierarchy process (ahp), Cloud service providers, Quantitative and qualitative analysis, Quantitative approach, Security assessment, Security assurance, Security considerations, Security requirements, Secure communication",
author = "A. Taha and R. Trapero and J. Luna and Neeraj Suri",
year = "2014",
month = sep,
day = "24",
doi = "10.1109/TrustCom.2014.39",
language = "English",
pages = "284--291",
booktitle = "2014 IEEE 13th International Conference on Trust, Security and Privacy in Computing and Communications",
publisher = "IEEE",

}

RIS

TY - GEN

T1 - AHP-based quantitative approach for assessing and comparing cloud security

AU - Taha, A.

AU - Trapero, R.

AU - Luna, J.

AU - Suri, Neeraj

PY - 2014/9/24

Y1 - 2014/9/24

N2 - While Cloud usage increasingly involves security considerations, there is still a conspicuous lack of techniques for users to assess/ensure that the security level advertised by the Cloud Service Provider (CSP) is actually delivered. Recent efforts have proposed extending existing Cloud Service Level Agreements (SLAs) to the security domain, by creating Security SLAs (SecLAs) along with attempts to quantify and reason about the security assurance provided by CSPs. However, both technical and usability issues limit their adoption in practice. In this paper we introduce a new technique for conducting quantitative and qualitative analysis of the security level provided by CSPs. Our methodology significantly improves upon contemporary security assessment approaches by creating a novel decision making technique based on the Analytic Hierarchy Process (AHP) that allows the comparison and benchmarking of the security provided by a CSP based on its SecLA. Furthermore, our technique improves security requirements specifications by introducing a flexible and simple methodology that allows users to identify their specific security needs. The proposed technique is demonstrated with real-world CSP data obtained from the Cloud Security Alliance's Security, Trust and Assurance Registry. © 2014 IEEE.

AB - While Cloud usage increasingly involves security considerations, there is still a conspicuous lack of techniques for users to assess/ensure that the security level advertised by the Cloud Service Provider (CSP) is actually delivered. Recent efforts have proposed extending existing Cloud Service Level Agreements (SLAs) to the security domain, by creating Security SLAs (SecLAs) along with attempts to quantify and reason about the security assurance provided by CSPs. However, both technical and usability issues limit their adoption in practice. In this paper we introduce a new technique for conducting quantitative and qualitative analysis of the security level provided by CSPs. Our methodology significantly improves upon contemporary security assessment approaches by creating a novel decision making technique based on the Analytic Hierarchy Process (AHP) that allows the comparison and benchmarking of the security provided by a CSP based on its SecLA. Furthermore, our technique improves security requirements specifications by introducing a flexible and simple methodology that allows users to identify their specific security needs. The proposed technique is demonstrated with real-world CSP data obtained from the Cloud Security Alliance's Security, Trust and Assurance Registry. © 2014 IEEE.

KW - Analytic hierarchy process

KW - Decision making

KW - Distributed database systems

KW - Hierarchical systems

KW - Analytic hierarchy process (ahp)

KW - Cloud service providers

KW - Quantitative and qualitative analysis

KW - Quantitative approach

KW - Security assessment

KW - Security assurance

KW - Security considerations

KW - Security requirements

KW - Secure communication

U2 - 10.1109/TrustCom.2014.39

DO - 10.1109/TrustCom.2014.39

M3 - Conference contribution/Paper

SP - 284

EP - 291

BT - 2014 IEEE 13th International Conference on Trust, Security and Privacy in Computing and Communications

PB - IEEE

ER -